CVSSv3 09/09/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1415005.57.33.7
 
 
GitLab Community Edition/Enterprise Edition Access Control privilege escalationCVE-2019-7176
1414994.85.34.3
 
 
GitLab Community Edition/Enterprise Edition Access Control information disclosureCVE-2019-6997
1414985.87.34.3
 
 
GitLab Enterprise Edition Access Control privilege escalationCVE-2019-6996
1414976.97.36.5
 
 
GitLab Community Edition/Enterprise Edition Access Control privilege escalationCVE-2019-6995
1414968.57.39.8
 
 
GitLab Community Edition/Enterprise Edition Access Control privilege escalationCVE-2019-6960
1414955.96.35.4
 
 
GitLab Community Edition/Enterprise Edition spoofingCVE-2019-6795
1414944.85.34.3
 
 
GitLab Community Edition/Enterprise Edition Project Import Commit information disclosureCVE-2019-6794
1414937.27.37.0
 
 
GitLab Community Edition/Enterprise Edition Jira Integration Server-Side Request ForgeryCVE-2019-6793
1414925.35.35.3
 
 
GitLab Community Edition/Enterprise Edition Project Import Error information disclosureCVE-2019-6792
1414916.97.36.5
 
 
GitLab Community Edition/Enterprise Edition Access Control privilege escalationCVE-2019-6791
1414904.85.34.3
 
 
GitLab Community Edition/Enterprise Edition Permission information disclosureCVE-2019-6789
1414896.45.37.5
 
 
GitLab Community Edition/Enterprise Edition information disclosureCVE-2019-6788
1414886.97.36.5
 
 
GitLab Community Edition/Enterprise Edition Access Control privilege escalationCVE-2019-6786
1414875.95.36.5
 
 
GitLab Community Edition/Enterprise Edition Project Import denial of serviceCVE-2019-6785
1414865.24.36.1
 
 
GitLab Community Edition/Enterprise Edition KaTeX Persistent cross site scriptingCVE-2019-6784
1414858.07.38.8
 
 
GitLab Community Edition/Enterprise Edition directory traversalCVE-2019-6783
1414846.45.37.5
 
 
GitLab Community Edition/Enterprise Edition Project information disclosureCVE-2019-6782
1414835.35.35.3
 
 
Seneca Environment Variable information disclosureCVE-2019-5483
1414825.94.77.2
 
 
GitLab Community Edition/Enterprise Edition Email Verification weak authenticationCVE-2019-5473
1414814.43.55.4
 
 
GitLab Community Edition/Enterprise Edition Email Notification Persistent cross site scriptingCVE-2019-5471
1414804.43.55.4
 
 
GitLab Community Edition/Enterprise Edition Wiki Page Persistent cross site scriptingCVE-2019-5467
1414795.35.35.3
 
 
GitLab Community Edition/Enterprise Edition Authorization information disclosureCVE-2019-5463
1414784.55.53.5
 
 
GitLab Community Edition/Enterprise Edition Service Integration Internal privilege escalationCVE-2019-5461
1414778.57.39.8
 
 
DocCms Module Management File managemodel.php upload_model() PHP Code Execution privilege escalationCVE-2019-16192
1414768.57.39.8
 
 
D-Link DIR-868L REVB/DIR-885L REVA/DIR-895L REVA SharePort Web Access folder_view.php weak authenticationCVE-2019-16190
1414756.96.37.5
 
 
LimeSurvey Cookie httponly privilege escalationCVE-2019-16187
1414745.94.77.2
 
 
LimeSurvey Plugin Manager privilege escalationCVE-2019-16186
1414735.94.77.2
 
 
LimeSurvey Permission privilege escalationCVE-2019-16185
1414728.57.39.8
 
 
LimeSurvey Response command injectionCVE-2019-16184
1414713.74.72.7
 
 
LimeSurvey Integrity Check privilege escalationCVE-2019-16183
1414705.75.36.1
 
 
LimeSurvey File Upload Reflected cross site scriptingCVE-2019-16182
1414694.15.42.7
 
 
LimeSurvey Notification privilege escalationCVE-2019-16181
1414684.53.75.3
 
 
LimeSurvey LDAP Authentication Brute Force information disclosureCVE-2019-16180
1414676.37.35.3
 
 
LimeSurvey Default Configuration TLS weak encryptionCVE-2019-16179
1414664.43.55.4
 
 
LimeSurvey Home Page Stored cross site scriptingCVE-2019-16178
1414656.45.37.5
 
 
LimeSurvey Cache information disclosureCVE-2019-16177
1414645.35.35.3
 
 
LimeSurvey information disclosureCVE-2019-16176
1414635.36.34.3
 
 
LimeSurvey Clickjacking privilege escalationCVE-2019-16175
1414628.07.38.8
 
 
LimeSurvey Import privilege escalationCVE-2019-16174
1414614.43.55.4
 
 
LimeSurvey Survey_Common_Action.php Reflected cross site scriptingCVE-2019-16173

Do you know our Splunk app?

Download it now for free!