CVSSv3 08/22/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1406894.83.75.9
 
 
OpenPGP.js cryptographic issues0.05CVE-2019-9155
1406887.47.37.5
 
 
OpenPGP.js Cryptographic Signature signature verification0.00CVE-2019-9154
1406877.47.37.5
 
 
OpenPGP.js Cryptographic Signature signature verification0.00CVE-2019-9153
1406867.37.37.2
 
 
Elastic APM Agent CGI Collision input validation0.04CVE-2019-7617
1406857.47.37.5
 
 
Belwith Products Hickory Smart Ethernet Bridge MQTT Broker information disclosure0.04CVE-2019-5635
1406843.83.34.3
 
 
Belwith Products Hickory Smart Debug Log Event log file0.00CVE-2019-5634
1406833.33.3
 
 
 
Belwith Products Hickory Smart Secure Storage information disclosure0.04CVE-2019-5633
1406823.33.3
 
 
 
Belwith Products Hickory Smart Secure Storage information disclosure0.00CVE-2019-5632
1406815.24.36.1
 
 
wp-support-plus-responsive-ticket-system Plugin injection0.05CVE-2019-15331
1406806.45.37.5
 
 
webp-express Plugin information disclosure0.00CVE-2019-15330
1406796.54.38.8
 
 
import-users-from-csv-with-meta Plugin cross-site request forgery0.00CVE-2019-15329
1406785.24.36.1
 
 
import-users-from-csv-with-meta Plugin cross site scripting0.07CVE-2019-15328
1406775.24.36.1
 
 
import-users-from-csv-with-meta Plugin Import Data cross site scripting0.00CVE-2019-15327
1406767.47.37.5
 
 
import-users-from-csv-with-meta Plugin path traversal0.06CVE-2019-15326
1406757.47.37.5
 
 
GalliumOS 10-ptrace.conf 7pk security0.05CVE-2019-15325
1406747.56.38.8
 
 
ad-inserter Plugin input validation0.00CVE-2019-15324
1406737.47.37.5
 
 
ad-inserter Plugin path traversal0.00CVE-2019-15323
1406728.57.39.8
 
 
shortcode-factory Plugin input validation0.04CVE-2019-15322
1406718.57.39.8
 
 
option-tree Plugin injection0.08CVE-2019-15321
1406708.57.39.8
 
 
option-tree Plugin injection0.07CVE-2019-15320
1406698.57.39.8
 
 
option-tree Plugin Nonce injection0.00CVE-2019-15319
1406688.57.39.8
 
 
yikes-inc-easy-mailchimp-extender Plugin cross site scripting0.08CVE-2019-15318
1406674.43.55.4
 
 
give Plugin Donor Name cross site scripting0.04CVE-2019-15317
1406664.84.35.4
 
 
Tiki tiki-upload_file.php cross site scripting0.06CVE-2019-15314
1406657.56.38.8
 
 
TP-LINK TL-WR840N v4 traceroute input validation0.08CVE-2019-15060
1406647.06.57.5
 
 
NLTK Downloader ZIP Archive path traversal0.06CVE-2019-14751
1406637.47.37.5
 
 
Sphinx missing authentication0.07CVE-2019-14511
1406624.43.55.4
 
 
Nexus Repository Manager Stored cross site scripting0.00CVE-2019-14469
1406617.15.98.4
 
 
Docker Build command injection0.07CVE-2019-13139
1406604.43.55.4
 
 
Ampache localplay.php Reflected cross site scripting0.00CVE-2019-12386
1406597.56.38.8
 
 
Ampache Search Engine search.class.php sql injection0.00CVE-2019-12385
1406589.89.89.8
 
 
Mirasys VMS Auto Update DVRServer.exe IDVRUpdateService2 unrestricted upload0.00CVE-2019-11031
1406578.57.39.8
 
 
Mirasys VMS Garbage Collector SMServer.exe AuditTrailService deserialization0.05CVE-2019-11030
1406567.47.37.5
 
 
Mirasys VMS SMServer.exe Download path traversal0.05CVE-2019-11029
1406556.46.36.5
 
 
Nimble Streamer path traversal0.07CVE-2019-11013
1406547.57.57.5
 
 
wpgform Plugin Captcha Eval injection0.05CVE-2018-20988
1406538.57.39.8
 
 
newsletters-lite Plugin deserialization0.08CVE-2018-20987
1406524.43.55.4
 
 
advanced-custom-fields Plugin Author cross site scripting0.00CVE-2018-20986
1406518.57.39.8
 
 
wp-payeezy-pay Plugin pay.php input validation0.04CVE-2018-20985
1406508.57.39.8
 
 
patreon-connect Plugin injection0.04CVE-2018-20984

Want to stay up to date on a daily basis?

Enable the mail alert feature now!