Known Exploited Vulnerabilities

CISA provides the so called Known Exploited Vulnerabilities Catalog (KEV) which contains information about security issues, that have been exploited in the wild.

VulDB provides KEV data within vulnerability entries on the web site and via the Vulnerability API. Initially data was not stored in the VulDB Monoblock but made available as virtual fields. Since 17.11.2 these fields were upgraded from virtual fields to monoblock fields to be reflected in updates as well.

  • exploit_kev_vendorproject
  • exploit_kev_product
  • exploit_kev_vulnerabilityname
  • exploit_kev_shortdescription
  • exploit_kev_added
  • exploit_kev_due
  • exploit_kev_requiredaction
  • exploit_kev_knownransomware
  • exploit_kev_notes
If KEV information is not available, you may use other data points to determine if exploiting happened already. The reliability of these possibilities in descending order are:

  • vulnerability_cvss4_vuldb_e = A
  • exploit_publicity = public
  • vulnerability_cvss{2,3}_vuldb_e = H
  • source_msf_id > 0
  • source_exploitdb_id > 0

Might our Artificial Intelligence support you?

Check our Alexa App!

PrécédentAperçuSuivant