Lista zmian

Wersja 19.30.0 (2026-02-16)

Wersja 19.29.4 (2026-02-15)

Wersja 19.29.3 (2026-02-13)

Wersja 19.29.2 (2026-02-12)

  • Commit bcfa9
    Optymalizacja
    Upgrade of server hardware to improve performance.

  • Commit bcfa9
    Optymalizacja
    Upgrade of all software components to the latest version tree.

  • Commit 25d73
    Optymalizacja
    Improved handling of user sessions for better performance and increased security.

Wersja 19.29.1 (2026-02-11)

Wersja 19.29.0 (2026-02-10)

  • Commit 77f5d
    Funkcjonalność
    Prośba klienta
    Introduction of the support for CVSSv3 data by CISA as an ADP in different views (e.g. CVSSv3 overview, edit form).

  • Commit d5bc4
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.86 introduction of the ADP CISA CVSSv3 vector and score which is accessible via vulnerability_cvss3_adpcisa_*.

  • Commit e03e8
    Optymalizacja
    CTI overviews show additional statistical data about CTI monitoring.

Wersja 19.28.0 (2026-02-09)

Wersja 19.27.3 (2026-02-08)

Wersja 19.27.2 (2026-02-06)

  • Commit b09d3
    Naprawa błędów
    Fixed an issue where existing users were not able to login if their username contained a string which is blacklisted for user registration. Thanks to the user pengroot for reporting this issue.

Wersja 19.27.1 (2026-02-04)

  • Commit 6a8bd
    Optymalizacja
    Improved the username validator to prevent disallowed usernames during registration.

Wersja 19.27.0 (2026-02-02)

Wersja 19.26.3 (2026-01-30)

  • Commit bddb1
    Optymalizacja
    Fixed a rare issue where vendor and product links were not aligned regarding case sensitivity.

Wersja 19.26.2 (2026-01-28)

  • Commit e80fb
    Optymalizacja
    The recurring generation of the stats page is more efficient and informs concurrent users about the generation process.

Wersja 19.26.1 (2026-01-27)

  • Commit 15d2c
    Optymalizacja
    Improved product web site association for vulnerability entries.

Wersja 19.26.0 (2026-01-26)

Wersja 19.25.3 (2026-01-25)

  • Commit 5d608
    Optymalizacja
    Improvement of country activity analysis accuracy shown in CTI charts.

Wersja 19.25.2 (2026-01-24)

  • Commit 90808
    Optymalizacja
    Performance optimizazion of views containing CTI maps.

Wersja 19.25.1 (2026-01-23)

  • Commit 11bc9
    Optymalizacja
    Performance optimization for all text generation elements. Especially views with multiple descriptions profit from this.

Wersja 19.25.0 (2026-01-19)

Wersja 19.24.1 (2026-01-13)

  • Commit 64d9c
    Optymalizacja
    The lookup of CWE identifiers shows the full name of items in diff views and commit items of vulnerability entries.

Wersja 19.24.0 (2026-01-12)

Wersja 19.23.0 (2026-01-05)

Wersja 19.22.2 (2026-01-04)

Wersja 19.22.1 (2026-01-03)

  • Commit b5b92
    Naprawa błędów
    Under certain circumstances the CVSSv4 bscores and btscores were not calculated correctly for 3rd party sources.

Wersja 19.22.0 (2025-12-29)

Wersja 19.21.0 (2025-12-22)

Wersja 19.20.4 (2025-12-20)

Wersja 19.20.3 (2025-12-19)

  • Commit 14e46
    Naprawa błędów
    The Previous and Next buttons of Vulnerability Relate Views link to the corresponding main entry instead to an identified match.

Wersja 19.20.2 (2025-12-18)

Wersja 19.20.1 (2025-12-17)

  • Commit b998e
    Optymalizacja
    The CTI view for vulnerability entries lists associated sources to make further analysis easier.

Wersja 19.20.0 (2025-12-15)

Wersja 19.19.2 (2025-12-10)

  • Commit e3c8e
    Optymalizacja
    Links to CPE entries of NIST NVD do not accept wilcards for version fields anymore. A workaround makes it possible to guarantee a reliable lookup again.

Wersja 19.19.1 (2025-12-09)

  • Commit 7da1f
    Optymalizacja
    Within KEV views the due field links to the KEV entry for easier analysis capabilities.

