CVSSv3 03/07/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1318388.57.39.8
 
 
FlowPaper Flexpaper input validation0.06CVE-2018-11686
1314788.57.39.8
 
 
PHPSHE cart.php sql injection0.06CVE-2019-9626
1314778.88.88.8
 
 
JBMC DirectAdmin CMD_ACCOUNT_ADMIN cross-site request forgery0.00CVE-2019-9625
1314765.44.36.5
 
 
CScms pay cross-site request forgery0.00CVE-2019-9598
1314757.56.38.8
 
 
Bolt Filemanager FilesystemManager.php unrestricted upload0.05CVE-2019-9185
1314748.57.39.8
 
 
Motorola C1/M2 HNAP1 command injection0.00CVE-2019-9121
1314738.57.39.8
 
 
Motorola C1/M2 HNAP1 os command injection0.00CVE-2019-9120
1314728.57.39.8
 
 
Motorola C1/M2 HNAP1 os command injection0.06CVE-2019-9119
1314718.57.39.8
 
 
Motorola C1/M2 HNAP1 os command injection0.00CVE-2019-9118
1314708.57.39.8
 
 
Motorola C1/M2 HNAP1 os command injection0.00CVE-2019-9117
1314695.44.36.5
 
 
TIBCO JasperReports Server SOAP API information disclosure0.04CVE-2019-8986
1314684.13.44.8
 
 
DiliCMS index.php Stored cross site scripting0.05CVE-2019-8440
1314674.74.15.4
 
 
DiliCMS index.php Stored cross site scripting0.00CVE-2019-8439
1314664.13.44.8
 
 
DiliCMS index.php Stored cross site scripting0.00CVE-2019-8438
1314656.54.38.8
 
 
njiandan-cms user_new cross-site request forgery0.00CVE-2019-8437
1314645.24.36.1
 
 
PHPMyWind connect.php Reflected cross site scripting0.00CVE-2019-7661
1314635.24.36.1
 
 
PHPMyWind index.php Stored cross site scripting0.00CVE-2019-7660
1314626.45.37.5
 
 
ImageMagick pcd.c DecodeImage resource management0.00CVE-2019-7175
1314616.54.38.8
 
 
ZyXEL NBG-418N v2 login.cgi cross-site request forgery0.00CVE-2019-6710
1314608.06.39.8
 
 
Rainbow PDF Office Server Document Converter PowerPoint Document Conversion getSummaryInformation memory corruption0.00CVE-2019-5019
1314596.46.36.5
 
 
Cloud Foundry Stratos Session session fixiation0.00CVE-2019-3784
1314587.56.38.8
 
 
Cloud Foundry Stratos Session Store Secret credentials management0.00CVE-2019-3783
1314575.94.37.5
 
 
Cloud Foundry CLI Log credentials management0.00CVE-2019-3781
1314566.97.36.5
 
 
Spring Security OAuth Authorization Endpoint redirect0.07CVE-2019-3778
1314558.57.39.8
 
 
Pivotal Application Service Cloud Controller Proxy certificate validation0.00CVE-2019-3777
1314544.84.35.4
 
 
Pivotal Operations Manager Reflected cross site scripting0.00CVE-2019-3776
1314536.46.36.5
 
 
Cloud Foundry UAA Email Address improper authentication0.00CVE-2019-3775
1314527.56.38.8
 
 
Dell WES Wyse Device Agent/Wyse ThinLinux Hagent FTP Client memory corruption0.05CVE-2019-3712
1314513.83.34.4
 
 
Cisco FXOS/NX-OS File System Permission information disclosure0.05CVE-2019-1600
1314506.95.38.6
 
 
Cisco NX-OS Network Stack resource management0.05CVE-2019-1599
1314496.45.37.5
 
 
Cisco FXOS/NX-OS LDAP input validation0.00CVE-2019-1598
1314486.45.37.5
 
 
Cisco FXOS/NX-OS LDAP input validation0.00CVE-2019-1597
1314476.55.37.8
 
 
Cisco NX-OS bash access control0.00CVE-2019-1596
1314468.57.39.8
 
 
Apache Solr Config API deserialization0.00CVE-2019-0192
1314454.34.3
 
 
 
yaml-cpp YAML File HandleFlowSequence denial of service0.00CVE-2018-20710
1314444.43.55.4
 
 
TIBCO JasperReports Server Repository Persistent cross site scripting0.00CVE-2018-18816
1314438.57.39.8
 
 
TIBCO JasperReports Server REST API improper authorization0.05CVE-2018-18815
1314426.46.36.5
 
 
TIBCO JasperReports Library Default Server path traversal0.00CVE-2018-18809
1314416.96.37.5
 
 
TIBCO JasperReports Server Domain Management race condition0.00CVE-2018-18808
1314406.54.38.8
 
 
EmpireCMS ListUser.php cross-site request forgery0.05CVE-2018-18449

Do you want to use VulDB in your project?

Use the official API to access entries easily!