CVSSv3 05/20/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1352907.75.69.8
 
 
BMC Patrol Agent Encryption Key cryptographic issues0.00CVE-2019-8352
1352895.35.35.3
 
 
IBM Storwize V7000 Configuration Version information disclosure0.07CVE-2019-4293
1352886.46.36.5
 
 
IBM BigFix Platform User Interface 7pk security0.00CVE-2019-4058
1352874.43.55.4
 
 
IBM BigFix Platform Web UI cross site scripting0.04CVE-2019-4011
1352869.89.89.8
 
 
Carts Guru Plugin Deserialization wc-cartsguru-event-handler.php deserialization0.00CVE-2019-12241
1352859.89.89.8
 
 
Virim Plugin Deserialization graph.php deserialization0.05CVE-2019-12240
1352846.76.37.2
 
 
WP Booking System sql injection0.05CVE-2019-12239
1352836.46.36.5
 
 
Simple DirectMedia Layer libSDL2.a SDL_InvalidateMap out-of-bounds read0.00CVE-2019-12222
1352826.46.36.5
 
 
Simple DirectMedia Layer libSDL2.a SDL memory corruption0.06CVE-2019-12221
1352816.46.36.5
 
 
Simple DirectMedia Layer libSDL2.a SDL out-of-bounds read0.00CVE-2019-12220
1352808.88.88.8
 
 
Simple DirectMedia Layer libSDL2.a SDL double free0.00CVE-2019-12219
1352795.44.36.5
 
 
Simple DirectMedia Layer libSDL2.a SDL2_image null pointer dereference0.00CVE-2019-12218
1352785.44.36.5
 
 
Simple DirectMedia Layer libSDL2.a stdio_read null pointer dereference0.05CVE-2019-12217
1352776.46.36.5
 
 
Simple DirectMedia Layer libSDL2.a SDL2_image memory corruption0.05CVE-2019-12216
1352764.34.34.3
 
 
Matomo safemode.twig Path information disclosure0.07CVE-2019-12215
1352756.96.37.5
 
 
FreeImage j2k.c j2k_read_ppm_v3 out-of-bounds read0.05CVE-2019-12214
1352745.44.36.5
 
 
FreeImage TIFF File PluginTIFF.cpp TIFFReadDirectory resource consumption0.00CVE-2019-12213
1352735.94.37.5
 
 
FreeImage JXR File JXRMeta.c StreamCalcIFDSize resource consumption0.07CVE-2019-12212
1352726.96.37.5
 
 
FreeImage TIFF File PluginTIFF.cpp Load memory corruption0.00CVE-2019-12211
1352716.76.37.2
 
 
OPNsense/pfsense WebUI access control0.06CVE-2019-11816
1352705.24.36.1
 
 
Apache JSPWiki Plugin Link cross site scripting0.00CVE-2019-10078
1352695.24.36.1
 
 
Apache JSPWiki InterWiki Link cross site scripting0.00CVE-2019-10077
1352685.24.36.1
 
 
Apache JSPWiki Attachment cross site scripting0.00CVE-2019-10076
1352673.33.33.3
 
 
IBM BigFix Platform Memory information disclosure0.05CVE-2018-2005
1352668.57.39.8
 
 
njs njs_function.c njs_function_native_call memory corruption0.06CVE-2019-12208
1352658.57.39.8
 
 
njs nxt_utf8.c nxt_utf8_decode memory corruption0.03CVE-2019-12207
1352648.57.39.8
 
 
njs nxt_utf8.c nxt_utf8_encode memory corruption0.00CVE-2019-12206
1352635.24.36.1
 
 
Joomla CMS com_users cross site scripting0.00CVE-2019-11809
1352625.96.35.4
 
 
Valve Steam URL input validation0.08CVE-2018-12270
1352617.47.37.5
 
 
GoHTTP Header out-of-bounds read0.00CVE-2019-12198
1352607.56.38.8
 
 
Elabftw File Upload EntityController.php command injection0.00CVE-2019-12185

Do you want to use VulDB in your project?

Use the official API to access entries easily!