Wersja 19.19.0 (2025-12-08)

Wersja 19.18.3 (2025-12-05)

  • Commit ba595
    Optymalizacja
    Editing a vulnerability entry will allow to set the field software_notaffectedlist as well.

Wersja 19.18.2 (2025-12-04)

Wersja 19.18.1 (2025-12-02)

  • Commit bbeef
    Optymalizacja
    DB structure improvement of Monoblock to improve performance of vulnerability data queries.

Wersja 19.18.0 (2025-12-01)

Wersja 19.17.3 (2025-11-30)

Wersja 19.17.2 (2025-11-28)

Wersja 19.17.1 (2025-11-25)

  • Commit 92921
    Optymalizacja
    Optimized resource handling of high-performance queries.

Wersja 19.17.0 (2025-11-24)

Wersja 19.16.2 (2025-11-23)

  • Commit a2e0c
    Naprawa błędów
    Fixed an issue where vulnerability titles contained fragments of foreign languages.

Wersja 19.16.1 (2025-11-18)

Wersja 19.16.0 (2025-11-17)

Wersja 19.15.2 (2025-11-13)

  • Commit 8a017
    Optymalizacja
    If a user enables section counts in titles, then empty search results will shown the indicator as well.

Wersja 19.15.1 (2025-11-12)

  • Commit d1c54
    Optymalizacja
    Updated the CPE links in vulnerability entries to provide better accessibility to the NIST database.

Wersja 19.15.0 (2025-11-10)

Wersja 19.14.1 (2025-11-05)

  • Commit 22442
    Naprawa błędów
    Zmiana API
    In API 3.85 fixed a race condition regarding API credit calculation which happened when an earlier API request had an extended execution time.

Wersja 19.14.0 (2025-11-03)

Wersja 19.13.2 (2025-10-31)

Wersja 19.13.1 (2025-10-30)

Wersja 19.13.0 (2025-10-27)

Wersja 19.12.1 (2025-10-25)

  • Commit 42841
    Optymalizacja
    Using intelligent processing order to optimize performance of simple search queries. This improves execution speed of most queries for approx. 30%.

Wersja 19.12.0 (2025-10-20)

Wersja 19.11.0 (2025-10-13)

Wersja 19.10.0 (2025-10-06)

Wersja 19.9.4 (2025-10-03)

  • Commit 2202d
    Optymalizacja
    Current status of submits during processing is available to resposible users only.

Wersja 19.9.3 (2025-10-02)

Wersja 19.9.2 (2025-10-01)

  • Commit e47d2
    Optymalizacja
    Zmiana API
    The API endpoint provides better detection and verbose details if there is a problem with the API key (e.g. wrong format, too short).

Wersja 19.9.1 (2025-09-30)

Wersja 19.9.0 (2025-09-29)

Wersja 19.8.2 (2025-09-25)

  • Commit 72bb1
    Optymalizacja
    Upgraded web server pool to improve performance.

Wersja 19.8.1 (2025-09-24)

  • Commit 78515
    Optymalizacja
    Improved identification of similar vulnerability entries.

Wersja 19.8.0 (2025-09-22)

Wersja 19.7.1 (2025-09-17)

  • Commit df6ec
    Optymalizacja
    Performance optimization of excessive request handling.

Wersja 19.7.0 (2025-09-15)

Wersja 19.6.0 (2025-09-08)

Wersja 19.5.3 (2025-09-07)

  • Commit 45a22
    Optymalizacja
    Improved the handling of version range declarations in different languages (e.g. "up to" and "prior").

Wersja 19.5.2 (2025-09-03)

  • Commit 3c3a1
    Optymalizacja
    Improved case-sensitivity handling of multi-language menu items.

Wersja 19.5.1 (2025-09-02)

  • Commit 211a8
    Optymalizacja
    If a vulnerability entry does not list products with the field software_affectedlist but the field source_certbund_products contains useful information, then the vulnerability entry will list those as affected products.

Wersja 19.5.0 (2025-08-31)

Wersja 19.4.3 (2025-08-29)

  • Commit 8b506
    Optymalizacja
    User profiles provide a tooltip for the accepted vulnerability entry of a submit to see the title of the entry.

Wersja 19.4.2 (2025-08-28)

  • Commit 42d76
    Optymalizacja
    Performance improvement of application request blocking of very aggressive clients.

