Community
Number one vulnerability management and threat intelligence platform documenting and explaining vulnerabilities since 1970.
Announcement
Please be aware!
Unfortunately, since nearly two weeks the services of NVD are not or just badly reachable. We are not depending on NVD as a primary source. Therefore, our data processing and update handling is not affected at all by such outages.
Threat Intelligence
Our unique Cyber Threat Intelligence aims to determine the ongoing research of APT actors to anticipiate their acitivities. The CTI team is mapping structures of countries and their relationships to identify tensions and possible attack scenarios. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and social media exchanges makes it possible to identify planned attacks. The Threat Intelligence Platform (TIP) illustrates the interest of cybercriminals and state actors in real-time.
Recent
The moderation team is monitoring different sources 24/7 for the disclosure of information about new or existing vulnerabilitities. If a new issue is determined, additional data from other sources is collected and a new VulDB entry created. This entry is then pushed to customers, the web site and accessible via API and social media accounts. Please use the submit feature to suggest new sources and entries.
Updates
If the moderation team detects changes of existing vulnerabilities or new data of existing vulnerabilities are getting published, the old entries will be updated. This happens if needed and on a regular basis which concludes in a maximum of data quality. Every entry contains a timestamp of the last update and a change log of updated fields. Please use the edit feature to commit updates to existing entries.
CVSS Current Top
Top vulnerabilities with the highest CVSSv3 temp scores at the moment. The score is generated by separate values which are called vectors. Those vectors define the structure of the vulnerability. They rely on attack prerequisites and impact. The calculated score ranges between 0.0 and 10.0 whereas a high value declares a high risk. The main score is the base score which analyses the structure of the vulnerability only. The extended score called temp score introduces time-based aspects like exploit and countermeasure availability. Our moderators classify every entry to generate a CVSS score as accurate as posible.
Exploit Price Current Top
Top vulnerabilities with the highest exploit price at the moment. These price estimations are calculated prices based on mathematical algorithm. This algorithm got developed by our specialists over the years by observing the exploit market structure and exchange behavior of involved actors. It allows the prediction of generic prices by considering multiple technical aspects of the affected vulnerability. The more technical details are available the higher the accuracy of the reproducable approximation.
Latest Exploits
Exploits are small tools or larger frameworks which help to exploit a vulnerability or even fully automate the exploitation. The development of exploits takes time and effort which is why an exploit market exists. By observing the market structure it is possible to determine current and to forecast future prices. This information might influence a risk assessment.
Latest Videos
Some resarcher or news outlet provide videos discussing vulnerabilities, their possible exploitation or recommended countermeasures. Adding these videos to the vulnerability entries helps users to understand issues and how to address them properly. VulDB is linking to different external video sources and is therefore not responsible for their respective contents.