CVSSv3 July 2019info

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

C3BM Index »

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedBaseVDBNVDVendResVulnerabilityCTICVE
07/31/20195.24.36.1
 
 
Avaya Aura Conferencing Web UI cross site scripting0.06CVE-2019-7000
07/31/20197.56.38.8
 
 
SDL2_image XPM Image colorhash integer overflow0.06CVE-2019-5060
07/31/20197.56.38.8
 
 
SDL2_image XPM Image integer overflow0.00CVE-2019-5059
07/31/20197.56.38.8
 
 
SDL2_image XCF Image memory corruption0.00CVE-2019-5058
07/31/20197.56.38.8
 
 
SDL2_image memory corruption0.00CVE-2019-5057
07/31/20194.43.35.5
 
 
YARA Object Lookup input validation0.00CVE-2019-5020
07/31/20196.45.37.5
 
 
IBM StoreIQ input validation0.00CVE-2019-4165
07/31/20194.34.34.3
 
 
IBM StoreIQ information disclosure0.00CVE-2019-4163
07/31/20196.76.37.2
 
 
WallacePOS File Upload unrestricted upload0.04CVE-2019-3960
07/31/20197.05.38.8
 
 
WallacePOS cross-site request forgery0.07CVE-2019-3959
07/31/20194.84.35.4
 
 
WallacePOS Sales Transaction Persistent cross site scripting0.05CVE-2019-3958
07/31/20197.56.38.8
 
 
Cisco Nexus ACI Mode memory corruption0.05CVE-2019-1901
07/31/20196.55.37.8
 
 
Schism Tracker mtm.c fmt_mtm_load_song memory corruption0.05CVE-2019-14465
07/31/20195.45.35.5
 
 
MilkyTracker milkyplay XMFile.cpp read memory corruption0.00CVE-2019-14464
07/31/20198.57.39.8
 
 
libmodbus out-of-bounds read0.05CVE-2019-14463
07/31/20198.57.39.8
 
 
libmodbus out-of-bounds read0.09CVE-2019-14462
07/31/20197.47.37.5
 
 
nfdump ipfix.c Process_ipfix_template_withdraw integer overflow0.05CVE-2019-14459
07/31/20194.43.55.4
 
 
Opengear Console Server Serial Port Logging Stored cross site scripting0.05CVE-2019-14456
07/31/20198.57.39.8
 
 
Das U-Boot nfs_umountall_reply memory corruption0.00CVE-2019-14204
07/31/20198.57.39.8
 
 
Das U-Boot nfs_mount_reply memory corruption0.00CVE-2019-14203
07/31/20198.57.39.8
 
 
Das U-Boot nfs_readlink_reply memory corruption0.00CVE-2019-14202
07/31/20198.57.39.8
 
 
Das U-Boot nfs_lookup_reply memory corruption0.05CVE-2019-14201
07/31/20198.57.39.8
 
 
Das U-Boot nfs_handler memory corruption0.06CVE-2019-14200
07/31/20198.57.39.8
 
 
Das U-Boot net_process_received_packet integer underflow0.09CVE-2019-14199
07/31/20198.57.39.8
 
 
Das U-Boot nfs_read_reply memory corruption0.07CVE-2019-14198
07/31/20198.27.39.1
 
 
Das U-Boot nfs_read_reply out-of-bounds read0.05CVE-2019-14197
07/31/20198.57.39.8
 
 
Das U-Boot nfs_lookup_reply memory corruption0.05CVE-2019-14196
07/31/20198.57.39.8
 
 
Das U-Boot nfs_readlink_reply memory corruption0.07CVE-2019-14195
07/31/20198.57.39.8
 
 
Das U-Boot nfs_read_reply memory corruption0.05CVE-2019-14194
07/31/20198.57.39.8
 
 
Das U-Boot nfs_readlink_reply memory corruption0.09CVE-2019-14193
07/31/20198.57.39.8
 
 
Das U-Boot net_process_received_packet memory corruption0.08CVE-2019-14192
07/31/20197.56.38.8
 
 
CImg CImg.h _load_bmp memory corruption0.05CVE-2019-13568
07/31/20197.04.39.8
 
 
ELM327 OBD2 Bluetooth Clone PIN hard-coded credentials0.04CVE-2019-12797
07/31/20197.87.87.87.8
 
Symantec Endpoint Protection access control0.06CVE-2019-12750
07/31/20195.44.36.5
 
 
Skytap Cloud CI Plugin Job config.xml credentials management0.00CVE-2019-10366
07/31/20195.36.34.3
 
 
Google Kubernetes Engine Plugin Temp File information disclosure0.09CVE-2019-10365
07/31/20194.43.35.5
 
 
Amazon EC2 Plugin System Log Key information disclosure0.05CVE-2019-10364
07/31/20194.94.94.9
 
 
Configuration as Code Plugin information disclosure0.00CVE-2019-10363
07/31/20194.84.35.4
 
 
Configuration as Code Plugin Configuration Import input validation0.00CVE-2019-10362
07/31/20194.43.35.5
 
 
Maven Release Plugin Credentials credentials management0.00CVE-2019-10361

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!