Wersja 19.4.1 (2025-08-27)

  • Commit 525a3
    Optymalizacja
    Introduction of a new network request limiter to block very aggressive clients.

Wersja 19.4.0 (2025-08-26)

  • Commit 74b07
    Funkcjonalność
    Introduction of a new application request limiter to block very aggressive clients (e.g. scraping and flooding).

  • Commit 20f37
    Optymalizacja
    Performance improvement of bursting request handling by the web platform.

Wersja 19.3.0 (2025-08-25)

Wersja 19.2.0 (2025-08-20)

  • Commit 90b8f
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.84 the introduction of the request types vendorlookup and productlookup to provide a possibility for better product matching.

Wersja 19.1.0 (2025-08-19)

Wersja 19.0.0 (2025-08-18)

  • Commit 3d859
    Funkcjonalność
    Total overhaul of the language handling system to improve texts, descriptions, and details of the service. This will introduce the possibility to add new supported languages.

Wersja 18.35.3 (2025-08-17)

  • Commit 23052
    Optymalizacja
    Better HTML compression for authenticated users to provide faster, smaller, and more efficient content delivery.

  • Commit db90c
    Optymalizacja
    Improved duplicate detection and handling for vulnerability submits.

Wersja 18.35.2 (2025-08-10)

  • Commit 83d65
    Optymalizacja
    Vulnerability titles on narrow views are optimized to discard irrelevant data points.

  • Commit b4a46
    Optymalizacja
    Users are only listed as committers of vulnerability entries and CVE entries if their commits were approved. Unmoderated and rejected commits are not used.

Wersja 18.35.1 (2025-08-09)

  • Commit 6c88c
    Optymalizacja
    Data in the CTI view per vulnerability entry is streamlined and provides better loading times.

Wersja 18.35.0 (2025-08-08)

  • Commit c9346
    Funkcjonalność
    Prośba klienta
    Vulnerability entries and RSS vulnerability feeds enhance information regarding local and remote exploitability by physical possibilities.

  • Commit 5cd4b
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 2.46/3.83 introduction of the fields exploit_physical, exploit_local, and exploit_remote which indicate theoretical exploit capabilities.

  • Commit c32fc
    Optymalizacja
    Information about local and remote exploitability provide better accuracy.

Wersja 18.34.0 (2025-08-07)

Wersja 18.33.0 (2025-08-06)

Wersja 18.32.5 (2025-07-21)

Wersja 18.32.4 (2025-07-18)

Wersja 18.32.3 (2025-07-17)

  • Commit bb891
    Optymalizacja
    Cyber threat intelligence views show count indicators for interest and vulnerabilities.

  • Commit 04b9c
    Optymalizacja
    Prośba klienta
    Search queries and filters are able to better handle special variants of characters like accents and Umlaute. This guarantees a better search experience with less risk for false-negatives.

Wersja 18.32.2 (2025-07-16)

Wersja 18.32.1 (2025-07-15)

  • Commit 6da2f
    Optymalizacja
    Database structures, dependencies, and index handling was drastically optimized, which improves the performance of many complex queries.

Wersja 18.32.0 (2025-07-14)

  • Commit 14073
    Funkcjonalność
    Zmiana API
    In API 3.82 introduction of the fields source_certbund_wid, source_certbund_published, source_certbund_title, source_certbund_products, source_certbund_classification, source_certbund_basescore, source_certbund_tempscore, source_certbund_nopatch.

Wersja 18.31.7 (2025-07-13)

  • Commit 6eaa5
    Optymalizacja
    Vulnerability entries in other languages provide better translation for certain items.

Wersja 18.31.6 (2025-07-11)

  • Commit 7004b
    Optymalizacja
    View optimization of mail alert messages. CVSSv3 was renamed to CVSS and details at the bottom do not deploy an alignment anymore.

Wersja 18.31.5 (2025-07-10)

  • Commit 620fb
    Optymalizacja
    Prośba klienta
    Statistical data for views with old entries were blurried for free users. This limitation is now disabled to provide better possibilities to review the coverage and quality of our data.

Wersja 18.31.4 (2025-07-04)

  • Commit f5e98
    Optymalizacja
    In the submit view long descriptions are broken to provide better data accessibility.

Wersja 18.31.3 (2025-06-30)

  • Commit 7a489
    Optymalizacja
    In the submit moderation overview long descriptions are broken to provide better accessibility for moderators.

