Data Points

Every entry consists of different data points. The more data points are available, the better the detail level of the entry will be. The following tables illustrates all supported data points. The API allows accessing them individually. VulDB provides the best data quality with more than 380 different vulnerability data points. This article is discussing the available data points provided by the current release of our service.

Simplicity is our primary goal when it comes to data accessibility. Some data points might consists of multiple data which will be provided as an array. If there is just one item, no such array will be used and the data delivered as single string instead. See the column Type to understand the appearance of the according data point.

Most data is stored in the so called Monoblock. This data repository contains all commits associated with an entry. Some data is based on the Meta information of these commits. And others called Virtual Fields are not stored but generated on demand.

The output format of the API (e.g. JSON, XML) can be defined by request. The naming of the data fields in this article is the internal naming of the fields and not the naming structure of the various output formats. They transpond very easily.

Vulnerabilities

Data PointTitleExampleTypeRepoAvailability
entry_idUnique ID of vuldb entry80928numbermetapublic (ro)
entry_titleTitle of the vulnerabilityGoogle Android binder.c memory corruptionstringvirtualpublic
entry_summaryQuick summary of the vulnerability (2-5 sentences)A vulnerability has been found in Google Android and classified as very critical. Affected by this issue is some functionality of the file binder.c. Applying a patch is able to eliminate this problem.stringvirtualpublic
entry_details_affectedTextual representation of affected productsA vulnerability classified as critical was found in Google Android (Smartphone Operating System) (affected version unknown).stringvirtualpublic
entry_details_vulnerabilityTextual representation of vulnerability detailsThe manipulation with an unknown input leads to a memory corruption vulnerability (Use-After-Free). The CWE definition for the vulnerability is CWE-416.stringvirtualpublic
entry_details_impactTextual representation of attack impactAs an impact it is known to affect confidentiality, integrity, and availability.stringvirtualpublic
entry_details_countermeasureTextual representation of countermeasure suggestionsApplying a patch is able to eliminate this problem.stringvirtualpublic
entry_details_sourcesTextual representation of source dataEntries connected to this vulnerability are available at 145533, 145532, 145530 and 145529.stringvirtualpublic
entry_timestamp_queueUnix timestamp of adding item to queue1044230400unix timestampmetainternal
entry_timestamp_createUnix timestamp of creating the entry1044230400unix timestampmetapublic
entry_timestamp_changeUnix timestamp of last change if the entry1454427609unix timestampmetapublic
entry_maintainer_queueName of person that added item to queueusr0133stringmetainternal
entry_maintainer_createName of person that created the entry initiallyusr0120stringmetainternal
entry_maintainer_changeName of person that updated the entry for the last timeusr201stringmetainternal
entry_replacesList of other entries which are declared duplicates and are replaced by this entry18273, 18277string arraymonoblockpublic
entry_replacedbyID of duplicate entry that got replaced by this entry18278numbermonoblockpublic
entry_changelogChange log with name of updated fields of the latest entry updatesource_securityfocus_date source_securityfocus_class advisory_reportconfidencestring arrayvirtualpublic
entry_locked_statusStatus if an entry is locked (e.g. due to changes not moderated yet)1numbermetapublic
entry_locked_reasonReason for an entry to be lockedupdate in progressstringmetapublic
entry_warningWarning message if entry could not be fully shownDetails not available, archive access not unlockedstringvirtualpublic
entry_smssIssue of smSS which discusses the item2019-01-19timestampmonoblockinternal
entry_smss_rankRanking number for smSS issue discussion1numbermonoblockinternal
software_typeType of affected softwareOperating Systemstringmonoblockpublic
software_vendorName of vendor of affected productMicrosoftstring/arraymonoblockpublic
software_nameName of affected product(s)Windowsstring/arraymonoblockpublic
software_versionVersion number(s) of affected productVista/7/8/8.1string/arraymonoblockpublic
software_rollingreleaseIf a product does not use version numbering but rolling release instead (1=yes, 0=no)1boolean (0, 1)monoblockpublic
software_platformName of affected platform(s)64-bitstring/arraymonoblockpublic
software_componentName of affected component(s)SSL Handlerstring/arraymonoblockpublic
software_fileName of affected file(s)ssl.exestringmonoblockpublic
software_libraryName of affected library(s)ssl.dllstringmonoblockpublic
software_functionName of affected function(s)decrypt()string/arraymonoblockpublic
software_argumentName of affected argument(s)$rawdatastring/arraymonoblockpublic
software_input_typeType of affected inputRegexstringmonoblockpublic
software_input_valueExample of input value to attack">foostring/arraymonoblockpublic
software_website_vendorURL of the web site of the vendor of affected producthttps://www.microsoft.com/stringvirtualpublic
software_website_productURL of the web site of the affected product itselfhttps://www.microsoft.com/en-us/windowsstringvirtualpublic
software_license_typeType of the license of the affected productopen-sourcestring (open-source, free, commercial)virtualpublic
software_license_nameName of the license of the affected productGNU GPLv3stringvirtualpublic
