CVSSv3 11/26/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCTICVE
1467997.87.8
 
 
 
rConfig privileges management0.00CVE-2019-19268
1464437.36.38.3
 
 
Cloudera HUE LdapBackend improper authentication0.00CVE-2019-7319
1464428.57.39.8
 
 
F5 BIG-IP Active Directory/LDAP/Client Certificate improper authentication0.04CVE-2019-6675
1464416.85.37.57.5
 
ISC BIND denial of service0.07CVE-2019-6477
1464406.36.36.3
 
 
IBM Sterling B2B Integrator Standard Edition Back-End Database sql injection0.09CVE-2019-4387
1464398.57.39.8
 
 
Cesanta Mongoose mongoose.c integer overflow0.00CVE-2019-19307
1464384.43.55.4
 
 
Zoho CRM Lead Magnet Plugin Module cross site scripting0.05CVE-2019-19306
1464376.45.37.5
 
 
typed_ast Python Interpreter ast_for_arguments out-of-bounds read0.00CVE-2019-19275
1464366.45.37.5
 
 
typed_ast Python Interpreter handle_keywordonly_args out-of-bounds read0.00CVE-2019-19274
1464354.43.55.4
 
 
Dolibarr CRM/ERP Profile Picture viewimage.php Stored cross site scripting0.00CVE-2019-19206
1464345.24.36.1
 
 
AfterLogic Webmail Pro/Aurora Attachment Name Stored cross site scripting0.00CVE-2019-19129
1464336.45.37.5
 
 
Squid Web Proxy HTTP Digest Authentication information disclosure0.04CVE-2019-18679
1464326.37.35.3
 
 
Squid Web Proxy URL request smuggling0.05CVE-2019-18678
1464316.67.16.1
 
 
Squid Web Proxy Hostname cross-site request forgery0.00CVE-2019-18677
1464307.47.37.5
 
 
Squid Web Proxy URI Scheme input validation0.08CVE-2019-18676
1464298.57.39.8
 
 
Dell EMC Storage Monitoring/Reporting Java RMI Deserialization deserialization0.05CVE-2019-18580
1464285.36.34.3
 
 
GitLab Community Edition/Enterprise Edition Permission permission assignment0.00CVE-2019-18463
1464275.36.34.3
 
 
GitLab Community Edition/Enterprise Edition Permission privileges management0.00CVE-2019-18462
1464265.36.34.3
 
 
GitLab Community Edition/Enterprise Edition Sub Group Epic information disclosure0.05CVE-2019-18461
1464257.47.37.5
 
 
GitLab Community Edition/Enterprise Edition Access Control information disclosure0.00CVE-2019-18460
1464246.37.35.3
 
 
GitLab Community Edition/Enterprise Edition Environment permission assignment0.00CVE-2019-18459
1464233.74.72.7
 
 
GitLab Community Edition/Enterprise Edition Permission permissions0.00CVE-2019-18458
1464227.56.38.8
 
 
GitLab Community Edition/Enterprise Edition Security Token permissions0.00CVE-2019-18457
1464216.37.35.3
 
 
GitLab Community Edition/Enterprise Edition Elasticsearch information disclosure0.07CVE-2019-18456
1464206.45.37.5
 
 
GitLab Community Edition/Enterprise Edition Nested GraphQL Query infinite loop0.05CVE-2019-18455
1464195.24.36.1
 
 
GitLab Community Edition/Enterprise Edition Rdoc Wiki Page cross site scripting0.00CVE-2019-18454
1464185.36.34.3
 
 
GitLab Community Edition/Enterprise Edition Comment permission assignment0.06CVE-2019-18453
1464176.37.35.3
 
 
GitLab Community Edition/Enterprise Edition Private Project permission assignment0.00CVE-2019-18452
1464166.67.16.1
 
 
GitLab Community Edition/Enterprise Edition Internal Redirect Filter redirect0.00CVE-2019-18451
1464155.36.34.3
 
 
GitLab Community Edition/Enterprise Edition Project Label permission assignment0.00CVE-2019-18450
1464145.36.34.3
 
 
GitLab Community Edition/Enterprise Edition Autocomplete information disclosure0.00CVE-2019-18449
1464136.46.36.5
 
 
GitLab Community Edition/Enterprise Edition Access Control information disclosure0.00CVE-2019-18448
1464125.36.34.3
 
 
GitLab Community Edition/Enterprise Edition Permission permission assignment0.00CVE-2019-18447
1464115.36.34.3
 
 
GitLab Community Edition/Enterprise Edition Permission permission assignment0.00CVE-2019-18446
1464107.05.38.8
 
 
CSRF Magic Library CSRF Protection csrf_callback cross-site request forgery0.07CVE-2019-17590
1464099.89.89.8
 
 
Progress Sitefinity Password Recovery weak password recovery0.00CVE-2019-17392
1464084.34.34.3
 
 
PEGA Platform Audit Log information disclosure0.07CVE-2019-16388
1464076.24.38.1
 
 
PEGA Platform exposure of resource0.04CVE-2019-16387
1464064.34.34.3
 
 
PEGA Platform information disclosure0.00CVE-2019-16386
1464058.57.39.8
 
 
Ruby shell.rb injection0.06CVE-2019-16255

Do you know our Splunk app?

Download it now for free!