CVSSv3 04/22/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1339736.55.37.8
 
 
Check Point ZoneAlarm/Endpoint Security Client Log File Archive privilege escalationCVE-2019-8452
1339726.45.37.5
 
 
Lenovo System X Integrated Management Module II Private Key information disclosureCVE-2019-6157
1339716.45.37.5
 
 
IBM System X/BladeCenter SMI denial of serviceCVE-2019-6155
1339696.45.37.5
 
 
c3p0 XML Configuration Recursion denial of serviceCVE-2019-5427
1339686.67.35.9
 
 
Mercurial Subrepository Symlink privilege escalationCVE-2019-3902
1339674.03.34.7
 
 
Linux Kernel setuid Program perf_event_open information disclosureCVE-2019-3901
1339668.57.39.8
 
 
OpenShift Container Platform 3 Heketi weak authenticationCVE-2019-3899
1339656.55.37.8
 
 
GNOME Nautilus Sandbox privilege escalationCVE-2019-11461
1339647.76.59.0
 
 
GNOME gnome-desktop Sandbox privilege escalationCVE-2019-11460
1339634.43.35.5
 
 
GNOME Evince TIFF File tiff_document_get_thumbnail denial of serviceCVE-2019-11459
1339626.54.38.8
 
 
Gila CMS cross site request forgeryCVE-2019-11456
1339617.26.38.1
 
 
Tildeslash Monit util.c Util_urlDecode memory corruptionCVE-2019-11455
1339605.75.36.1
 
 
Tildeslash Monit HTTP Basic Authentication cervlet.c _viewlog cross site scriptingCVE-2019-11454
1339595.94.77.2
 
 
whatsns sql injectionCVE-2019-11452
1339585.94.77.2
 
 
whatsns sql injectionCVE-2019-11451
1339578.57.39.8
 
 
whatsns sql injectionCVE-2019-11450
1339565.24.36.1
 
 
I, Librarian notes.php cross site scriptingCVE-2019-11449
1339559.89.89.8
 
 
Zoho ManageEngine Applications Manager Popup_SLA.jsp sql injectionCVE-2019-11448
1339547.56.38.8
 
 
CutePHP CuteNews Remote Code ExecutionCVE-2019-11447
1339537.56.38.8
 
 
ATutor upload.php privilege escalationCVE-2019-11446
1339527.27.27.2
 
 
OpenKM JSP File okm:root Remote Code ExecutionCVE-2019-11445
1339516.76.37.2
 
 
Liferay Portal CE [command].execute() privilege escalationCVE-2019-11444
1339505.44.76.1
 
 
I, Librarian export.php cross site scriptingCVE-2019-11428
1339495.44.76.1
 
 
idreamsoft iCMS search.app.php cross site scriptingCVE-2019-11427
1339485.44.76.1
 
 
idreamsoft iCMS admincp.header.php cross site scriptingCVE-2019-11426
1339478.57.39.8
 
 
TRENDnet TEW-632BRP HNAP Interface apply.cgi memory corruptionCVE-2019-11418
1339468.57.39.8
 
 
TRENDnet TV-IP110WN system.cgi respondAsp memory corruptionCVE-2019-11417
1339457.56.38.8
 
 
Intelbras IWR 3000N user cross site request forgeryCVE-2019-11416
1339447.57.57.5
 
 
Intelbras IWR 3000N login denial of serviceCVE-2019-11415
1339437.56.38.8
 
 
Intelbras IWR 3000N weak authenticationCVE-2019-11414
1339426.45.37.5
 
 
Artifex MuJS regexp.c match denial of serviceCVE-2019-11413
1339416.45.37.5
 
 
Artifex MuJS jscompile.c denial of serviceCVE-2019-11412
1339408.57.39.8
 
 
Artifex MuJS jsnumber.c numtostr memory corruptionCVE-2019-11411
1339397.47.47.4
 
 
OpenAPI Tools OpenAPI Generator 7PK Security FeaturesCVE-2019-11405
1339385.75.65.9
 
 
arrow-kt Arrow Gradle Build Artifact Resolver weak encryptionCVE-2019-11404
1339377.55.39.8
 
 
Gradle Enterprise Build Cache Node Password information disclosureCVE-2019-11403
1339368.57.39.8
 
 
Gradle Enterprise Build Cache Node weak encryptionCVE-2019-11402
1339356.76.37.2
 
 
SiteServer CMS Remote Code ExecutionCVE-2019-11401
1339348.57.39.8
 
 
MailCarrier memory corruptionCVE-2019-11395
1339338.57.39.8
 
 
Monit update privilege escalationCVE-2019-11393

Interested in the pricing of exploits?

See the underground prices here!