software_support_availabilityDeclaration if the software and/or version still gets vendor supportend of lifestringvirtualpublic
software_managedserviceIf a product is maintained and controlled as a managed service by a vendor (1=yes, 0=no)1boolean (0, 1)monoblockpublic
software_affectedlistList of affected products if very long and/or unordered (only if multiple and contradicting products are affected)Google Android, Linux Kernel, FreeBSDstring arraymonoblockpublic
software_notaffectedlistList of not affected products if very long and/or unordered (only if multiple and contradicting products are affected)Microsoft Windows ME/XPstring arraymonoblockpublic
software_cpeCPE 2.2-compatible list of affected products/versions, based on our own extended dictionarycpe:/o:microsoft:windows_7:-:sp1, cpe:/o:microsoft:windows_8.1, cpe:/o:microsoft:windows_10string arrayvirtualpublic
software_cpe23CPE 2.3-compatible list of affected products/versions, based on our own extended dictionarycpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*, cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*, cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*string arrayvirtualpublic
software_advisoryquoteQuote about the affected software from the original advisoryThe issue not well understood.stringmonoblockpublic
software_freetextenAdditional text describing the software (English)Additional verification has shown that the issue is affecting default installs only.stringmonoblockinternal
software_freetextdeAdditional text describing the software (German)Nachforschungen haben ergeben, dass die Schwachstelle nur bei Standardinstallationen auftritt.stringmonoblockinternal
vulnerability_namepopular name of the vulnerabilityShellshockstring/arraymonoblockpublic
vulnerability_titlewordAdditional word for the vulnerability titleCryptohammerstringmonoblockpublic
vulnerability_keywordsAdditional keywords for searchW32.Cyptohammer.Worm, BlackSSLstringmonoblockinternal
vulnerability_introductiondateUnix timestamp of introducing the vulnerability1071705600unix timestampmonoblockpublic
vulnerability_discoverydateUnix timestamp of discovering the vulnerability for the first time1071705600unix timestampmonoblockpublic
vulnerability_vendorinformdateUnix timestamp of informing the vendor about the vulnerability for the first time1097539200unix timestampmonoblockpublic
vulnerability_timelineTimeline of known events01/04/2016 | CVE assigned; 02/10/2016 | Advisory disclosed; 02/10/2016 | Exploit disclosed; 02/10/2016 | Countermeasure disclosed; 02/10/2016 | SecurityTracker entry created; 02/11/2016 | VulDB entry created; 02/15/2016 | VulDB entry updatedarray (unix timestamp, string, url)virtualpublic
vulnerability_className of the vulnerability classBuffer Overflowstringmonoblockpublic
vulnerability_cweCWE id of the vulnerability classCWE-121stringmonoblockpublic
vulnerability_attckFull identifier of MITRE ATT&CK techniqueT1059.007stringvirtualpublic
vulnerability_impactImpact of a succesful exploitationExecuting arbitrary codestringmonoblockpublic
vulnerability_riskscip Risk rating (1=problematic, 2=critical, 3=very critical)3number (1-3)monoblockpublic
vulnerability_simplicitySimplicity of exploitation (0-100)60number (0-100)monoblockpublic
vulnerability_popularityPopularity of the vulnerability (0-100)80number (0-100)monoblockpublic
vulnerability_historicHistorical impact of the issue (1=yes, 0=no)1boolean (0, 1)monoblockpublic
vulnerability_cvss2_vuldb_basescoreCVSSv2 Base Score by VulDB6.6number (0.0-10.0)monoblockpublic
vulnerability_cvss2_vuldb_tempscoreCVSSv2 Temp Score by VulDB6.2number (0.0-10.0)monoblockpublic
vulnerability_cvss2_vuldb_avCVSSv2 Base Score Access Vector by VulDBNstringmonoblockpublic
vulnerability_cvss2_vuldb_acCVSSv2 Base Score Access Complexity by VulDBMstringmonoblockpublic
vulnerability_cvss2_vuldb_auCVSSv2 Base Score Authentication by VulDBSstringmonoblockpublic
vulnerability_cvss2_vuldb_ciCVSSv2 Base Score Confidientality Impact by VulDBCstringmonoblockpublic
vulnerability_cvss2_vuldb_iiCVSSv2 Base Score Integrity Impact by VulDBCstringmonoblockpublic
vulnerability_cvss2_vuldb_aiCVSSv2 Base Score Availability Impact by VulDBCstringmonoblockpublic
vulnerability_cvss2_vuldb_rcCVSSv2 Base Score Report Confidence by VulDBCstringmonoblockpublic
vulnerability_cvss2_vuldb_rlCVSSv2 Base Score Remediation Level by VulDBOFstringmonoblockpublic
vulnerability_cvss2_vuldb_eCVSSv2 Base Score Exploitability by VulDBPOCstringmonoblockpublic
vulnerability_cvss2_vendor_basescoreCVSSv2 Base Score by Vendor6.6number (0.0-10.0)monoblockpublic
vulnerability_cvss2_vendor_tempscoreCVSSv2 Temp Score by Vendor6.2number (0.0-10.0)monoblockpublic
vulnerability_cvss2_vendor_avCVSSv2 Base Score Access Vector by VendorNstringmonoblockpublic
vulnerability_cvss2_vendor_acCVSSv2 Base Score Access Complexity by VendorMstringmonoblockpublic
vulnerability_cvss2_vendor_auCVSSv2 Base Score Authentication by VendorSstringmonoblockpublic
vulnerability_cvss2_vendor_ciCVSSv2 Base Score Confidientality Impact by VendorCstringmonoblockpublic
vulnerability_cvss2_vendor_iiCVSSv2 Base Score Integrity Impact by VendorCstringmonoblockpublic
vulnerability_cvss2_vendor_aiCVSSv2 Base Score Availability Impact by VendorCstringmonoblockpublic
vulnerability_cvss2_vendor_rcCVSSv2 Base Score Report Confidence by VendorCstringmonoblockpublic
vulnerability_cvss2_vendor_rlCVSSv2 Base Score Remediation Level by VendorOFstringmonoblockpublic
vulnerability_cvss2_vendor_eCVSSv2 Base Score Exploitability by VendorPOCstringmonoblockpublic
vulnerability_cvss2_researcher_basescoreCVSSv2 Base Score by Researcher6.6number (0.0-10.0)monoblockpublic
vulnerability_cvss2_researcher_tempscoreCVSSv2 Temp Score by Researcher6.2number (0.0-10.0)monoblockpublic
