Community

Number one vulnerability management and threat intelligence platform documenting and explaining vulnerabilities since 1970.

Vulnerability of the Day

Microsoft Edge unknown vulnerability

A vulnerability was found in Microsoft Edge. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to an unknown weakness. This vulnerability was named CVE-2024-26163. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Changelog

Today 03/19/2024

  • [Feature] In API 3.59 added support for CVSSv4 with the fields family vulnerability_cvss4_vuldb_*.

Threat Intelligence

Our unique Cyber Threat Intelligence aims to determine the ongoing research of APT actors to anticipiate their acitivities. The CTI team is mapping structures of countries and their relationships to identify tensions and possible attack scenarios. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and social media exchanges makes it possible to identify planned attacks. The Threat Intelligence Platform (TIP) illustrates the interest of cybercriminals and state actors in real-time.

Recent

The moderation team is monitoring different sources 24/7 for the disclosure of information about new or existing vulnerabilitities. If a new issue is determined, additional data from other sources is collected and a new VulDB entry created. This entry is then pushed to customers, the web site and accessible via API and social media accounts. Please use the submit feature to suggest new sources and entries.

Updates

If the moderation team detects changes of existing vulnerabilities or new data of existing vulnerabilities are getting published, the old entries will be updated. This happens if needed and on a regular basis which concludes in a maximum of data quality. Every entry contains a timestamp of the last update and a change log of updated fields. Please use the edit feature to commit updates to existing entries.

CVSS Current Top

Top vulnerabilities with the highest CVSSv3 temp scores at the moment. The score is generated by separate values which are called vectors. Those vectors define the structure of the vulnerability. They rely on attack prerequisites and impact. The calculated score ranges between 0.0 and 10.0 whereas a high value declares a high risk. The main score is the base score which analyses the structure of the vulnerability only. The extended score called temp score introduces time-based aspects like exploit and countermeasure availability. Our moderators classify every entry to generate a CVSS score as accurate as posible.

Exploit Price Current Top

Top vulnerabilities with the highest exploit price at the moment. These price estimations are calculated prices based on mathematical algorithm. This algorithm got developed by our specialists over the years by observing the exploit market structure and exchange behavior of involved actors. It allows the prediction of generic prices by considering multiple technical aspects of the affected vulnerability. The more technical details are available the higher the accuracy of the reproducable approximation.

Latest Exploits

Exploits are small tools or larger frameworks which help to exploit a vulnerability or even fully automate the exploitation. The development of exploits takes time and effort which is why an exploit market exists. By observing the market structure it is possible to determine current and to forecast future prices. This information might influence a risk assessment.

Latest Videos

Some resarcher or news outlet provide videos discussing vulnerabilities, their possible exploitation or recommended countermeasures. Adding these videos to the vulnerability entries helps users to understand issues and how to address them properly. VulDB is linking to different external video sources and is therefore not responsible for their respective contents.

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!