CVSSv3 04/15/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1415585.35.3
 
 
 
Local Privilege Escalation0.00CVE-2019-6745
1340987.37.37.86.7
 
Symantec Endpoint Protection Manager DLL Loader untrusted search path0.03CVE-2018-18367
1340975.04.36.54.3
 
Symantec Norton Security/Endpoint Protection Kernel Memory information disclosure0.00CVE-2018-18366
1340526.55.37.86.4
 
Symantec Norton Security/Endpoint Protection SBE DLL Loader untrusted search path0.05CVE-2018-18369
1338946.15.37.0
 
 
Zoho ManageEngine ADManager Plus Directory Permission permission assignment0.04CVE-2018-19374
1334235.24.36.1
 
 
ZyXEL ATP500/USG40/USG1900/ZyWALL310/ZyWALL1100 ?mobile=1 Reflected cross site scripting0.03CVE-2019-9955
1334227.85.99.8
 
 
F5 BIG-IP APM Secure Vault Key credentials management0.00CVE-2019-6609
1334218.57.39.8
 
 
Moxa IKS-G6824A/EDS-405A/EDS-408A/EDS-510A credentials management0.06CVE-2019-6526
1334206.67.35.9
 
 
VMware ESXi/Workstation/Fusion 3D Graphics out-of-bounds read0.00CVE-2019-5520
1334196.56.36.8
 
 
VMware ESXi/Workstation/Fusion Shader Translator out-of-bounds read0.00CVE-2019-5517
1334186.56.36.8
 
 
VMware ESXi/Workstation/Fusion Vertex Shader out-of-bounds read0.06CVE-2019-5516
1334178.57.39.8
 
 
IBM API Connect Developer Portal access control0.00CVE-2019-4203
1334169.18.310.0
 
 
IBM API Connect Developer Portal command injection0.06CVE-2019-4202
1334158.27.39.1
 
 
IBM Cognos Analytics URL path traversal0.05CVE-2019-4178
1334148.57.39.8
 
 
IBM BigFix WebUI Profile Management Back-End Database sql injection0.06CVE-2019-4012
1334135.53.37.8
 
 
Red Hat Satellite Candlepin Log credentials management0.00CVE-2019-3891
1334126.77.36.1
 
 
urllib3 crlf injection0.07CVE-2019-11236
1334118.57.39.8
 
 
Gitea repo_mirror.go input validation0.09CVE-2019-11229
1334107.57.57.5
 
 
Gitea setting.go input validation0.08CVE-2019-11228
1334097.06.37.8
 
 
GPAC os_divers.c gf_bin128_parse memory corruption0.00CVE-2019-11222
1334087.06.37.8
 
 
GPAC media_import.c gf_import_message memory corruption0.00CVE-2019-11221
1334077.77.38.1
 
 
Apache Tomcat JRE input validation0.07CVE-2019-0232
1334067.87.87.8
 
 
Shimo VPN Helper Service access control0.00CVE-2018-4009
1334057.87.87.8
 
 
Shimo VPN Helper Service access control0.00CVE-2018-4008
1334045.75.65.9
 
 
IBM WebShere MQ inadequate encryption0.00CVE-2018-1925
1334035.44.76.1
 
 
Waimai Super CMS addsave cross site scripting0.00CVE-2018-18261
1334025.24.36.1
 
 
Tribulant Slideshow Gallery Plugin cross site scripting0.05CVE-2018-18019
1334018.57.39.8
 
 
Tribulant Slideshow Gallery Plugin sql injection0.06CVE-2018-18018
1334005.24.36.1
 
 
Tribulant Slideshow Gallery Plugin cross site scripting0.05CVE-2018-18017
1333995.24.36.1
 
 
WP Fastest Cache Plugin cross site scripting0.05CVE-2018-17586
1333985.24.36.1
 
 
WP Fastest Cache Plugin cross site scripting0.00CVE-2018-17585
1333976.54.38.8
 
 
WP Fastest Cache Plugin admin.php cross-site request forgery0.07CVE-2018-17584
1333965.24.36.1
 
 
WP Fastest Cache Plugin cross site scripting0.07CVE-2018-17583
1333955.24.36.1
 
 
mndpsingh287 File Manager Plugin cross site scripting0.00CVE-2018-16967
1333946.54.38.8
 
 
mndpsingh287 File Manager Plugin cross-site request forgery0.00CVE-2018-16966
1333936.54.38.8
 
 
Mozilla Firefox Graphite2 Library read_glyph memory corruption0.00CVE-2017-7777
1333927.26.38.1
 
 
Mozilla Firefox Graphite2 Library getClassGlyph out-of-bounds read0.00CVE-2017-7776
1333917.76.39.1
 
 
Mozilla Firefox Graphite2 Library readGraphite out-of-bounds read0.00CVE-2017-7774
1333907.56.38.8
 
 
Mozilla Firefox Graphite2 Library Decompressor decompress memory corruption0.00CVE-2017-7773
1333897.26.38.1
 
 
Mozilla Firefox Graphite2 Library readPass out-of-bounds read0.00CVE-2017-7771

Do you need the next level of professionalism?

Upgrade your account now!