vulnerability_cvss2_researcher_avCVSSv2 Base Score Access Vector by ResearcherNstringmonoblockpublic
vulnerability_cvss2_researcher_acCVSSv2 Base Score Access Complexity by ResearcherMstringmonoblockpublic
vulnerability_cvss2_researcher_auCVSSv2 Base Score Authentication by ResearcherSstringmonoblockpublic
vulnerability_cvss2_researcher_ciCVSSv2 Base Score Confidientality Impact by ResearcherCstringmonoblockpublic
vulnerability_cvss2_researcher_iiCVSSv2 Base Score Integrity Impact by ResearcherCstringmonoblockpublic
vulnerability_cvss2_researcher_aiCVSSv2 Base Score Availability Impact by ResearcherCstringmonoblockpublic
vulnerability_cvss2_researcher_rcCVSSv2 Base Score Report Confidence by ResearcherCstringmonoblockpublic
vulnerability_cvss2_researcher_rlCVSSv2 Base Score Remediation Level by ResearcherOFstringmonoblockpublic
vulnerability_cvss2_researcher_eCVSSv2 Base Score Exploitability by ResearcherPOCstringmonoblockpublic
vulnerability_cvss2_nvd_basescoreCVSSv2 Base Score by NIST NVD6.6number (0.0-10.0)monoblockpublic
vulnerability_cvss2_nvd_tempscoreCVSSv2 Temp Score by NIST NVD6.2number (0.0-10.0)monoblockpublic
vulnerability_cvss2_nvd_avCVSSv2 Base Score Access Vector by NIST NVDNstringmonoblockpublic
vulnerability_cvss2_nvd_acCVSSv2 Base Score Access Complexity by NIST NVDMstringmonoblockpublic
vulnerability_cvss2_nvd_auCVSSv2 Base Score Authentication by NIST NVDSstringmonoblockpublic
vulnerability_cvss2_nvd_ciCVSSv2 Base Score Confidientality Impact by NIST NVDCstringmonoblockpublic
vulnerability_cvss2_nvd_iiCVSSv2 Base Score Integrity Impact by NIST NVDCstringmonoblockpublic
vulnerability_cvss2_nvd_aiCVSSv2 Base Score Availability Impact by NIST NVDCstringmonoblockpublic
vulnerability_cvss2_nvd_rcCVSSv2 Base Score Report Confidence by NIST NVDCstringmonoblockpublic
vulnerability_cvss2_nvd_rlCVSSv2 Base Score Remediation Level by NIST NVDOFstringmonoblockpublic
vulnerability_cvss2_nvd_eCVSSv2 Base Score Exploitability by NIST NVDPOCstringmonoblockpublic
vulnerability_cvss3_meta_basescoreCVSSv3 Base Meta Score calculation of all available risk sources7.8number (0.0-10.0)monoblockpublic
vulnerability_cvss3_meta_tempscoreCVSSv3 Temp Meta Score calculation of all available risk sources7.8number (0.0-10.0)monoblockpublic
vulnerability_cvss3_vuldb_basescoreCVSSv3 Base Score calculation by VulDB7.8number (0.0-10.0)monoblockpublic
vulnerability_cvss3_vuldb_tempscoreCVSSv3 Temp Score calculation by VulDB7.8number (0.0-10.0)monoblockpublic
vulnerability_cvss3_vuldb_basevectorCVSSv3 Base Vector generation by VulDBAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:Lstringvirtualpublic
vulnerability_cvss3_vuldb_tempvectorCVSSv3 Temp Vector generation by VulDBE:X/RL:O/RC:Cstringvirtualpublic
vulnerability_cvss3_vuldb_avCVSSv3 Base Score Access Vector by VulDBNstringmonoblockpublic
vulnerability_cvss3_vuldb_acCVSSv3 Base Score Attack Complexity by VulDBLstringmonoblockpublic
vulnerability_cvss3_vuldb_prCVSSv3 Base Score Privileges Required by VulDBLstringmonoblockpublic
vulnerability_cvss3_vuldb_uiCVSSv3 Base Score User Interactivity Required by VulDBNstringmonoblockpublic
vulnerability_cvss3_vuldb_sCVSSv3 Base Score Scope Change by VulDBCstringmonoblockpublic
vulnerability_cvss3_vuldb_cCVSSv3 Base Score Confidientality Impact by VulDBHstringmonoblockpublic
vulnerability_cvss3_vuldb_iCVSSv3 Base Score Integrity Impact by VulDBHstringmonoblockpublic
vulnerability_cvss3_vuldb_aCVSSv3 Base Score Availability Impact by VulDBHstringmonoblockpublic
vulnerability_cvss3_vuldb_rcCVSSv3 Base Score Report Confidence by VulDBCstringmonoblockpublic
vulnerability_cvss3_vuldb_rlCVSSv3 Base Score Remediation Level by VulDBOstringmonoblockpublic
vulnerability_cvss3_vuldb_eCVSSv3 Base Score Exploitability (Exploit Code Maturity) by VulDBPstringmonoblockpublic
vulnerability_cvss3_vendor_basescoreCVSSv3 Base Score calculation by Vendor7.8number (0.0-10.0)monoblockpublic
vulnerability_cvss3_vendor_tempscoreCVSSv3 Temp Score calculation by Vendor7.6number (0.0-10.0)monoblockpublic
vulnerability_cvss3_vendor_avCVSSv3 Base Score Access Vector by VendorNstringmonoblockpublic
vulnerability_cvss3_vendor_acCVSSv3 Base Score Attack Complexity by VendorLstringmonoblockpublic
vulnerability_cvss3_vendor_prCVSSv3 Base Score Privileges Required by VendorLstringmonoblockpublic
vulnerability_cvss3_vendor_uiCVSSv3 Base Score User Interactivity Required by VendorNstringmonoblockpublic
vulnerability_cvss3_vendor_sCVSSv3 Base Score Scope Change by VendorCstringmonoblockpublic
vulnerability_cvss3_vendor_cCVSSv3 Base Score Confidientality Impact by VendorHstringmonoblockpublic
vulnerability_cvss3_vendor_iCVSSv3 Base Score Integrity Impact by VendorHstringmonoblockpublic
vulnerability_cvss3_vendor_aCVSSv3 Base Score Availability Impact by VendorHstringmonoblockpublic
vulnerability_cvss3_vendor_rcCVSSv3 Base Score Report Confidence by VendorCstringmonoblockpublic
vulnerability_cvss3_vendor_rlCVSSv3 Base Score Remediation Level by VendorOstringmonoblockpublic
vulnerability_cvss3_vendor_eCVSSv3 Base Score Exploitability (Exploit Code Maturity) by VendorPstringmonoblockpublic
vulnerability_cvss3_researcher_basescoreCVSSv3 Base Score calculation by Rersearcher7.8number (0.0-10.0)monoblockpublic
vulnerability_cvss3_researcher_tempscoreCVSSv3 Temp Score calculation by Rersearcher7.6number (0.0-10.0)monoblockpublic
vulnerability_cvss3_researcher_avCVSSv3 Base Score Access Vector by ResearcherNstringmonoblockpublic
vulnerability_cvss3_researcher_acCVSSv3 Base Score Attack Complexity by ResearcherLstringmonoblockpublic
vulnerability_cvss3_researcher_prCVSSv3 Base Score Privileges Required by ResearcherLstringmonoblockpublic
