CVSSv3 08/15/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1401508.06.39.8
 
 
LibreOffice Macro python directory traversalCVE-2019-9852
1401498.06.39.8
 
 
LibreOffice LibreLogo privilege escalationCVE-2019-9851
1401488.06.39.8
 
 
LibreOffice LibreLogo privilege escalationCVE-2019-9850
1401477.25.68.8
 
 
3S-Smart CODESYS Control V3 weak encryptionCVE-2019-9013
1401466.45.37.5
 
 
3S-Smart CODESYS Control V3 denial of serviceCVE-2019-9012
1401458.57.39.8
 
 
3S-Smart CODESYS Control V3 Gateway privilege escalationCVE-2019-9010
1401446.75.48.1
 
 
Tenable Nessus denial of serviceCVE-2019-3974
1401434.43.55.4
 
 
ZTE ZXHN F670 cross site scriptingCVE-2019-3418
1401427.56.38.8
 
 
ZTE ZXHN F670 command injectionCVE-2019-3417
1401413.62.44.8
 
 
OpenCA Admin Panel Stored cross site scriptingCVE-2019-15081
1401395.35.35.3
 
 
FV Flowplayer Video Player Email Subscription List information disclosureCVE-2019-14800
1401383.62.44.8
 
 
toggle-the-title Plugin cross site scriptingCVE-2019-14795
1401375.24.36.1
 
 
limb-gallery Plugin cross site scriptingCVE-2019-14790
1401365.24.36.1
 
 
Custom 404 Pro Plugin cross site scriptingCVE-2019-14789
1401357.56.38.8
 
 
Tribulant Newsletters Plugin directory traversalCVE-2019-14788
1401345.95.46.5
 
 
Rank Math SEO Plugin Setting admin-post.php denial of serviceCVE-2019-14786
1401335.24.36.1
 
 
CP Contact Form with PayPal cross site scriptingCVE-2019-14784
1401327.56.38.8
 
 
Leaf Admin Profile Photo Upload File Upload privilege escalationCVE-2019-14755
1401314.43.55.4
 
 
Evolution CMS Template cross site scriptingCVE-2019-14518
1401297.56.38.8
 
 
TortoiseSVN URI privilege escalationCVE-2019-14422
1401288.57.39.8
 
 
Impress GiveWP Give Plugin class-payments-query.php sql injectionCVE-2019-13578
1401276.54.38.8
 
 
OSIsoft PI Web API cross site request forgeryCVE-2019-13516
1401265.44.36.5
 
 
OSIsoft PI Web API information disclosureCVE-2019-13515
1401256.55.37.8
 
 
Delta Industrial Automation DOPSoft Project File Use-After-Free memory corruptionCVE-2019-13514
1401246.55.37.8
 
 
Delta Industrial Automation DOPSoft Project File Out-of-Bounds memory corruptionCVE-2019-13513
1401234.35.33.3
 
 
Fuji Electric FRENIC LOADER Out-of-Bounds memory corruptionCVE-2019-13512
1401223.84.33.3
 
 
Rockwell Automation Arena Simulation Software Arena File information disclosureCVE-2019-13511
1401217.06.37.8
 
 
Rockwell Automation Arena Simulation Software Arena File Use-After-Free memory corruptionCVE-2019-13510
1401204.83.75.9
 
 
hostapd/wpa_supplicant SAE/EAP-pwd Side-Channel information disclosureCVE-2019-13377
1401194.43.35.5
 
 
stb_vorbis OGG Vorbis File lookup1_values denial of serviceCVE-2019-13223
1401186.25.37.1
 
 
stb_vorbis OGG Vorbis File draw_line memory corruptionCVE-2019-13222
1401176.55.37.8
 
 
stb_vorbis OGG Vorbis File compute_codewords memory corruptionCVE-2019-13221
1401166.25.37.1
 
 
stb_vorbis OGG Vorbis File start_decoder memory corruptionCVE-2019-13220
1401154.43.35.5
 
 
stb_vorbis OGG Vorbis File get_window denial of serviceCVE-2019-13219
1401144.43.35.5
 
 
stb_vorbis OGG Vorbis File predict_point denial of serviceCVE-2019-13218
1401136.55.37.8
 
 
stb_vorbis OGG Vorbis File start_decoder memory corruptionCVE-2019-13217
1401126.45.37.5
 
 
Squid Web Proxy Access Protection cachemgr.cgi denial of serviceCVE-2019-12854
1401118.07.38.8
 
 
Yes24ViewerX ActiveX Control Remote Code ExecutionCVE-2019-12809
1401108.88.88.8
 
 
Vesta Control Panel UploadHandler.php command injectionCVE-2019-12792
1401098.88.88.8
 
 
Vesta Control Panel v-list-user directory traversalCVE-2019-12791

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!