CVSSv3 09/16/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1418795.44.76.1
 
 
OpenEMR cross site scripting0.00CVE-2019-8368
1418788.57.39.8
 
 
cURL TFTP Protocol buffer overflow0.00CVE-2019-5482
1418778.57.39.8
 
 
cURL FTP-Kerberos double free0.04CVE-2019-5481
1418765.94.77.2
 
 
IBM Sterling File Gateway Back-End Database sql injection0.05CVE-2019-4147
1418756.44.78.2
 
 
LogMeIn LastPass insufficiently protected credentials0.06CVE-2019-16371
1418745.34.85.9
 
 
Gradle PGP Signing SHA1 input validation0.06CVE-2019-16370
1418738.57.39.8
 
 
GitLab Omnibus logrotate privileges management0.07CVE-2019-15741
1418725.35.35.3
 
 
GitLab Community Edition/Enterprise Edition Image Upload Location information disclosure0.00CVE-2019-15740
1418715.24.36.1
 
 
GitLab Community Edition/Enterprise Edition Markdown cross site scripting0.00CVE-2019-15739
1418705.35.35.3
 
 
GitLab Community Edition/Enterprise Edition ID Email information disclosure0.08CVE-2019-15738
1418696.97.36.5
 
 
GitLab Community Edition/Enterprise Edition Session Management improper authentication0.00CVE-2019-15737
1418686.45.37.5
 
 
GitLab Community Edition/Enterprise Edition CI Pipeline resource consumption0.06CVE-2019-15736
1418674.34.34.3
 
 
GitLab Community Edition/Enterprise Edition Commit Title information disclosure0.00CVE-2019-15734
1418667.27.27.2
 
 
OpenEMR code injection0.06CVE-2019-8371
1418658.57.39.8
 
 
XS Javascript xsAPI.c fxBeginHost buffer overflow0.07CVE-2019-16366
1418644.43.35.5
 
 
Beego File Session Manager default permission0.04CVE-2019-16355
1418634.03.34.7
 
 
Beego File Session Manager race condition0.09CVE-2019-16354
1418626.45.37.5
 
 
Emerson GE Automation Proficy Machine Edition Traffic input validation0.04CVE-2019-16353
1418616.46.36.5
 
 
ffjpeg jfif.c jfif_load memory corruption0.00CVE-2019-16352
1418605.44.36.5
 
 
ffjpeg huffman.c huffman_decode_step null pointer dereference0.00CVE-2019-16351
1418595.44.36.5
 
 
ffjpeg dct.c idct2d8x8 null pointer dereference0.00CVE-2019-16350
1418584.43.35.5
 
 
Bento4 Ap4ByteStream.cpp ReadUI32 null pointer dereference0.00CVE-2019-16349
1418575.44.36.5
 
 
marc-q libwav wav_gain.c gain_file null pointer dereference0.09CVE-2019-16348
1418567.56.38.8
 
 
ngiflib ngiflib.c WritePixels memory corruption0.04CVE-2019-16347
1418557.56.38.8
 
 
ngiflib ngiflib.c WritePixel memory corruption0.09CVE-2019-16346
1418548.57.39.8
 
 
Escuela de Gestion Publica Plurinacional Sistema Integrado de Gestion Academica Authentication Form sql injection0.09CVE-2019-16264
1418535.24.36.1
 
 
Dolibarr HTTP Header card.php cross site scripting0.00CVE-2019-16197
1418526.76.37.1
 
 
GitLab Enterprise Edition Access Control permission assignment0.04CVE-2019-16170
1418518.57.39.8
 
 
D-Link DNS-320 CGI Script login_mgr.cgi os command injection0.09CVE-2019-16057
1418505.24.36.1
 
 
CRM Plugin vCard Data cross site scripting0.00CVE-2019-15950
1418494.34.34.3
 
 
GitLab Community Edition/Enterprise Edition Branch Name information disclosure0.00CVE-2019-15733
1418485.35.35.3
 
 
GitLab Community Edition/Enterprise Edition Project Import API information disclosure0.00CVE-2019-15732
1418476.37.35.3
 
 
GitLab Community Edition/Enterprise Edition Merge Request permission assignment0.04CVE-2019-15731
1418467.47.37.5
 
 
GitLab Community Edition/Enterprise Edition Jira Integration server-side request forgery0.04CVE-2019-15730
1418457.47.37.5
 
 
GitLab Community Edition/Enterprise Edition Kubernetes Integration server-side request forgery0.00CVE-2019-15728
1418445.35.35.3
 
 
GitLab Community Edition/Enterprise Edition Permission Check information disclosure0.00CVE-2019-15727
1418435.35.35.3
 
 
GitLab Community Edition/Enterprise Edition Markdown IP Address information disclosure0.00CVE-2019-15726
1418426.45.37.5
 
 
GitLab Community Edition/Enterprise Edition API information disclosure0.00CVE-2019-15725
1418415.24.36.1
 
 
GitLab Community Edition/Enterprise Edition Label Description injection0.00CVE-2019-15724
1418406.37.35.3
 
 
GitLab Community Edition/Enterprise Edition permission assignment0.00CVE-2019-15723

Do you know our Splunk app?

Download it now for free!