vulnerability_cvss3_researcher_uiCVSSv3 Base Score User Interactivity Required by ResearcherNstringmonoblockpublic
vulnerability_cvss3_researcher_sCVSSv3 Base Score Scope Change by ResearcherCstringmonoblockpublic
vulnerability_cvss3_researcher_cCVSSv2 Base Score Confidientality Impact by ResearcherHstringmonoblockpublic
vulnerability_cvss3_researcher_iCVSSv2 Base Score Integrity Impact by ResearcherHstringmonoblockpublic
vulnerability_cvss3_researcher_aCVSSv2 Base Score Availability Impact by ResearcherHstringmonoblockpublic
vulnerability_cvss3_researcher_rcCVSSv3 Base Score Report Confidence by ResearcherCstringmonoblockpublic
vulnerability_cvss3_researcher_rlCVSSv3 Base Score Remediation Level by ResearcherOstringmonoblockpublic
vulnerability_cvss3_researcher_eCVSSv3 Base Score Exploitability (Exploit Code Maturity) by VendorPstringmonoblockpublic
vulnerability_cvss3_nvd_basescoreCVSSv3 Base Score calculation by NIST NVD7.8number (0.0-10.0)monoblockpublic
vulnerability_cvss3_nvd_tempscoreCVSSv3 Temp Score calculation by NIST NVD7.6number (0.0-10.0)monoblockpublic
vulnerability_cvss3_nvd_avCVSSv3 Base Score Access Vector by NIST NVDNstringmonoblockpublic
vulnerability_cvss3_nvd_acCVSSv3 Base Score Attack Complexity by NIST NVDLstringmonoblockpublic
vulnerability_cvss3_nvd_prCVSSv3 Base Score Privileges Required by NIST NVDLstringmonoblockpublic
vulnerability_cvss3_nvd_uiCVSSv3 Base Score User Interactivity Required by NIST NVDNstringmonoblockpublic
vulnerability_cvss3_nvd_sCVSSv3 Base Score Scope Change by NIST NVDCstringmonoblockpublic
vulnerability_cvss3_nvd_cCVSSv3 Base Score Confidientality Impact by NIST NVDHstringmonoblockpublic
vulnerability_cvss3_nvd_iCVSSv3 Base Score Integrity Impact by NIST NVDHstringmonoblockpublic
vulnerability_cvss3_nvd_aCVSSv3 Base Score Availability Impact by NIST NVDHstringmonoblockpublic
vulnerability_cvss3_nvd_rcCVSSv3 Base Score Report Confidence by NIST NVDCstringmonoblockpublic
vulnerability_cvss3_nvd_rlCVSSv3 Base Score Remediation Level by NIST NVDOstringmonoblockpublic
vulnerability_cvss3_nvd_eCVSSv3 Base Score Exploitability (Exploit Code Maturity) by VendorPstringmonoblockpublic
vulnerability_cvss3_cna_basescoreCVSSv3 Base Score calculation by responsible CVE Numbering Authority7.8number (0.0-10.0)monoblockpublic
vulnerability_cvss3_cna_tempscoreCVSSv3 Temp Score calculation by responsible CVE Numbering Authority7.6number (0.0-10.0)monoblockpublic
vulnerability_cvss3_cna_avCVSSv3 Base Score Access Vector by responsible CVE Numbering AuthorityNstringmonoblockpublic
vulnerability_cvss3_cna_acCVSSv3 Base Score Attack Complexity by responsible CVE Numbering AuthorityLstringmonoblockpublic
vulnerability_cvss3_cna_prCVSSv3 Base Score Privileges Required by responsible CVE Numbering AuthorityLstringmonoblockpublic
vulnerability_cvss3_cna_uiCVSSv3 Base Score User Interactivity Required by responsible CVE Numbering AuthorityNstringmonoblockpublic
vulnerability_cvss3_cna_sCVSSv3 Base Score Scope Change by responsible CVE Numbering AuthorityCstringmonoblockpublic
vulnerability_cvss3_cna_cCVSSv3 Base Score Confidientality Impact by responsible CVE Numbering AuthorityHstringmonoblockpublic
vulnerability_cvss3_cna_iCVSSv3 Base Score Integrity Impact by responsible CVE Numbering AuthorityHstringmonoblockpublic
vulnerability_cvss3_cna_aCVSSv3 Base Score Availability Impact by responsible CVE Numbering AuthorityHstringmonoblockpublic
vulnerability_cvss3_cna_rcCVSSv3 Base Score Report Confidence by responsible CVE Numbering AuthorityCstringmonoblockpublic
vulnerability_cvss3_cna_rlCVSSv3 Base Score Remediation Level by responsible CVE Numbering AuthorityOstringmonoblockpublic
vulnerability_cvss3_cna_eCVSSv3 Base Score Exploitability (Exploit Code Maturity) by VendorPstringmonoblockpublic
vulnerability_bugbounty_organizationName of the organization that disclosed a bug bounty for the vulnerabilityGooglestringmonoblockpublic
vulnerability_bugbounty_pricePayout price of the bug bounty for the vulnerabilityUSD 5000stringmonoblockpublic
vulnerability_bugbounty_payoutdateDate of the payout of the bug bounty for the vulnerability1454427609stringunix timestamppublic
vulnerability_sourcecodeSource code snippet of affected partsstring (multiline possible)monoblockpublic
vulnerability_advisoryquoteQuote about the vulnerability from the original advisoryThe issue got verified by the core developers right after the initial notification.stringmonoblockpublic
vulnerability_freetextenAdditional text describing the vulnerability (English)stringmonoblockpublic
vulnerability_freetextdeAdditional text describing the vulnerability (German)stringmonoblockpublic
advisory_dateunix timestamp of the disclosure date1097625600unix timestampmonoblockpublic
advisory_locationName of the location of the initial disclosureWebsitestringmonoblockpublic
advisory_typeType of the initial disclosureAdvisorystringmonoblockpublic
advisory_urlURL of the initial disclosurehttp://www.example.com/advisory.php?id=42string urlmonoblockpublic
advisory_unavailableThe reason why a source is not availableacquired by Oraclestringvirtualpublic
advisory_viaDisclosure via a vulnerability broker ZDIstringmonoblockpublic
advisory_identifierUnique identifier of the advisoryMS-ADV:2016-42string/arraymonoblockpublic
advisory_reportconfidenceCVSSv2 and CVSSv3 Base Score ConfidenceCstringmonoblockpublic
advisory_coordinationCoordinated disclosure (1=yes, 0=no)1boolean (0, 1)monoblockpublic
advisory_person_nameName of the person that found the issueJohn Doestring/arraymonoblockpublic
advisory_person_nicknameNickname of the person that found the issueDr. Sashimistring/arraymonoblockpublic
advisory_person_mailEmail of the person that found the issuesashimi@example.comstring mail addressmonoblockpublic
