CVSSv3 08/21/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1405788.57.39.8
 
 
Lenovo Solution Center Log File privilege escalationCVE-2019-6177
1405777.56.38.8
 
 
Rapid7 Nexpose Session Expiration weak authenticationCVE-2019-5638
1405767.56.38.8
 
 
Aspose.Words EnumMetaInfo memory corruptionCVE-2019-5041
1405757.56.38.8
 
 
Aspose.Cells Number Record Parser Out-of-Bounds memory corruptionCVE-2019-5033
1405747.56.38.8
 
 
Aspose.Cells LabelSst Record Parser Out-of-Bounds memory corruptionCVE-2019-5032
1405736.16.65.5
 
 
McAfee Data Loss Prevention memory corruptionCVE-2019-3634
1405726.16.65.5
 
 
McAfee Data Loss Prevention memory corruptionCVE-2019-3633
1405715.95.46.5
 
 
Cisco NFVIS Operating System directory traversalCVE-2019-1984
1405708.57.39.8
 
 
Cisco Integrated Management Controller Web-based Management Interface weak authenticationCVE-2019-1974
1405695.75.65.9
 
 
Cisco WebEx Meetings Mobile SSL Certificate Man-in-the-Middle weak authenticationCVE-2019-1948
1405688.57.39.8
 
 
Cisco UCS Director/UCS Director Express for Big Data Web-based Management Interface weak authenticationCVE-2019-1938
1405678.57.39.8
 
 
Cisco Integrated Management Controller Web-based Management Interface weak authenticationCVE-2019-1937
1405668.08.87.2
 
 
Cisco Integrated Management Controller Web-based Management Interface privilege escalationCVE-2019-1936
1405658.57.39.8
 
 
Cisco Integrated Management Controller CLI Default Credentials weak authenticationCVE-2019-1935
1405646.45.37.5
 
 
Cisco Integrated Management Controller Intelligent Platform Management Interface information disclosureCVE-2019-1908
1405637.56.38.8
 
 
Cisco Integrated Management Controller Web Server privilege escalationCVE-2019-1907
1405626.45.37.5
 
 
Cisco Integrated Management Controller Web Server Crash denial of serviceCVE-2019-1900
1405618.08.87.2
 
 
Cisco Integrated Management Controller Web-based Management Interface command injectionCVE-2019-1896
1405608.08.87.2
 
 
Cisco Integrated Management Controller Redfish Protocol command injectionCVE-2019-1885
1405597.87.87.8
 
 
Cisco Integrated Management Controller CLI Injection privilege escalationCVE-2019-1883
1405588.08.87.2
 
 
Cisco Integrated Management Controller IMC Configuration Utility command injectionCVE-2019-1871
1405578.88.88.8
 
 
Cisco Integrated Management Controller Web-based Management Interface command injectionCVE-2019-1865
1405568.88.88.8
 
 
Cisco Integrated Management Controller Web-based Management Interface command injectionCVE-2019-1864
1405557.56.38.8
 
 
Cisco Integrated Management Controller Web-based Management Interface privilege escalationCVE-2019-1863
1405548.88.87.2
 
 
Cisco Integrated Management Controller Web-based Management Interface command injectionCVE-2019-1850
1405537.37.86.7
 
 
Cisco Remote PHY Device Software Linux Shell privilege escalationCVE-2019-1839
1405528.08.87.2
 
 
Cisco Integrated Management Controller Intelligent Platform Management Interface command injectionCVE-2019-1634
1405516.15.37.0
 
 
Valve Steam Client CreateMountPoint.exe privilege escalationCVE-2019-15316
1405506.55.37.8
 
 
Valve Steam Client SteamService.exe privilege escalationCVE-2019-15315
1405496.55.37.8
 
 
BitDefender Antivirus Free 2020 ServiceInstance.dll privilege escalationCVE-2019-15295
1405484.43.55.4
 
 
REDCap Data Import Tool Page cross site scriptingCVE-2019-15127
1405476.94.39.6
 
 
MantisBT Timeline my_view_page.php cross site scriptingCVE-2019-15074
1405465.35.35.3
 
 
Zoho ManageEngine ServiceDesk Plus AjaxDomainServlet User information disclosureCVE-2019-15045
1405456.55.37.8
 
 
Trend Micro Products DLL privilege escalationCVE-2019-14686
1405446.55.37.8
 
 
Trend Micro Security 2019 Service privilege escalationCVE-2019-14685
1405434.34.37.5
 
 
Zenoss XML-RPC Subsystem XXE information disclosureCVE-2019-14258
1405426.55.37.8
 
 
Zenoss pyraw privilege escalationCVE-2019-14257
1405415.44.36.5
 
 
CentOS-WebPanel.com CentOS Web Panel phpMyAdmin passwd information disclosureCVE-2019-14246
1405405.95.46.5
 
 
CentOS-WebPanel.com CentOS Web Panel Database denial of serviceCVE-2019-14245
1405395.35.35.3
 
 
CentOS-WebPanel.com CentOS Web Panel Login Time-Based information disclosureCVE-2019-13599

Do you know our Splunk app?

Download it now for free!