CVSSv3 02/07/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1306905.55.5
 
 
 
Apple iOS Live Photos in FaceTime unknown vulnerabilityCVE-2019-7288
1306898.79.67.8
 
 
Apple iOS IOKit memory corruptionCVE-2019-7287
1306887.06.37.8
 
 
Apple iOS Foundation memory corruptionCVE-2019-7286
1306648.57.39.8
 
 
Bo-blog Wind delBlockedBatch sql injectionCVE-2019-7587
1306638.57.39.8
 
 
Waimai Super CMS PublicAction.class.php Time-Based sql injectionCVE-2019-7585
1306628.07.38.8
 
 
libming read.c readBytes memory corruptionCVE-2019-7582
1306618.07.38.8
 
 
libming parser.c parseSWF_ACTIONRECORD memory corruptionCVE-2019-7581
1306607.56.38.8
 
 
ThinkCMF addpost.html PHP Code Execution privilege escalationCVE-2019-7580
1306597.56.38.8
 
 
Simple DirectMedia Layer SDL_wave.c InitIMA_ADPCM Heap-based memory corruptionCVE-2019-7578
1306587.56.38.8
 
 
Simple DirectMedia Layer SDL_wave.c SDL_LoadWAV_RW memory corruptionCVE-2019-7577
1306577.56.38.8
 
 
Simple DirectMedia Layer SDL_wave.c InitMS_ADPCM Heap-based memory corruptionCVE-2019-7576
1306567.56.38.8
 
 
Simple DirectMedia Layer SDL_wave.c MS_ADPCM_decode Heap-based memory corruptionCVE-2019-7575
1306557.56.38.8
 
 
Simple DirectMedia Layer SDL_wave.c IMA_ADPCM_decode Heap-based memory corruptionCVE-2019-7574
1306547.56.38.8
 
 
Simple DirectMedia Layer SDL_wave.c InitMS_ADPCM Heap-based memory corruptionCVE-2019-7573
1306537.56.38.8
 
 
Simple DirectMedia Layer SDL_wave.c IMA_ADPCM_nibble memory corruptionCVE-2019-7572
1306526.46.36.5
 
 
PbootCMS cross site request forgeryCVE-2019-7570
1306517.56.38.8
 
 
DOYO cross site request forgeryCVE-2019-7569
1306508.57.39.8
 
 
baijiacms Time-Based sql injectionCVE-2019-7568
1306495.44.76.1
 
 
Waimai Super CMS cross site scriptingCVE-2019-7567
1306487.56.38.8
 
 
CSZ CMS add cross site request forgeryCVE-2019-7566
1306475.96.35.5
 
 
Boolector btorsmt2.c btor_delete Use-After-Free memory corruptionCVE-2019-7560
1306465.45.35.5
 
 
Boolector Btor2Tools btor2parser.c Out-of-Bounds memory corruptionCVE-2019-7559
1306455.35.35.3
 
 
Gurock TestRail Backend index.php Path information disclosureCVE-2019-7535
1306428.57.39.8
 
 
Websense Forcepoint User ID Service Port 5001 Remote Code ExecutionCVE-2019-6139
1306417.55.39.8
 
 
IBM API Connect Access Token Log information disclosureCVE-2019-4008
1306406.55.37.8
 
 
Dell EMC VNX2 OE for File VNX Control Station OS Command Injection privilege escalationCVE-2019-3704
1306395.87.34.3
 
 
Cisco Webex Business Suite spoofingCVE-2019-1680
1306385.76.35.0
 
 
Cisco TelePresence Conductor Web Interface Server-Side Request ForgeryCVE-2019-1679
1306374.34.34.3
 
 
Cisco Meeting Server Session Initiation Protocol denial of serviceCVE-2019-1678
1306364.34.04.6
 
 
Cisco WebEx Meetings Application cross site scriptingCVE-2019-1677
1306356.45.37.5
 
 
Cisco Aironet Active Sensor Default Configuration Restart denial of serviceCVE-2019-1675
1306345.75.36.1
 
 
Cisco FirePOWER Management Center Web-based Management Interface cross site scriptingCVE-2019-1671
1306335.75.36.1
 
 
Cisco Unified Intelligence Center Web-based Management Interface cross site scriptingCVE-2019-1670
1306325.75.36.1
 
 
Cisco TelePresence Management Suite Web-based Management Interface cross site scriptingCVE-2019-1661
1306316.37.35.3
 
 
Cisco TelePresence Management Suite SOAP privilege escalationCVE-2019-1660
1306305.36.34.3
 
 
IBM DataPower Gateway Message Injection spoofingCVE-2018-1666
1306296.55.67.5
 
 
Apache Guacamole Cookie Flag weak encryptionCVE-2018-1340
1306285.35.3
 
 
 
Apache Hadoop HDFS information disclosureCVE-2018-1296
1305785.24.36.1
 
 
Pie Chart Panel Plugin Legend Data cross site scriptingCVE-2015-9282

Do you want to use VulDB in your project?

Use the official API to access entries easily!