CVSSv3 07/11/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1377926.45.37.5
 
 
BroadLearning eClass URL download_attachment.php weak authenticationCVE-2019-9886
1377916.55.37.8
 
 
Alarm.com ADC-V522IR Access Control privilege escalationCVE-2019-9657
1377908.67.310.0
 
 
Avaya Control Manager sql injectionCVE-2019-7003
1377895.35.35.3
 
 
VMware ESXi hostd denial of serviceCVE-2019-5528
1377884.34.34.3
 
 
IBM Content Navigator Configuration File information disclosureCVE-2019-4263
1377875.94.37.5
 
 
IBM Jazz for Service Management URL information disclosureCVE-2019-4193
1377866.36.35.3
 
 
IBM Application Performance Management DNS Lookup Server-Side Request ForgeryCVE-2019-4131
1377853.83.34.4
 
 
IBM Multicloud Manager ibm-mcm-chart information disclosureCVE-2019-4118
1377844.43.55.4
 
 
Openshift Container Platform Reflected cross site scriptingCVE-2019-3889
1377824.63.55.7
 
 
ZTE MW directory traversalCVE-2019-3415
1377795.24.36.1
 
 
Ping Identity Agentless Integration Kit authorization.oauth2 cross site scriptingCVE-2019-13564
1377773.62.44.8
 
 
REDCap Admin Panel/Survey System Stored cross site scriptingCVE-2019-13029
1377766.73.99.86.4
 
Symantec Messaging Gateway privilege escalationCVE-2019-12751
1377757.87.87.8
 
 
London Trust Media Private Internet Access privilege escalationCVE-2019-12579
1377747.87.87.8
 
 
London Trust Media Private Internet Access openvpn privilege escalationCVE-2019-12578
1377737.87.87.8
 
 
London Trust Media Private Internet Access pia_upscript.sh privilege escalationCVE-2019-12577
1377727.87.87.8
 
 
London Trust Media Private Internet Access openvpn_launcher privilege escalationCVE-2019-12576
1377717.87.87.8
 
 
London Trust Media Private Internet Access ruby privilege escalationCVE-2019-12575
1377706.55.37.8
 
 
London Trust Media Private Internet Access DLL privilege escalationCVE-2019-12574
1377695.35.37.1
 
 
London Trust Media Private Internet Access privilege escalationCVE-2019-12573
1377685.35.37.1
 
 
London Trust Media Private Internet Access pia-watcher.plist privilege escalationCVE-2019-12571
1377676.67.35.9
 
 
Squid Proxy HTTP Header memory corruptionCVE-2019-12529
1377668.07.38.8
 
 
Squid Proxy getAuth memory corruptionCVE-2019-12527
1377658.57.39.8
 
 
Squid Proxy Header Parser memory corruptionCVE-2019-12525
1377644.34.34.3
 
 
Cloud Foundry UAA information disclosureCVE-2019-11268
1377636.55.37.8
 
 
Intel Processor Diagnostic Tool Access Control privilege escalationCVE-2019-11133
1377628.57.39.8
 
 
SUNNET WMPro doajaxfileupload.php" privilege escalationCVE-2019-11062
1377619.89.89.8
 
 
Rockwell Automation PanelView 5510 privilege escalationCVE-2019-10970
1377606.76.37.2
 
 
Siemens SIMATIC PCS 7/SIMATIC WinCC File Upload Remote Code ExecutionCVE-2019-10935
1377595.24.36.1
 
 
Siemens Spectrum Power 7 User Interface cross site scriptingCVE-2019-10933
1377586.45.37.5
 
 
Siemens SIPROTEC 5 Service Port 443 denial of serviceCVE-2019-10931
1377577.47.37.5
 
 
Siemens SIPROTEC 5 Service Port 443 privilege escalationCVE-2019-10930
1377566.55.37.8
 
 
TIA Administration Web Application weak authenticationCVE-2019-10915
1377558.57.39.8
 
 
Ivanti Endpoint Manager Core Server Remote Code ExecutionCVE-2019-10651
1377544.43.35.5
 
 
Ovirt Metrics Log File Credentials information disclosureCVE-2019-10194
1377535.94.77.2
 
 
Redis Hyperloglog Data Structure Command Stack-based memory corruptionCVE-2019-10193
1377525.94.77.2
 
 
Redis Hyperloglog Data Structure Command Heap-based memory corruptionCVE-2019-10192
1377515.94.77.2
 
 
osbs-client yaml.load() Remote Code ExecutionCVE-2019-10135
1377504.43.35.5
 
 
Wavpack wave64.c denial of serviceCVE-2019-1010319
1377493.53.5
 
 
 
Wavpack pack_utils.c WavpackSetConfiguration64 denial of serviceCVE-2019-1010318

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!