advisory_person_websiteWebsite of the person that found the issuehttps://sashimi.example.comstring urlmonoblockpublic
advisory_company_nameName of the company of the person that found the issueSashimi Ltd.string/arraymonoblockpublic
advisory_reaction_dateUnix timestamp of the reaction of the vendor towards of the finding1097625600unix timestampmonoblockpublic
advisory_confirm_urlURL of the vendor confirmation of the vulnerabilityhttp://www.microsoft.com/...string urlmonoblockpublic
advisory_confirm_dateDate of the vendor confirmation of the vulnerability1097625600unix timestampmonoblockpublic
advisory_confirm_unavailableThe reason why a source is not availabledefunct due to bankruptcystringvirtualpublic
advisory_disputedThe issue is disputed (1=yes, 0=no)1boolean (0, 1)monoblockpublic
advisory_falsepositiveThe issue is a false-positive (1=yes, 0=no)0boolean (0, 1)monoblockpublic
advisory_advisoryquoteQuote about the disclosure from the original advisorystringmonoblockpublic
advisory_freetextenAdditional text describing the disclosure (English)stringmonoblockpublic
advisory_freetextdeAdditional text describing the disclosure (German)stringmonoblockpublic
exploit_availabilityAvailability of the exploit (1=yes, 0=no)1boolean (0, 1)monoblockpublic
exploit_dateunix timestamp of the first release of a public exploit1097625600unix timestampmonoblockpublic
exploit_publicityPublicity of the exploit (e.g. public, private)privatestringmonoblockpublic
exploit_urlURL of the exploithttps://sashimi.example.com/exploit.php?id=23string urlmonoblockpublic
exploit_unavailableThe reason why a source is not availablediscontinuedstringvirtualpublic
exploit_developer_nameName of the person that created the exploitJohn Doestring/arraymonoblockpublic
exploit_developer_nicknameNickname of the person that created the exploitDr. Sashimistring/arraymonoblockpublic
exploit_developer_mailEmail of the person that created the exploitsashimi@example.comstring mail addressmonoblockpublic
exploit_developer_websiteWebsite of the person that created the exploithttps://sashimi.example.comstring urlmonoblockpublic
exploit_languageProgramming language of the exploitPythonstringmonoblockpublic
exploit_exploitabilityExploitability level of the exploitPOCstringmonoblockpublic
exploit_reliabilityReliability of the exploit (0-100)99number (0-100)monoblockpublic
exploit_wormifiedExploit got used within an automated worm (1=yes, 0=no)1boolean (0, 1)monoblockpublic
exploit_googlehackstring for Google dorkinurl:ssl.aspxstringmonoblockpublic
exploit_epss_scoreCurrent prediction score of EPSS (Exploit Prediction Scoring System)0.03444number (float)virtualpublic
exploit_epss_percentilePercentile of CVE within current EPSS (Exploit Prediction Scoring System)0.83482number (float)virtualpublic
exploit_price_0dayKnown or estimated 0-day price of the exploit$50k-$100kstringmonoblockpublic
exploit_price_todayKnown or estimated price of the exploit as of today (updated daily)$10k-$25kstringvirtualpublic
exploit_price_trendWill exploit prices rise or drop in the future+stringmonoblockpublic
exploit_price_timelineNot available yetstring arrayvirtualinternal
exploit_advisoryquoteQuote about the exploit from the original advisorystringmonoblockpublic
exploit_sourcecodeSource code snippet of the exploitstring (multiline possible)monoblockpublic
exploit_freetextenAdditional text describing the exploit (English)stringmonoblockpublic
exploit_freetextdeAdditional text describing the exploit (German)stringmonoblockpublic
countermeasure_remediationlevelGeneric remediation level descriptionofficial fixstringvirtualpublic
countermeasure_nameName of the suggested countermeasureUpgradestringmonoblockpublic
countermeasure_dateunix timestamp of the release of the first countermeasure1097625600unix timestampmonoblockpublic
countermeasure_reliabilityReliability of the countermeasure (0-100)99number (0-100)monoblockpublic
countermeasure_reactiondaysDays of reaction between vendor notification and disclosure/countermeasure13numbervirtualpublic
countermeasure_exposuredaysDays of public exposure between public dicsloure and countermeasure23numbervirtualpublic
countermeasure_0daydaysDays of 0day lifecycle before any kind of disclosure5numbervirtualpublic
countermeasure_exploitdelaydaysDays between disclosure and first exploit availability7numbervirtualpublic
countermeasure_upgrade_versionFirst known unaffected version(s)10/Server 2003string/arraymonoblockpublic
countermeasure_upgrade_urlURL of the upgraded versionhttps://windowsupdate.microsoft.comstring urlmonoblockpublic
countermeasure_upgrade_unavailableThe reason why a source is not availabledefunctstringvirtualpublic
countermeasure_patch_nameName of the patchMS16-099string/arraymonoblockpublic
countermeasure_patch_urlURL of the patchhttps://technet.microsoft.com/library/security/MS16-099stringmonoblockpublic
countermeasure_patch_unavailableThe reason why a source is not availabledefunctstringvirtualpublic
countermeasure_config_settingConfig setting to eliminate the vulnerabilityAllowSHA1=FALSEstringmonoblockpublic
countermeasure_firewalling_portFirewall port(s) to eliminate the vulnerabilitytcp/80 (http) & tcp/443 (https)stringmonoblockpublic
countermeasure_authentication_nameAdditional authentication(s) to eliminate the vulnerability.htaccessstring/arraymonoblockpublic
countermeasure_encryption_nameAdditional encryption(s) to eliminate the vulnerabilityIPsecstring/arraymonoblockpublic
countermeasure_workaround_nameName of the workaround(s) to eliminate the vulnerabilityChange the Templatestring/arraymonoblockpublic
countermeasure_workaround_urlURL of the workaround(s) to eliminate the vulnerabilityhttps://example.comstringmonoblockpublic
