CVSSv3 08/23/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1411909.89.89.8
 
 
Apache Tapestry HMAC Verification input validation0.06CVE-2019-10071
1407644.85.34.3
 
 
JIRA ServiceExecutor cross-site request forgery0.05CVE-2019-8447
1407635.35.35.3
 
 
JIRA issueTable Username improper authorization0.06CVE-2019-8446
1407625.35.35.3
 
 
JIRA Worklog permission0.05CVE-2019-8445
1407614.84.35.4
 
 
JIRA wikirenderer cross site scripting0.00CVE-2019-8444
1407606.55.37.8
 
 
Autodesk Autodesk Advanced Steel DLL Loader uncontrolled search path0.04CVE-2019-7364
1407596.55.37.8
 
 
Autodesk Design Review use after free0.00CVE-2019-7363
1407586.55.37.8
 
 
Autodesk Design Review DLL Loader untrusted search path0.00CVE-2019-7362
1407578.57.39.8
 
 
Fortinet FortiRecorder hard-coded credentials0.00CVE-2019-6698
1407568.57.39.8
 
 
Fortinet FortiManager VM Integrity Check input validation0.00CVE-2019-6695
1407555.24.36.1
 
 
Fortinet FortiNAC Web Page Generator Reflected cross site scripting0.06CVE-2019-5594
1407545.75.65.9
 
 
Fortinet FortiOS IPS Engine POODLE information disclosure0.07CVE-2019-5592
1407536.75.58.0
 
 
Palo Alto Networks Twistlock access control0.05CVE-2019-1583
1407525.94.77.2
 
 
Palo Alto PAN-OS Session memory corruption0.00CVE-2019-1582
1407518.57.39.8
 
 
Palo Alto PAN-OS input validation0.06CVE-2019-1581
1407508.57.39.8
 
 
Palo Alto PAN-OS Secure Shell Daemon memory corruption0.05CVE-2019-1580
1407498.57.39.8
 
 
proxystatistics Module DatabaseCommand.php sql injection0.06CVE-2019-15537
1407488.57.39.8
 
 
Acclaim Block Plugin delete_records sql injection0.00CVE-2019-15536
1407478.57.39.8
 
 
Tasking Manager sql injection0.07CVE-2019-15535
1407466.46.36.5
 
 
GNU Libextractor dvi_extractor.c EXTRACTOR_dvi_extract_method out-of-bounds read0.00CVE-2019-15531
1407457.56.38.8
 
 
D-Link DIR-823G HNAP1 command injection0.06CVE-2019-15530
1407447.56.38.8
 
 
D-Link DIR-823G HNAP1 command injection0.07CVE-2019-15529
1407437.56.38.8
 
 
D-Link DIR-823G HNAP1 SetStaticRouteSettings command injection0.04CVE-2019-15528
1407427.56.38.8
 
 
D-Link DIR-823G HNAP1 SetWanSettings command injection0.00CVE-2019-15527
1407417.56.38.8
 
 
D-Link DIR-823G HNAP1 command injection0.00CVE-2019-15526
1407406.85.68.1
 
 
pw3270 Terminal Emulator SSL Certificate Validator certificate validation0.05CVE-2019-15525
1407396.37.35.3
 
 
comelz Quark path traversal0.05CVE-2019-15520
1407388.57.39.8
 
 
Power-Response Plugin path traversal0.04CVE-2019-15519
1407376.37.35.3
 
 
Swoole swPort_http_static_handler path traversal0.00CVE-2019-15518
1407365.45.35.5
 
 
jc21 Nginx Proxy Manager path traversal0.07CVE-2019-15517
1407357.47.37.5
 
 
Cuberite WebAdmin path traversal0.05CVE-2019-15516
1407345.35.35.3
 
 
Telegram App Privacy information disclosure0.07CVE-2019-15514
1407338.57.39.8
 
 
openITCOCKPIT server-side request forgery0.00CVE-2019-15494
1407327.06.57.5
 
 
openITCOCKPIT access control0.05CVE-2019-15493
1407315.24.36.1
 
 
openITCOCKPIT Reflected cross site scripting0.00CVE-2019-15492
1407306.54.38.8
 
 
openITCOCKPIT cross-site request forgery0.00CVE-2019-15491
1407298.57.39.8
 
 
openITCOCKPIT code injection0.00CVE-2019-15490
1407285.24.36.1
 
 
Ignite Realtime Openfire LDAP Setup Test Reflected cross site scripting0.00CVE-2019-15488
1407275.24.36.1
 
 
DfE School Experience Teacher Training cross site scripting0.00CVE-2019-15487
1407265.24.36.1
 
 
django-js-reverse js_reverse_inline cross site scripting0.00CVE-2019-15486

Might our Artificial Intelligence support you?

Check our Alexa App!