CVSSv3 04/24/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1340458.57.39.8
 
 
Western Digital My Cloud PR4100 File Upload uploadify.php privilege escalationCVE-2019-9951
1340448.57.39.8
 
 
Western Digital My Cloud PR4100 login_mgr.cgi weak authenticationCVE-2019-9950
1340435.44.36.5
 
 
Google TensorFlow GIF File NULL Pointer Dereference denial of serviceCVE-2019-9635
1340426.67.16.1
 
 
TIBCO ActiveMatrix BPM Workspace Client Open RedirectCVE-2019-8995
1340415.15.54.6
 
 
TIBCO ActiveMatrix BPM Workspace Client Settings privilege escalationCVE-2019-8994
1340407.55.39.8
 
 
TIBCO ActiveMatrix BPM Administrative Web Server Credentials information disclosureCVE-2019-8993
1340397.56.38.8
 
 
TIBCO ActiveMatrix BPM Administrative Server privilege escalationCVE-2019-8992
1340387.56.38.8
 
 
TIBCO ActiveMatrix BPM Administrator Web Interface cross site request forgeryCVE-2019-8991
1340375.55.55.5
 
 
Linux Kernel vfio Interface Memory Exhaustion denial of serviceCVE-2019-3882
1340364.34.73.8
 
 
KeyCloak End User Token Session weak authenticationCVE-2019-3868
1340357.75.69.8
 
 
Pivotal Apps Manager Invitation Service HTTP weak encryptionCVE-2019-3793
1340346.46.36.5
 
 
Cloud Foundry Domain privilege escalationCVE-2019-3789
1340336.56.56.5
 
 
Cloud Foundry BOSH Backup and Restore CLI weak authenticationCVE-2019-3786
1340327.56.38.8
 
 
GraphicsMagick mat.c WriteMATLABImage memory corruptionCVE-2019-11506
1340317.56.38.8
 
 
GraphicsMagick pdb.c WritePDBImage memory corruptionCVE-2019-11505
1340303.62.44.8
 
 
Zotonic mod_admin cross site scriptingCVE-2019-11504
1340297.47.37.5
 
 
snapd snap-confine chdir() privilege escalationCVE-2019-11503
1340287.47.37.5
 
 
snapd snap-confine tmp privilege escalationCVE-2019-11502
1340277.56.38.8
 
 
Jakub Chodounsky Bonobo Git Server User Profile Edit privilege escalationCVE-2019-11218
1340268.57.39.8
 
 
Jakub Chodounsky Bonobo Git Server GitController privilege escalationCVE-2019-11217
1340256.26.36.1
 
 
TIBCO ActiveMatrix BPM Client/REST API cross site scriptingCVE-2019-11203
1340246.45.37.5
 
 
Dovecot JSON Encoder Crash denial of serviceCVE-2019-10691
1340237.56.38.8
 
 
Zoho ManageEngine ServiceDesk Guest Session privilege escalationCVE-2019-10008
1340226.24.38.1
 
 
Google TensorFlow Snappy Library Crash denial of serviceCVE-2018-7577
1340218.57.39.8
 
 
Google TensorFlow memory corruptionCVE-2018-7575
1340203.33.3
 
 
 
Google TensorFlow NULL Pointer Dereference denial of serviceCVE-2018-7574
1340198.57.39.8
 
 
LibreNMS addhost.inc.php privilege escalationCVE-2018-20434
1340188.06.39.8
 
 
Deltek Vision RPC over HTTP SQL privilege escalationCVE-2018-18251
1340177.26.38.1
 
 
Google TensorFlow XLA Compiler Heap-based memory corruptionCVE-2018-10055
1340167.47.37.5
 
 
libseccomp-golang BPF Generator privilege escalationCVE-2017-18367
1340157.56.38.8
 
 
GStreamer RTSP Connection Parser Heap-based memory corruptionCVE-2019-9928
1340146.45.37.5
 
 
Aquaverde Aquarius CMS Log File Password information disclosureCVE-2019-9734
1340136.45.37.5
 
 
Aquaverde Aquarius CMS Log File information disclosureCVE-2019-9724
1340128.57.39.8
 
 
SmarterTools SmarterMail Service Port 17001 Deserialization privilege escalationCVE-2019-7214
1340116.46.36.5
 
 
SmarterTools SmarterMail directory traversalCVE-2019-7213
1340107.77.38.2
 
 
SmarterTools Mailing List Default Key weak authenticationCVE-2019-7212
1340095.24.36.1
 
 
SmarterTools SmarterMail Email Stored cross site scriptingCVE-2019-7211
1340088.57.39.8
 
 
Dentsply Sirona Sidexis Application Server Default Admin Password weak authenticationCVE-2019-11081
1340075.24.36.1
 
 
EasyToRecruit Upload/Candidate Profile Management cross site scriptingCVE-2019-11032
1340066.55.37.8
 
 
Robotronic RunAsSpc Credential Storage weak encryptionCVE-2019-10239

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!