countermeasure_workaround_unavailableThe reason why a source is not availabledefunctstringvirtualpublic
countermeasure_alternative_nameAlternative products that provide similar features without this vulnerabilityMozilla Firefox, Google Chromestring/arraymonoblockpublic
countermeasure_sourcecodeSource code snippet of the countermeasurestring (multiline possible)monoblockpublic
countermeasure_advisoryquoteQuote about the countermeasure from the original advisorystringmonoblockpublic
countermeasure_freetextenAdditional text describing the countermeasure (English)stringmonoblockpublic
countermeasure_freetextdeAdditional text describing the countermeasure (German)stringmonoblockpublic
source_cveCVE IDCVE-2016-1234stringmonoblockpublic
source_cve_assignedunix timestamp of the CVE assignment1108857600unix timestampmonoblockpublic
source_cve_nvd_publishedunix timestamp of the CVE published on NVD1097539200unix timestampmonoblockpublic
source_cve_nvd_summaryCVE summary provided on NVDSome web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.stringmonoblockpublic
source_cve_cnaResponsible CVE Numbering Authority (CNA) responsible for maintaining the CVE entryMITREstringmonoblockpublic
source_cve_duplicateList of all duplicate CVEs that were also assignedCVE-2021-36545string/arraymonoblockpublic
source_cve_duplicateofList of all CVEs that this CVE might be a duplicate ofCVE-2023-0946string/arraymonoblockpublic
source_oval_idOVAL IDoval:org.mitre.oval:def:14735stringmonoblockpublic
source_iavm_idIAVM2011-A-0167stringmonoblockpublic
source_iavm_vmskeyIAVM VMSKEYV0030830stringmonoblockpublic
source_iavm_titleIAVM titleMicrosoft Cumulative Security Update of ActiveX Kill Bitsstringmonoblockpublic
source_osvdb_idOSVDB ID12914numbermonoblockpublic
source_osvdb_createunix timestamp of the OSVDB entry creation1104710400unix timestampmonoblockpublic
source_osvdb_titleOSVDB titleWindows Kernel Multiprocessor Page Fault Handler Race Conditionstringmonoblockpublic
source_osvdb_unavailableThe reason why a source is not availablediscontinuedstringvirtualpublic
source_secunia_idSecunia ID13822numbermonoblockpublic
source_secunia_dateunix timestamp of the Secunia entry creation1104710400unix timestampmonoblockpublic
source_secunia_titleSecunia titleWindows Kernel Page Fault Handler Privilege Escalationstringmonoblockpublic
source_secunia_riskSecunia risk levelLess Criticalstringmonoblockpublic
source_secunia_unavailableThe reason why a source is not availableacquired by Flexerastringvirtualpublic
source_securityfocus_idSecurityFocus ID12244numbermonoblockpublic
source_securityfocus_dateunix timestamp of the SecurityFocus entry creation1104710400unix timestampmonoblockpublic
source_securityfocus_classSecurityFocus vulnerability classInput Validation Errorstringmonoblockpublic
source_securityfocus_titleSecurityFocus titleWindows Remote Format String Vulnerabilitystringmonoblockpublic
source_sectracker_idSecurityTracker ID1012862numbermonoblockpublic
source_sectracker_dateunix timestamp of the SecurityTracker entry creation1105488000unix timestampmonoblockpublic
source_sectracker_titleSecurityTracker titleWindows Kernel Multiprocessor Page Fault Handler Race Condition Lets Local Users Gain Elevated Privilegesstringmonoblockpublic
source_sectracker_causeSecurityTracker causeAccess control errorstringmonoblockpublic
source_sectracker_unavailableThe reason why a source is not availablediscontinuedstringvirtualpublic
source_vulnerabilitycenter_idVulnerability Center ID51222numbermonoblockpublic
source_vulnerabilitycenter_titleVulnerability Center titleWindows Kernel Multiprocessor Page Fault Handler Race Condition Lets Local Users Gain Elevated Privilegesstringmonoblockpublic
source_vulnerabilitycenter_severityVulnerability Center severityMediumstringmonoblockpublic
source_vulnerabilitycenter_creationdateunix timestamp of the Vulnerability Center entry creation1105488000unix timestampmonoblockpublic
source_vulnerabilitycenter_lastupdateunix timestamp of the Vulnerability Center entry last update1105488000unix timestampmonoblockpublic
source_vulnerabilitycenter_reportingdateunix timestamp of the Vulnerability Center reporting date1105488000unix timestampmonoblockpublic
source_vupen_idVupen IDADV-2009-1233 stringmonoblockpublic
source_vupen_unavailableThe reason why a source is not availabledefunctstringvirtualpublic
source_xforce_idIBM X-Force ID11695numbermonoblockpublic
source_xforce_dateunix timestamp of the IBM X-Force entry creation1105488000unix timestampmonoblockpublic
source_xforce_titleIBM X-Force titleWindows LF (Line Feed) denial of servicestringmonoblockpublic
source_xforce_identifierIBM X-Force identifiermicrosoft-http-lf-dosstringmonoblockpublic
source_xforce_riskIBM X-Force risk (obsolete since 2015)Medium Riskstringmonoblockpublic
source_cert_vuCERT VU252068numbermonoblockpublic
source_securiteam_urlSecuriTeam.com URLhttp://www.securiteam.com/windowsntfocus/5MP0F1F95U.htmlstring urlmonoblockpublic
source_securiteam_unavailableThe reason why a source is not availablediscontinuedstringvirtualpublic
source_exploitdb_idExploit-DB ID37932numbermonoblockpublic
source_exploitdb_dateunix timestamp of the Exploit-DB entry creation1105488000unix timestampmonoblockpublic
source_heise_idHeise.de URL ID44502numbermonoblockpublic
source_tecchannel_idTecchannel URL ID (obsolete)2093stringmonoblockpublic
source_nessus_idNessus ID88647numbermonoblockpublic
source_nessus_nameNessus plugin titleMS16-015: Security Update for Microsoft Office to Address Remote Code Execution (3134226)stringmonoblockpublic
source_nessus_filenameNessus plugin filenamemicrosoft_windows_ssl.naslstringmonoblockpublic
source_nessus_riskNessus riskCriticalstringmonoblockpublic
