CVSSv3 07/09/2019

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1376146.36.3
 
 
 
Mailvelope Public Key Import Obscure key management0.05CVE-2019-9150
1376137.37.3
 
 
 
Mailvelope Private Key key management0.00CVE-2019-9149
1376126.36.3
 
 
 
Mailvelope Key Import key management0.00CVE-2019-9148
1376116.36.3
 
 
 
Mailvelope Settings Page input validation0.00CVE-2019-9147
1376104.34.3
 
 
 
XAMPP iart.php cross site scripting0.06CVE-2019-8920
1376084.34.3
 
 
 
Arlo Basestation Serial Interface hard-coded credentials0.00CVE-2019-3950
1376077.37.3
 
 
 
Arlo Basestation Network Interface config0.01CVE-2019-3949
1376067.37.3
 
 
 
Yoast SEO Plugin Term Description input validation0.07CVE-2019-13478
1376057.37.3
 
 
 
MobaXterm URI argument injection0.06CVE-2019-13475
1376044.34.3
 
 
 
PHPWind index.php cross site scripting0.01CVE-2019-13472
1376037.37.3
 
 
 
MatrixSSL ASN.1 out-of-bounds read0.00CVE-2019-13470
1376027.37.3
 
 
 
OWASP ModSecurity Core Rule Set PHP Script Upload Rule unrestricted upload0.00CVE-2019-13464
1376017.37.3
 
 
 
PrestaShop information disclosure0.00CVE-2019-13461
1376004.34.3
 
 
 
KEYNTO Team Password Manager Online Vault cross site scripting0.00CVE-2019-13380
1375995.35.3
 
 
 
WESEEK GROWI Password Hash information disclosure0.01CVE-2019-13338
1375987.37.3
 
 
 
WESEEK GROWI improper authentication0.06CVE-2019-13337
1375976.36.3
 
 
 
TRENDnet TEW-827DRU Ping memory corruption0.00CVE-2019-13280
1375967.37.3
 
 
 
TRENDnet TEW-827DRU Setup Wizard memory corruption0.02CVE-2019-13277
1375957.37.3
 
 
 
field_test Gem input validation0.02CVE-2019-13146
1375945.45.35.5
 
 
Razer Surround RzSurroundVADStreamingService.exe access control0.04CVE-2019-13142
1375933.53.5
 
 
 
CyberPower PowerPanel Business Edition Agent/Center Stored cross site scripting0.01CVE-2019-13070
1375925.35.3
 
 
 
HPE 3PAR Service Processor information disclosure0.00CVE-2019-11991
1375917.37.3
 
 
 
Contao sql injection0.00CVE-2019-11512
1375906.67.16.1
 
 
Microsoft ASP.NET Core redirect0.04CVE-2019-1075
1375894.43.55.4
 
 
Microsoft Exchange Server cross site scripting0.00CVE-2019-1137
1375886.55.08.1
 
 
Microsoft Exchange Server Web Services access control0.00CVE-2019-1136
1375874.43.55.4
 
 
Microsoft SharePoint Server cross site scripting0.05CVE-2019-1134
1375867.06.3
 
7.8
 
Microsoft Windows AppX Deployment Service access control0.06CVE-2019-1130
1375857.06.3
 
7.8
 
Microsoft Windows AppX Deployment Service access control0.06CVE-2019-1129
1375847.06.3
 
7.8
 
Microsoft Windows DirectWrite memory corruption0.00CVE-2019-1128

Might our Artificial Intelligence support you?

Check our Alexa App!