CVSSv3 12/20/2019info

CVSSv3 Base »

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp »

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB »

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD »

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

Vendor »

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research »

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

IDBaseVDBNVDVendResVulnerabilityCVE
1475905.24.36.1
 
 
IBM Financial Transaction Manager Web UI cross site scriptingCVE-2019-4744
1475893.73.14.3
 
 
IBM Financial Transaction Manager Session weak encryptionCVE-2019-4743
1475886.26.36.1
 
 
IBM Financial Transaction Manager Clickjacking privilege escalationCVE-2019-4742
1475874.34.34.3
 
 
IBM Financial Transaction Manager cross site request forgeryCVE-2019-4736
1475864.43.55.4
 
 
IBM Cognos Analytics Web UI cross site scriptingCVE-2019-4555
1475854.34.34.3
 
 
IBM Cognos Analytics cross site request forgeryCVE-2019-4231
1475848.57.39.8
 
 
handlebars Remote Code ExecutionCVE-2019-19919
1475836.55.37.8
 
 
Lout z02.c srcnext() memory corruptionCVE-2019-19918
1475826.55.37.8
 
 
Lout z39.c StringQuotedWord() memory corruptionCVE-2019-19917
1475818.57.39.8
 
 
NeuVector Active Directory Authentication weak authenticationCVE-2019-19747
1475806.35.37.3
 
 
CA Client Automation File Access privilege escalationCVE-2019-19231
1475798.57.39.8
 
 
Log4j Deserialization SocketServer privilege escalationCVE-2019-17571
1475786.66.37.0
 
 
NetHack Configuration File memory corruptionCVE-2019-16787
1475776.56.07.1
 
 
Waitress HTTP Header privilege escalationCVE-2019-16786
1475766.56.07.1
 
 
Waitress Split privilege escalationCVE-2019-16785
1475756.45.37.5
 
 
Xiaomi DGNWG03LM/ZNCZ03LM/MCCGQ01LM/WSDCGQ01LM/RTCGQ01LM Zigbee denial of serviceCVE-2019-15915
1475746.45.37.5
 
 
Xiaomi DGNWG03LM/ZNCZ03LM/MCCGQ01LM/WSDCGQ01LM/RTCGQ01LM Zigbee denial of serviceCVE-2019-15914
1475737.45.09.8
 
 
Xiaomi DGNWG03LM/ZNCZ03LM/MCCGQ01LM/WSDCGQ01LM/RTCGQ01LM Zigbee weak encryptionCVE-2019-15913
1475726.45.37.5
 
 
Asus HG100/WS-101/TS-101 ZigBee Pro denial of serviceCVE-2019-15912
1475717.45.09.8
 
 
Asus HG100/WS-101/TS-101 ZigBee Pro weak encryptionCVE-2019-15911
1475706.45.37.5
 
 
Asus HG100/WS-101/TS-101 ZigBee Pro denial of serviceCVE-2019-15910
1475695.44.36.5
 
 
GitLab Community Edition/Enterprise Edition denial of serviceCVE-2019-15584
1475684.34.34.3
 
 
IBM Cognos Business Intelligence cross site request forgeryCVE-2018-1934
1475675.24.36.1
 
 
Midori Browser Content Security Policy cross site scriptingCVE-2019-19916
1475665.24.36.1
 
 
phpMyChat-Plus Password Reset URL pass_reset.php cross site scriptingCVE-2019-19908
1475655.44.36.5
 
 
3S-Smart CODESYS SP Realtime NT NULL Pointer Dereference denial of serviceCVE-2019-19789
1475646.25.37.1
 
 
Trend Micro Security 2020 privilege escalationCVE-2019-19693
1475635.24.36.1
 
 
Trend Micro Apex One Product Console cross site scriptingCVE-2019-19692
1475623.82.74.9
 
 
Trend Micro Apex One/OfficeScan XG Development Tool Credentials information disclosureCVE-2019-19691
1475615.44.36.5
 
 
Philips Veradius Unity weak encryptionCVE-2019-18263
14756010.010.010.0
 
 
Palo Alto PAN-OS Log Forwarding Card privilege escalationCVE-2019-17440
1475595.24.36.1
 
 
Swagger-UI Key Name cross site scriptingCVE-2016-1000229
1475586.45.37.5
 
 
negotiator Regular Expression ReDoS denial of serviceCVE-2016-1000022
1475576.67.35.9
 
 
GnuTLS CBC Mode weak authenticationCVE-2015-8313
1475567.57.57.5
 
 
gnome-keyring gnome_keyring_lock_all_sync privilege escalationCVE-2012-6111
1475558.57.39.8
 
 
CUPS Localhost cupsd.conf privilege escalationCVE-2012-6094
1475546.46.36.5
 
 
LibreOffice/OpenOffice Embedded Content privilege escalationCVE-2012-5639
1475536.55.37.8
 
 
ecryptfs-utils suid Helper privilege escalationCVE-2012-3409

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!