source_nessus_familyNessus familyWindows : Microsoft Bulletinsstringmonoblockpublic
source_nessus_typeNessus plugin typeremotestringmonoblockpublic
source_nessus_portNessus plugin port445stringmonoblockpublic
source_nessus_dateNessus plugin date1105488000unix timestampmonoblockpublic
source_pvs_idPVS ID8276numbermonoblockpublic
source_pvs_titlePVS titleWindows Multiple Vulnerabilitiesstringmonoblockpublic
source_pvs_riskPVS riskHighstringmonoblockpublic
source_pvs_familyPVS familyWindowsstringmonoblockpublic
source_openvas_idOpenVAS ID881920numbermonoblockpublic
source_openvas_filenameOpenVAS filenamegb_CESA-2014_0383_samba4_centos6.naslstringmonoblockpublic
source_openvas_titleOpenVAS titleWindows Update for samba4 CESA-2014:0383stringmonoblockpublic
source_openvas_familyOpenVAS familyWindows Local Security Checksstringmonoblockpublic
source_qualys_idQualys ID38370numbermonoblockpublic
source_qualys_titleQualys titleWindows Privilege Escalation Vulnerabilitystringmonoblockpublic
source_saint_idSAINT IDexploit_info/iis5_webdavstringmonoblockpublic
source_saint_titleSAINT titlentdll.dll buffer overflow via IIS 5.0 WebDAVstringmonoblockpublic
source_saint_linkSAINT linkhttp://www.saintcorporation.com/cgi-bin/exploit_info/iis5_webdavstringmonoblockpublic
source_msf_idMetasploit IDms03_007_ntdll_webdav.rbstringmonoblockpublic
source_msf_filenameMetasploit filenamemetasploit-framework/modules/exploits/windows/iis/ms03_007_ntdll_webdav.rbstringmonoblockpublic
source_msf_titleMetasploit titleMS03-007 Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflowstringmonoblockpublic
source_d2sec_urlD2 Elliot URLhttp://www.d2sec.com/exploits/vbulletin_4.1.x_rce.htmlstring urlmonoblockpublic
source_d2sec_titleD2 Elliot titlevBulletin 4.1.x RCEstringmonoblockpublic
source_d2sec_descD2 Elliot descriptionRemote command execution vulnerability in vBulletin upgrade.phpstringmonoblockpublic
source_d2sec_familyD2 Elliot familyRemote Command Executionstringmonoblockpublic
source_atk_idATK ID99numbermonoblockpublic
source_snort_idSnort ID2090numbermonoblockpublic
source_snort_classSnort classattempted-adminstringmonoblockpublic
source_snort_messageSnort messageSERVER-IIS WEBDAV exploit attemptstringmonoblockpublic
source_snort_patternSnort pattern}SNORT-stringmonoblockpublic
source_suricata_idSuricata ID2002844numbermonoblockpublic
source_suricata_sigSuricata signatureET WEB_SERVER WebDAV search overflowstringmonoblockpublic
source_suricata_classSuricata classweb-applicationstringmonoblockpublic
source_sourcefire_ips_idSourcefire IPS ID8427numbermonoblockpublic
source_issproventia_idISS Proventia ID2118084numbermonoblockpublic
source_tippingpoint_idTippingpoint ID4725numbermonoblockpublic
source_tippingpoint_titleTippingpoint titleHTTP: AOL ICQ ActiveX Control Code Execution (ZDI-06-037)stringmonoblockpublic
source_tippingpoint_categoryTippingpoint categoryVulnerabilitiesstringmonoblockpublic
source_mcafee_ips_idMcAfee IPS IDDNS: ISC BIND Resolver Library Buffer Overflow Vulnerabilitystringmonoblockpublic
source_mcafee_ips_versionMcAfee IPS version8.1.38.3stringmonoblockpublic
source_paloalto_ips_idPalo-Alto IPS ID30354numbermonoblockpublic
source_fortigate_ips_idFortigate IPS ID12718numbermonoblockpublic
source_screenshotScreenshot of the vulnerability and/or attackexample_screenshot.jpgstring filenamevirtualpublic
source_videolinkLink to video describing or showing the attack (Youtube, Vimeo, etc.)https://youtu.be/GsCpyUJDyjQstring urlmonoblockpublic
source_sciplabsLink to recommended scip Labs entryhttps://www.scip.ch/en/?labs.20191010string urlvirtualpublic
source_miscMisc. Linkhttps://blog.exodusintel.com/2016/02/10/firewall-hacking/string urlmonoblockpublic
source_misc_unavailableThe reason why a source is not availabledefunctstringvirtualpublic
source_seealsoIDs of similar VulDB entries (if available)12354, 84635, 78413string arraymonoblockpublic
cti_activity_scoreCurrent activity score for the specific item4.38number (0.00-10.00)virtual fieldpublic (ro)
cti_activity_trendForecast if the current activity score of the item will increase (+), decrease (-) or remain as it is+stringvirtual fieldpublic (ro)
cti_activity_countriesList of countries which are associated with latest activities of the itemus, cn, rustring arrayvirtual fieldpublic (ro)
cti_activity_actorsList of APT actors which are associated with latest activities of the itemConti, Black Basta, Carbanakstring arrayvirtual fieldpublic (ro)
cna_responsibleName of the CNA with the original scopeMicrosoftstring arraymonoblockpublic (ro)
cna_contact_dateUnix timestamp of contacting the CNA1643366633unix timestampmonoblockpublic (ro)
cna_response_dateUnix timestamp of the response by the CNA1643366633unix timestampmonoblockpublic (ro)
cna_response_summaryDescription of the response by the CNAWe reject this issue because the feature works as intended.stringmonoblockpublic (ro)
cna_decision_dateUnix timestamp of our decision as CNA1643366633unix timestampmonoblockpublic (ro)
cna_decision_summaryDescription of our decision as CNAWe overrule the vendor CNA because there is a risk for customers.stringmonoblockpublic (ro)
cna_eolFlagging products as not supported when assigned as demanded by the CVE program for EoL products1boolean (0, 1)monoblockpublic (ro)
cna_nocveFlagging entries as not eligible for CVE assignments according to our submission rules and/or the CNA rules1boolean (0, 1)monoblockpublic (ro)
legacy_titleLegacy title (old entries)(obsolete)stringmonoblockinternal
legacy_affectedLegacy affected products (old entries)(obsolete)stringmonoblockinternal
legacy_descriptionLegacy description (old entries)(obsolete)stringmonoblockinternal
legacy_expertLegacy comment (old entries)(obsolete)stringmonoblockinternal

