CVSSv3 November 2019info

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

C3BM Index »

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

PublishedBaseVDBNVDVendResVulnerabilityCTICVE
11/30/20196.36.3
 
 
 
Microsoft Excel XML Import xml external entity reference0.04
11/30/20197.57.37.8
 
 
Free Photo Viewer BMP File unrestricted upload0.19CVE-2019-19468
11/30/20196.37.35.3
 
 
CBC Gem App encryption0.04CVE-2019-19464
11/30/20196.37.35.3
 
 
Anhui Huami Mi Fit App Update Check encryption0.04CVE-2019-19463
11/30/20194.43.35.5
 
 
Linux Kernel relay.c relay_open null pointer dereference0.09CVE-2019-19462
11/30/20193.82.74.9
 
 
ProFTPD tls_verify_crl null pointer dereference0.04CVE-2019-19269
11/30/20195.63.77.5
 
 
Zabbix encryption0.09CVE-2013-7484
11/29/20193.52.44.6
 
 
Huawei Honor Play Screen Lock information disclosure0.04CVE-2019-5309
11/29/20193.44.32.4
 
 
Huawei 20 RS ADB Mode authorization0.04CVE-2019-5308
11/29/20195.96.35.4
 
 
Huawei Myna Cloud information disclosure0.19CVE-2019-5271
11/29/20196.55.37.8
 
 
Huawei Home Router authorization0.07CVE-2019-5269
11/29/20196.24.38.1
 
 
Huawei Home Router input validation0.05CVE-2019-5268
11/29/20194.02.55.5
 
 
Huawei HiSuite/HwBackup information disclosure0.09CVE-2019-5263
11/29/20195.45.35.5
 
 
Huawei Atlas 300/Atlas 500 buffer overflow0.05CVE-2019-5247
11/29/20196.45.37.5
 
 
Huawei Viewpoint random values0.04CVE-2019-5232
11/29/20195.45.35.5
 
 
Huawei P30/P30 Pro/Mate 20/HiSuite Upgrade Package input validation0.04CVE-2019-5227
11/29/20195.45.35.5
 
 
Huawei P30/P30 Pro/Mate 20/HiSuite Upgrade Package input validation0.09CVE-2019-5226
11/29/20196.55.37.8
 
 
Huawei P30/Mate 20/P30 Pro buffer overflow0.18CVE-2019-5225
11/29/20195.45.35.5
 
 
Huawei P30 Application out-of-bounds read0.04CVE-2019-5224
11/29/20197.56.38.8
 
 
Huawei Band 2/Honor Band 3 authentication0.19CVE-2019-5218
11/29/20195.45.35.5
 
 
Huawei Share Access Control information disclosure0.04CVE-2019-5212
11/29/20195.14.65.7
 
 
Huawei P20 Huawei Share input validation0.05CVE-2019-5211
11/29/20196.55.37.8
 
 
Nova 5i/5 array index0.04CVE-2019-5210
11/29/20194.43.35.5
 
 
GNOME Dia Encoding infinite loop0.04CVE-2019-19451
11/29/20196.45.37.5
 
 
illumos Thread ip_attr.c conn_ixa input validation0.00CVE-2019-19396
11/29/20198.27.39.1
 
 
LuaJIT type confusion0.07CVE-2019-19391
11/29/20195.75.36.1
 
 
FusionPBX dialplan_detail_edit.php cross site scripting0.09CVE-2019-19388
11/29/20195.75.36.1
 
 
FusionPBX fifo_interactive.php cross site scripting0.04CVE-2019-19387
11/29/20195.75.36.1
 
 
FusionPBX voicemail_greeting_edit.php cross site scripting0.05CVE-2019-19386
11/29/20195.75.36.1
 
 
FusionPBX dialplans.php cross site scripting0.05CVE-2019-19385
11/29/20195.75.36.1
 
 
FusionPBX fax_log_view.php cross site scripting0.05CVE-2019-19384
11/29/20196.55.37.8
 
 
Linux Kernel btrfs Filesystem raid56.c index_rbio_pages out-of-bounds write0.00CVE-2019-19378
11/29/20196.55.37.8
 
 
Linux Kernel btrfs Filesystem async-thread.c btrfs_queue_work use after free0.00CVE-2019-19377
11/29/20197.47.37.5
 
 
Allied Telesis AT-GS950-8 Web Interface path traversal0.05CVE-2019-18922
11/29/20195.85.06.6
 
 
ezmaster Admin Sys Mode unnecessary privileges0.09CVE-2019-16767
11/29/20197.66.68.7
 
 
wagtail-2fa authentication spoofing0.07CVE-2019-16766
11/29/20198.07.38.8
 
 
Linux Kernel Marvell Wifi Chip Driver resource consumption0.08CVE-2019-14901
11/29/20195.95.36.6
 
 
Linux Kernel Marvell Wifi Chip Driver stack-based buffer overflow0.09CVE-2019-14897
11/29/20196.75.58.0
 
 
Linux Kernel Marvell Wifi Chip Driver heap-based buffer overflow0.04CVE-2019-14895
11/29/20195.75.55.9
 
 
grub2 grub2-set-bootflag denial of service0.00CVE-2019-14865

Do you know our Splunk app?

Download it now for free!