CVSSv3 08/27/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1409526.45.37.5
 
 
RIOT TCP Implementation gnrc_tcp_option.c Loop denial of service0.00CVE-2019-15702
1409518.07.38.8
 
 
BloodHound Autocomplete HelpModal.jsx OS Command Injection privilege escalation0.12CVE-2019-15701
1409505.24.36.1
 
 
Frappe Framework Timeline timeline.js HTML Injection cross site scripting0.00CVE-2019-15700
1409494.34.34.3
 
 
Octopus Deploy information disclosure0.00CVE-2019-15698
1409488.57.39.8
 
 
Imagely NextGEN Gallery Plugin package.module.nextgen_gallery_display.php sql injection0.00CVE-2019-14314
1409478.57.39.8
 
 
Xymon Status-Log Viewer svcstatus.c Stack-based memory corruption0.00CVE-2019-13486
1409468.57.39.8
 
 
Xymon History Viewer history.c Stack-based memory corruption0.00CVE-2019-13485
1409458.57.39.8
 
 
Xymon Status-Log Viewer appfeed.c memory corruption0.00CVE-2019-13484
1409448.57.39.8
 
 
Xymon CGI Tool acknowledge.c Stack-based memory corruption0.00CVE-2019-13455
1409438.57.39.8
 
 
Xymon reportlog.c memory corruption0.00CVE-2019-13452
1409428.57.39.8
 
 
Xymon history.c memory corruption0.00CVE-2019-13451
1409415.24.36.1
 
 
Xymon CGI Script csvinfo cross site scripting0.00CVE-2019-13274
1409408.57.39.8
 
 
Xymon CGI Script csvinfo sprintf memory corruption0.00CVE-2019-13273
1409397.56.38.8
 
 
Edimax BR-6208AC V1 ARP privilege escalation0.00CVE-2019-13271
1409387.56.38.8
 
 
Edimax BR-6208AC V1 IGMP Group privilege escalation0.00CVE-2019-13270
1409377.56.38.8
 
 
Edimax BR-6208AC V1 DHCP privilege escalation0.00CVE-2019-13269
1409367.56.38.8
 
 
TP-LINK Archer C3200 V1/Archer C2 V1 ARP privilege escalation0.00CVE-2019-13268
1409357.56.38.8
 
 
TP-LINK Archer C3200 V1/Archer C2 V1 IGMP Group privilege escalation0.00CVE-2019-13267
1409347.56.38.8
 
 
TP-LINK Archer C3200 V1/Archer C2 V1 DHCP privilege escalation0.00CVE-2019-13266
1409337.56.38.8
 
 
D-Link DIR-825AC G1 ARP privilege escalation0.00CVE-2019-13265
1409327.56.38.8
 
 
D-Link DIR-825AC G1 IGMP Group privilege escalation0.00CVE-2019-13264
1409317.56.38.8
 
 
D-Link DIR-825AC G1 DHCP privilege escalation0.00CVE-2019-13263
1409306.54.38.8
 
 
wp-members plugin cross site request forgery0.00CVE-2019-15660
1409298.57.39.8
 
 
pie-register Plugin sql injection0.06CVE-2019-15659
1409285.36.34.3
 
 
stops-core-theme-and-plugin-updates Plugin Option Change Nonce privilege escalation0.00CVE-2019-15650
1409277.56.38.8
 
 
File Upload privilege escalation0.00CVE-2019-15649
1409266.46.36.5
 
 
Subscriber privilege escalation0.00CVE-2019-15648
1409257.56.38.8
 
 
groundhogg Plugin Remote Code Execution0.00CVE-2019-15647
1409248.57.39.8
 
 
rsvpmaker Plugin sql injection0.00CVE-2019-15646
1409236.54.38.8
 
 
zoho-salesiq Plugin cross site request forgery0.00CVE-2019-15645
1409225.24.36.1
 
 
zoho-salesiq Plugin Stored cross site scripting0.00CVE-2019-15644
1409215.24.36.1
 
 
ultimate-faqs Plugin cross site scripting0.00CVE-2019-15643
1409205.36.34.3
 
 
Alkacon OpenCms clearhistory.jsp Local File Inclusion privilege escalation0.00CVE-2019-13237
1409195.24.36.1
 
 
Alkacon OpenCms Management Interface Storage cross site scripting0.00CVE-2019-13236
1409185.24.36.1
 
 
Alkacon OpenCms Apollo Template Login Form cross site scripting0.06CVE-2019-13235
1409175.24.36.1
 
 
Alkacon OpenCms Apollo Template Search Engine cross site scripting0.00CVE-2019-13234
1409166.54.38.8
 
 
MicroPyramid Django CRM cross site request forgery0.12CVE-2019-11457
1409156.54.38.8
 
 
bbp-move-topics Plugin cross site request forgery0.00CVE-2018-21006
1409148.57.39.8
 
 
bbp-move-topics Plugin Code Injection privilege escalation0.00CVE-2018-21005
1409138.57.39.8
 
 
rsvpmaker Plugin sql injection0.00CVE-2018-21004

Do you want to use VulDB in your project?

Use the official API to access entries easily!