CVSSv3 March 2019info

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

C3BM Index »

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedBaseVDBNVDVendResVulnerabilityCTICVE
03/31/20197.57.57.5
 
 
Domoticz End of Line crlf injection0.05CVE-2019-10678
03/31/20194.34.3
 
 
 
WordPress PNG File exif_imagetype Path information disclosure0.08CVE-2019-10675
03/31/20199.89.89.8
 
 
libmysofa Calculation btree.c treeRead input validation0.09CVE-2019-10672
03/31/20198.57.39.8
 
 
Domoticz WebServer.cpp GetFloorplanImage sql injection0.00CVE-2019-10664
03/30/20197.56.38.8
 
 
Grandstream UCM6204 API listCodeblueGroup sql injection0.00CVE-2019-10663
03/30/20197.56.38.8
 
 
Grandstream UCM6204 command injection0.06CVE-2019-10662
03/30/20199.89.89.8
 
 
Grandstream GXV3611IR_HD Empty credentials management0.13CVE-2019-10661
03/30/20197.56.38.8
 
 
Grandstream GXV3611IR_HD command injection0.10CVE-2019-10660
03/30/20197.56.38.8
 
 
Grandstream GXV3370/WP820 command injection0.05CVE-2019-10659
03/30/20197.56.38.8
 
 
Grandstream GWN7610 API controller.icc.update_nds_webroot_from_tmp command injection0.08CVE-2019-10658
03/30/20195.44.36.5
 
 
Grandstream GWN7000/GWN7610 uci.apply Password information disclosure0.06CVE-2019-10657
03/30/20197.56.38.8
 
 
Grandstream GWN7000 API uci.apply update_nds_webroot_from_tmp command injection0.00CVE-2019-10656
03/30/20198.57.39.8
 
 
Grandstream GAC2500/GXP2200/GVC3202/GXV3275/GXV3240 memory corruption0.05CVE-2019-10655
03/30/20195.45.35.5
 
 
LZO Archive liblzo2.so.2 lzo1x_decompress out-of-bounds read0.08CVE-2019-10654
03/30/20196.76.37.2
 
 
flatCore Addons Feature acp.php unrestricted upload0.05CVE-2019-10652
03/30/20197.26.38.1
 
 
ImageMagick tiff.c WriteTIFFImage out-of-bounds read0.05CVE-2019-10650
03/30/20195.44.36.5
 
 
ImageMagick svg.c SVGKeyValuePairs resource management0.05CVE-2019-10649
03/30/20198.57.39.8
 
 
Robocode input validation0.05CVE-2019-10648
03/30/20198.57.39.8
 
 
ZZZCMS zzzphp unrestricted upload0.00CVE-2019-10647
03/30/20195.24.36.1
 
 
Wolf CMS Add SNippet add cross site scripting0.05CVE-2019-10646
03/30/20196.54.38.8
 
 
HYBBS user.html cross-site request forgery0.00CVE-2019-10644
03/29/20195.75.36.1
 
 
MyBB ModCP Profile Editor Reflected cross site scripting0.06CVE-2018-19201
03/29/20198.57.39.8
 
 
Provisio SiteKiosk Call Dispatcher access control0.05CVE-2018-18766
03/29/20196.45.37.5
 
 
TP-LINK TL-WR840N memory corruption0.05CVE-2018-15840
03/29/20197.47.37.5
 
 
Harmis JE Messenger path traversal0.05CVE-2019-9922
03/29/20195.44.36.5
 
 
Harmis JE Messenger access control0.04CVE-2019-9921
03/29/20197.56.38.8
 
 
Harmis JE Messenger access control0.05CVE-2019-9920
03/29/20194.43.55.4
 
 
Harmis JE Messenger Message cross site scripting0.05CVE-2019-9919
03/29/20198.27.39.1
 
 
Harmis JE Messenger sql injection0.05CVE-2019-9918
03/29/20195.54.36.8
 
 
Symantec Norton Core code injection0.00CVE-2019-9695
03/29/20194.43.55.4
 
 
PHP Scripts Mall Online Lottery PHP Readymade Script ICO Picture Reflected cross site scripting0.06CVE-2019-9605
03/29/20196.54.38.8
 
 
PHP Scripts Mall Online Lottery PHP Readymade Script Edit Profile cross-site request forgery0.07CVE-2019-9604
03/29/20197.57.57.5
 
 
FusionInventory Plugin data processing0.06CVE-2019-10477
03/29/20196.96.37.5
 
 
OpenSynergy Blue SDK L2CAP Signaling Channel l2cap_sm.c input validation0.09CVE-2018-20378
03/29/20197.66.68.7
 
 
Atlassian Application Links OAuthHelper xml external entity reference0.07CVE-2017-18111
03/29/20196.46.36.5
 
 
Atlassian Crowd Administration Backup Restore xml external entity reference0.05CVE-2017-18110
03/29/20196.77.36.1
 
 
Atlassian Crowd CrowdId redirect0.05CVE-2017-18109
03/29/20196.76.37.2
 
 
Atlassian Crowd Administration SMTP Configuration code injection0.07CVE-2017-18108
03/29/20196.25.07.5
 
 
Atlassian Crowd Session Identifier Collision improper authentication0.00CVE-2017-18106
03/29/20197.77.38.1
 
 
Atlassian Crowd Console Login session fixiation0.06CVE-2017-18105

Do you want to use VulDB in your project?

Use the official API to access entries easily!