CVSSv3 01/03/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1494598.06.39.8
 
 
Adobe Acrobat Reader Type Confusion memory corruption0.00CVE-2019-7131
1299397.56.38.8
 
 
Adobe Acrobat Reader Bypass privilege escalation0.00CVE-2018-16018
1299387.56.38.8
 
 
Adobe Acrobat Reader Use-After-Free memory corruption0.00CVE-2018-16011
1286986.25.37.1
 
 
Foxit Reader/PhantomPDF tiff Parser Out-of-Bounds memory corruption0.00CVE-2019-5007
1286974.43.35.5
 
 
Foxit Reader/PhantomPDF PDF Parser NULL Pointer Dereference denial of service0.00CVE-2019-5006
1286964.43.35.5
 
 
Foxit Reader/PhantomPDF Image Data Crash denial of service0.00CVE-2019-5005
1286959.18.310.0
 
 
Zoho ManageEngine ADSelfService Plus Server-Side Request Forgery0.00CVE-2019-3905
1286944.44.44.4
 
 
Linux Kernel CAN Frame gw.c can_can_gw_rcv Crash denial of service0.00CVE-2019-3701
1286936.55.37.8
 
 
Sqla_yaml_fixtures sqla_yaml_fixtures.load Code Execution0.00CVE-2019-3575
1286925.24.36.1
 
 
Technicolor MediaAccess TG789vac v2 HP Admin Web Interface cross site scripting0.06CVE-2018-8827
1286916.85.68.1
 
 
Webroot BrightCloud SDK Header bc_http_read_header Code Execution memory corruption0.00CVE-2018-4012
1286904.43.35.5
 
 
Telegram Secret Chat Stored information disclosure0.00CVE-2018-3986
1286898.57.39.8
 
 
Zoho ManageEngine ADSelfService Plus Product License XML External Entity0.00CVE-2018-20664
1286884.43.55.4
 
 
Reporting Addon Persistent cross site scripting0.00CVE-2018-20663
1286875.44.36.5
 
 
Poppler PDF File PDFDoc.cc setup Crash denial of service0.00CVE-2018-20662
1286868.57.39.8
 
 
EPON CPE-WiFi Privileges privilege escalation0.00CVE-2018-20512
1286857.56.38.8
 
 
Dolibarr card.php sql injection0.00CVE-2018-19998
1286844.84.35.4
 
 
Dolibarr card.php Stored cross site scripting0.00CVE-2018-19995
1286837.56.38.8
 
 
Dolibarr card.php sql injection0.00CVE-2018-19994
1286825.75.36.1
 
 
Dolibarr notice.php Reflected cross site scripting0.00CVE-2018-19993
1286814.84.35.4
 
 
Dolibarr type.php Stored cross site scripting0.00CVE-2018-19992
1286808.57.39.8
 
 
MiniShare memory corruption0.00CVE-2018-19862
1286798.57.39.8
 
 
MiniShare memory corruption0.00CVE-2018-19861
1286787.86.69.1
 
 
Rhymix CMS SVG Server-Side Request Forgery0.00CVE-2018-19601
1286773.62.44.8
 
 
Rhymix CMS SVG cross site scripting0.00CVE-2018-19600
1286765.45.35.5
 
 
DriverAgent Driver DrvAgent64.sys memory corruption0.00CVE-2018-19523
1286758.57.39.8
 
 
Plikli CMS join_group.php sql injection0.00CVE-2018-19415
1286745.75.36.1
 
 
Plikli CMS groups.php cross site scripting0.00CVE-2018-19414
1286737.47.37.5
 
 
Stripe API v1 Access Restriction tokens privilege escalation0.10CVE-2018-19249
1286725.24.36.1
 
 
ABB Pluto Safety PLC Gateway Ethernet GATE-E2 Administrative Web Interface cross site scripting0.00CVE-2018-18997
1286718.57.39.8
 
 
ABB Pluto Safety PLC Gateway Ethernet GATE-E2 Telnet/Web weak authentication0.00CVE-2018-18995
1286705.75.36.1
 
 
Vivotek Network Camera syslog.html cross site scripting0.00CVE-2018-18244
1286695.75.36.1
 
 
Vivotek Network Camera event_script.js cross site scripting0.00CVE-2018-18005
1286686.37.35.3
 
 
Vivotek Network Camera mod_inetd.cgi privilege escalation0.00CVE-2018-18004
1286678.06.39.8
 
 
FreeBSD bootp Stack-based memory corruption0.00CVE-2018-17161
1286665.45.35.5
 
 
Red Hat Enterprise Linux Linux Kernel memcpy_fromiovecend() memory corruption0.00CVE-2018-16885
1286657.56.38.8
 
 
Linux Kernel KVM Hypervisor nested_get_vmcs12_pages() Use-After-Free memory corruption0.00CVE-2018-16882
1286648.57.39.8
 
 
Ansible Tower Secure Channel weak encryption0.00CVE-2018-16879
1286636.45.37.5
 
 
Ansible vvv+ Mode information disclosure0.00CVE-2018-16876
1286626.67.35.9
 
 
wolfSSL TLS Bleichenbacher weak encryption0.00CVE-2018-16870

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!