Cyber Threat Intelligence

Requires CTI access capabilities unlocked for the requesting user account.

IP Addresses, Hostnames, Actors

Data PointTitleExampleTypeRepoAvailability
ipv4IPv4 addresses associated with the actor192.168.0.1, 192.168.0.2string arrayvirtual fieldpublic (ro)
hostnameHostnames associated with the actorwww.example.com, test.example.comstring arrayvirtual fieldpublic (ro)
timestamp_reportedUnix timestamp of adding item to database1607986800unix timestampmetapublic (ro)
timestamp_confirmedUnix timestamp of last confirmation of item1607986800unix timestampmetapublic (ro)
risk_valueCurrent activity and risk level of the actor4.23number (0.00-10.00)virtual fieldpublic (ro)
risk_nameCurrent activity and risk level of the actor readable for humansMediumstringvirtual fieldpublic (ro)
attributionActor group attribution of the itemZegoststringvirtual fieldpublic (ro)
associationActor country association of the itemus, cn, rustring arrayvirtual fieldpublic (ro)
vulnerabilityKnown vulnerabilities associated with the item (VulDB identifiers)199177, 205666, 206240number arrayvirtual fieldpublic (ro)
ioa_fileIndicators of Attack based on file names associated with the itembackdoor.php, proxy.aspxstring arrayvirtual fieldpublic (ro)
ioa_libraryIndicators of Attack based on library names associated with the item/lib/auth.php, hidden.dllstring arrayvirtual fieldpublic (ro)
ioa_argumentIndicators of Attack based on argument names associated with the itemusername, password, adminstring arrayvirtual fieldpublic (ro)
ioa_input_valueIndicators of Attack based on input values associated with the item<script>, alert(1), /etc/passwdstring arrayvirtual fieldpublic (ro)
ioa_patternIndicators of Attack based on pattern values associated with the item|05 00 00|, abcdstring arrayvirtual fieldpublic (ro)
ioa_network_portIndicators of Attack based on network ports associated with the item37777, tcp/666string arrayvirtual fieldpublic (ro)
ttp_techniqueTactics, techniques, and procedures associated with the itemT1006, T1055, T1059.007string arrayvirtual fieldpublic (ro)
ttp_cweWeaknesses associated with the itemCWE-22, CWE-79, CWE-200string arrayvirtual fieldpublic (ro)
sourcesOnline sources associated with the item, actor, campaign or indicatorshttps://www.scip.ch/en/?labs.20210923string url arrayvirtual fieldpublic (ro)

Events

Data PointTitleExampleTypeRepoAvailability
timestampUnix timestamp of beginning of event1660581175unix timestampvirtual fieldpublic (ro)
titleTitle of the eventActor Group in US review vendor Ciscostringvirtual fieldpublic (ro)
summaryShort summary of the eventDuring an analysis our CTI team identified an interesting event on 06:32 PM. It was possible to identify multiple members of an unknown group to be part of the activities. The center of attention is the vendor Cisco. This event is classified as General Danger.stringvirtual fieldpublic (ro)
typeType of the eventgroupstringvirtual fieldpublic (ro)
countryCountry involved in the activitiesusstringvirtual fieldpublic (ro)
focusFocus of the activityvendorstringvirtual fieldpublic (ro)
objectTargeted objectCiscostringvirtual fieldpublic (ro)
vulnerabilityTargeted vulnerability1057numbervirtual fieldpublic (ro)
weightImportance of the event131number (0-n)virtual fieldpublic (ro)
riskRisk of the identified eventGeneral Dangerstringvirtual fieldpublic (ro)
detailsLink to the CTI platform which provides drilldown detailshttps://vuldb.com/?vendor.ciscostring urlvirtual fieldpublic (ro)

Interested in the pricing of exploits?

See the underground prices here!

AnteriorVisión De ConjuntoPróximo