CVSSv3 10/01/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1428125.96.55.3
 
 
Online Store delete_product.php missing authentication0.00CVE-2019-8292
1428117.06.57.5
 
 
Online Store delete_file.php path traversal0.00CVE-2019-8291
1428105.24.36.1
 
 
Online Store Registration Form sent_register.php cross site scripting0.06CVE-2019-8290
1428094.43.55.4
 
 
Online Store user_view.php Stored cross site scripting0.01CVE-2019-8289
1428084.43.55.4
 
 
Online Store user_view.php Stored cross site scripting0.06CVE-2019-8288
1428075.44.36.5
 
 
Elastic Code Repository Import permission assignment0.06CVE-2019-7618
1428066.45.37.5
 
 
Linux Kernel cxgb4 Driver mem.c write_tpt_entry memory corruption0.05CVE-2019-17075
1428054.43.55.4
 
 
XunRuiCMS Stored cross site scripting0.00CVE-2019-17074
1428045.95.46.5
 
 
emlog path traversal0.08CVE-2019-17073
1428036.67.16.1
 
 
JetBrains YouTrack Whitelist redirect0.01CVE-2019-15041
1428025.66.34.9
 
 
JetBrains TeamCity information disclosure0.02CVE-2019-15035
1428017.47.37.5
 
 
Apache MINA TLS Message cleartext transmission0.06CVE-2019-0231
1428004.43.55.4
 
 
IBM Jazz Reporting Service Web UI cross site scripting0.07CVE-2019-4497
1427994.43.55.4
 
 
IBM Jazz Reporting Service Web UI cross site scripting0.00CVE-2019-4495
1427984.43.55.4
 
 
IBM Jazz Reporting Service Web UI cross site scripting0.00CVE-2019-4494
1427974.53.75.3
 
 
IBM Daeja ViewONE Virtual information disclosure0.04CVE-2019-4246
1427965.94.37.5
 
 
PuTTY SSH-1 input validation0.00CVE-2019-17069
1427957.47.37.5
 
 
PuTTY Protection Mechanism Clipboard injection0.00CVE-2019-17068
1427947.55.39.8
 
 
PuTTY Port-Forwarding allocation of resources0.00CVE-2019-17067
1427934.43.35.5
 
 
Xpdf Catalog.cc Catalog.pageLabels null pointer dereference0.07CVE-2019-17064
1427924.43.35.5
 
 
Snowtide PDFxStream Page-Tree input validation0.07CVE-2019-17063
1427914.35.33.3
 
 
Linux Kernel AF_NFC Network Module llcp_sock.c llcp_sock_create default permission0.08CVE-2019-17056
1427904.35.33.3
 
 
Linux Kernel AF_ISDN Network Module socket.c base_sock_create input validation0.00CVE-2019-17055
1427894.35.33.3
 
 
Linux Kernel AF_APPLETALK Network Module ddp.c atalk_create default permission0.08CVE-2019-17054
1427884.35.33.3
 
 
Linux Kernel AF_IEEE802154 Network Module socket.c ieee802154_create default permission0.05CVE-2019-17053
1427874.35.33.3
 
 
Linux Kernel AF_AX25 Network Module af_ax25.c ax25_create default permission0.08CVE-2019-17052
1427868.57.39.8
 
 
FasterXML jackson-databind JSON Endpoint input validation0.00CVE-2019-16943
1427858.57.39.8
 
 
FasterXML jackson-databind RMI Endpoint input validation0.05CVE-2019-16942
1427846.55.37.8
 
 
Google Chrome OS Imagination Technologies Driver card1 PVRSRVBridgeSyncPrimOpCreate integer overflow0.00CVE-2019-16508
1427839.89.89.8
 
 
Victure PC530 Telnet Service missing authentication0.00CVE-2019-15940

Do you want to use VulDB in your project?

Use the official API to access entries easily!