CVSSv3 February 2019info

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

C3BM Index »

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedBaseVDBNVDVendResVulnerabilityCTICVE
02/28/20195.44.36.5
 
 
Asterisk Open Source integer overflow0.09CVE-2019-7251
02/28/20198.57.39.8
 
 
baigo CMS opt_base.inc.php code injection0.05CVE-2019-9227
02/28/20195.75.36.1
 
 
baigo CMS Persistent cross site scripting0.06CVE-2019-9226
02/28/20199.89.89.8
 
 
Live555 parseAuthorizationHeader input validation0.00CVE-2019-9215
02/28/20195.94.37.5
 
 
Wireshark RPCAP Dissector packet-rpcap.c null pointer dereference0.01CVE-2019-9214
02/28/20196.96.37.5
 
 
Wireshark ASN.1 BER Dissector packet-ber.c memory corruption0.08CVE-2019-9209
02/28/20195.94.37.5
 
 
Wireshark TCAP Dissector tcap.cnf null pointer dereference0.00CVE-2019-9208
02/28/20197.57.37.8
 
 
Cscape POC File input validation0.05CVE-2019-6555
02/28/20197.47.37.5
 
 
Pangea Communications Internet FAX ATA User Authentication improper authentication0.04CVE-2019-6551
02/28/20195.45.35.5
 
 
Delta Industrial Automation CNCSoft/CNCSoft ScreenEditor out-of-bounds read0.00CVE-2019-6547
02/28/20195.65.35.9
 
 
McAfee Agent Remote Logging information disclosure0.05CVE-2019-3599
02/28/20195.35.35.3
 
 
McAfee gent memory corruption0.01CVE-2019-3598
02/28/20196.55.37.8
 
 
McAfee Endpoint Security Microsoft Windows Client access control0.06CVE-2019-3582
02/28/20194.43.35.5
 
 
Google Android Privileges iomem information disclosure0.05CVE-2019-2001
02/28/20196.55.37.8
 
 
Google Android binder.c use after free0.00CVE-2019-2000
02/28/20197.87.87.8
 
 
Google Android binder_alloc.c binder_alloc_free_page double free0.04CVE-2019-1999
02/28/20195.55.55.5
 
 
Google Android keymaster_app.c event_handler resource consumption0.04CVE-2019-1998
02/28/20197.47.37.5
 
 
Google Android Wireless random.c random_get_bytes random values0.07CVE-2019-1997
02/28/20196.46.36.5
 
 
Google Android avrc_pars_ct.cc avrc_pars_browse_rsp out-of-bounds read0.01CVE-2019-1996
02/28/20194.94.35.5
 
 
Google Android Email Attachment ComposeActivityEmail.java ComposeActivityEmail information disclosure0.00CVE-2019-1995
02/28/20197.56.38.8
 
 
Google Android Development Settings DevelopmentTiles.java access control0.04CVE-2019-1994
02/28/20197.87.87.8
 
 
Google Android btif_hd.cc register_app integer overflow0.00CVE-2019-1993
02/28/20198.28.87.5
 
 
Google Android bta_hl_main.cc bta_hl_sdp_query_results race condition0.00CVE-2019-1992
02/28/20198.88.88.8
 
 
Google Android btif_core.cc btif_dm_data_copy memory corruption0.00CVE-2019-1991
02/28/20198.88.88.8
 
 
Google Android System_server SkSwizzler.cpp sample6 out-of-bounds write0.01CVE-2019-1988
02/28/20197.57.37.8
 
 
Google Android SkSwizzler.cpp onSetSampleX out-of-bounds write0.04CVE-2019-1987
02/28/20197.56.38.8
 
 
Google Android System_server SkSwizzler.cpp onSetSampleX out-of-bounds write0.06CVE-2019-1986
02/28/20197.05.38.8
 
 
Cisco Webex Meetings Desktop App Update Service os command injection0.05CVE-2019-1674
02/28/20198.57.39.8
 
 
Cisco RV110W Wireless-N VPN Firewall Web-based Management Interface input validation0.00CVE-2019-1663
02/28/20196.46.36.5
 
 
Mozilla Firefox/Firefox ESR/Thunderbird origin validation0.04CVE-2018-18499

Do you want to use VulDB in your project?

Use the official API to access entries easily!