CVSSv3 05/16/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1351666.16.35.9
 
 
Airmail GPG-PGP Plugin signature verification0.07CVE-2019-8338
1351656.55.37.8
 
 
Ghostscript File System access control0.00CVE-2019-3839
1351645.44.26.7
 
 
Cisco NX-OS/FXOS CLI command injection0.00CVE-2019-1780
1351635.24.36.1
 
 
eZ Platform Admin UI cross site scripting0.06CVE-2019-12139
1351626.55.37.8
 
 
MacDown Shared Note path traversal0.00CVE-2019-12138
1351616.55.37.8
 
 
typora Shared Note path traversal0.00CVE-2019-12137
1351605.24.36.1
 
 
Applaud HCM Form cross site scripting0.00CVE-2019-11033
1351598.57.39.8
 
 
Symfony http-foundation sql injection0.05CVE-2019-10913
1351586.76.37.1
 
 
Symfony Unserialization deserialization0.00CVE-2019-10912
1351576.96.37.5
 
 
Symfony improper authentication0.07CVE-2019-10911
1351568.57.39.8
 
 
Symfony Service ID sql injection0.07CVE-2019-10910
1351554.43.55.4
 
 
Symfony Validation Message cross site scripting0.07CVE-2019-10909
1351546.67.16.1
 
 
GitLab Community Edition/Enterprise Edition Oauth/:GeoAuthController redirect0.07CVE-2019-10117
1351535.36.34.3
 
 
GitLab Community Edition/Enterprise Edition Permission permission0.07CVE-2019-10116
1351526.46.36.5
 
 
GitLab Community Edition/Enterprise Edition Permission permission0.06CVE-2019-10115
1351516.45.37.5
 
 
GitLab Community Edition/Enterprise Edition Oauth information disclosure0.07CVE-2019-10114
1351506.45.37.5
 
 
GitLab Community Edition/Enterprise Edition languages resource consumption0.00CVE-2019-10113
1351497.57.57.5
 
 
GitLab Community Edition/Enterprise Edition HMAC Key key management0.06CVE-2019-10112
1351486.86.86.8
 
 
Yeelight Smart AI Speaker UART Interface access control0.07CVE-2018-20007
1351474.43.55.4
 
 
IBM Rational DOORS Web Access Web UI cross site scripting0.00CVE-2018-1975
1351467.47.37.5
 
 
FDCMS FpluginAction.class.php sql injection0.00CVE-2018-17048
1351456.67.35.9
 
 
yarnpkg Signature install.sh signature verification0.00CVE-2018-12556
1351445.65.35.9
 
 
Cisco Unified Intelligence Center Dashboard resource injection0.00CVE-2019-1860
1351436.45.37.5
 
 
Cisco NX-OS/FXOS SNMP Packet Processor input validation0.00CVE-2019-1858
1351426.45.37.5
 
 
Cisco AnyConnect Secure Mobility Client HostScan out-of-bounds read0.05CVE-2019-1853
1351415.66.34.9
 
 
Cisco Identity Services Engine ERS API improper authorization0.04CVE-2019-1851
1351405.44.36.5
 
 
Cisco IOS XR BGP/MPLS/EVPN unusual condition0.00CVE-2019-1849
1351395.84.37.4
 
 
Cisco IOS XR MPLS/OAM input validation0.08CVE-2019-1846
1351386.67.35.8
 
 
Cisco Firepower Threat Defense SSL/TLS Protocol Parser protection mechanism0.00CVE-2019-1833
1351377.47.37.5
 
 
Cisco Firepower Threat Defense Detection Engine protection mechanism0.00CVE-2019-1832
1351367.26.38.1
 
 
Cisco Prime Infrastructure/Evolved Programmable Network Web-based Management Interface SQL sql injection0.00CVE-2019-1825
1351357.26.38.1
 
 
Cisco Prime Infrastructure/Evolved Programmable Network Web-based Management Interface SQL sql injection0.00CVE-2019-1824
1351348.08.87.2
 
 
Cisco Prime Infrastructure/Evolved Programmable Network Web-based Management Interface input validation0.06CVE-2019-1823
1351338.08.87.2
 
 
Cisco Prime Infrastructure/Evolved Programmable Network Web-based Management Interface input validation0.00CVE-2019-1822
1351329.38.89.8
 
 
Cisco Prime Infrastructure/Evolved Programmable Network Web-based Management Interface input validation0.05CVE-2019-1821
1351316.46.36.5
 
 
Cisco Prime Infrastructure/Evolved Programmable Network Web-based Management Interface path traversal0.00CVE-2019-1820
1351306.46.36.5
 
 
Cisco Prime Infrastructure/Evolved Programmable Network Web-based Management Interface path traversal0.00CVE-2019-1819
1351296.46.36.5
 
 
Cisco Prime Infrastructure/Evolved Programmable Network Web-based Management Interface path traversal0.00CVE-2019-1818
1351286.45.37.5
 
 
Cisco Small Business 300 DHCP/TFTP resource consumption0.00CVE-2019-1814
1351276.76.76.7
 
 
Cisco NX-OS CLI memory corruption0.00CVE-2019-1768

Do you know our Splunk app?

Download it now for free!