Wersja 18.31.2 (2025-06-28)

Wersja 18.31.1 (2025-06-26)

  • Commit c485a
    Naprawa błędów
    Fixed an issue where CVSSv4 scores by third parties with a value of 0.0 were not shown correctly.

Wersja 18.31.0 (2025-06-19)

  • Commit b25df
    Funkcjonalność
    Indicator in the site footer shows which data pool is used to serve the user.

Wersja 18.30.1 (2025-06-15)

Wersja 18.30.0 (2025-06-14)

  • Commit 22b80
    Funkcjonalność
    Prośba klienta
    Complete overhaul of the My Alert overview to provide more data and better accessibility. This includes total, maximum, and average CVSS scores per alert.

  • Commit 01b86
    Funkcjonalność
    Prośba klienta
    My Alert summaries can be shown per month to provide better accessibility to earlier alerts.

Wersja 18.29.1 (2025-06-10)

  • Commit da6c0
    Naprawa błędów
    Fixed an issue where in vulnerability overviews field data for CVSSv2 was wrongfully accessed via cache if the server was under heavy load.

  • Commit da6c0
    Naprawa błędów
    Fixed an issue where in vulnerability overviews field data for CVSSv2 was wrongfully shown even though commits for it were rejected.

Wersja 18.29.0 (2025-05-07)

Wersja 18.28.3 (2025-06-06)

Wersja 18.28.2 (2025-06-04)

  • Commit f2375
    Optymalizacja
    KEV views do not display the exploitability status anymore, because this is always Attacked anyway.

Wersja 18.28.1 (2025-06-02)

  • Commit be29e
    Optymalizacja
    Performance optimization to handle load and access peaks much better.

Wersja 18.28.0 (2025-06-01)

  • Commit eeb1a
    Funkcjonalność
    Zmiana API
    In API 1.20/2.45/3.81 introduction of the value A (Attacked) for the field exploit_exploitability.

  • Commit 6f71b
    Funkcjonalność
    Overview lists of vulnerabilities which display exploitability information do now support the value Attacked to indicate entries which are known for real-word exploiting.

Wersja 18.27.0 (2025-05-19)

  • Commit e0463
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.80 introduction of a new CTI API query type iplist_date which allows to fetch a list of IP addresses added on a specific date.

Wersja 18.26.1 (2025-05-14)

  • Commit 17f96
    Optymalizacja
    Layout of email notification for password changes optimized.

Wersja 18.26.0 (2025-05-13)

  • Commit faa4e
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.79 introduction of the field source_euvd_id to reflect identifiers of the European Union Vulnerability Database.

Wersja 18.25.3 (2025-05-08)

  • Commit 8f54a
    Optymalizacja
    Prośba klienta
    Permabans of weak comments was too aggressive and affected users which did not violate any expectations. This issue was reported by user portal.

Wersja 18.25.2 (2025-05-04)

Wersja 18.25.1 (2025-04-27)

  • Commit 613ef
    Optymalizacja
    Improvement of automated spam detection for comment posting of vulnerability entries. Malicious users are automatically temporarily or permanently banned from postig if they violate the terms.

Wersja 18.25.0 (2025-04-26)

  • Commit 004c0
    Funkcjonalność
    Zmiana API
    In API 3.78 introduction of the fields source_cnvd_id, source_cnvd_submit, source_cnvd_open, source_cnvd_severity, and source_cnvd_title.

Wersja 18.24.1 (2025-04-25)

  • Commit 9d0ff
    Optymalizacja
    Prośba klienta
    The creation of version ranges of affected vulnerabilities does provide a more accurate upper bound value. This improves accuracy of version lists and CPE lists alike.

Wersja 18.24.0 (2025-04-23)

  • Commit 93434
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.77 introduction of the virtual fields source_gcve_cve and source_gcve_vuldb to highlight our activity as GCVE Numbering Authority (GNA) for the Global CVE Allocation System (GCVE).

Wersja 18.23.1 (2025-04-22)

  • Commit 5e790
    Optymalizacja
    List of comments for vulnerability entries show the title of the entry as the tool tip of the VDB identifier.

  • Commit 5e790
    Optymalizacja
    List of comments for vulnerability entries show the associated CVE in a dedicated column to provide better accessibility.

Wersja 18.23.0 (2025-04-20)

Wersja 18.22.3 (2025-04-19)

Wersja 18.22.2 (2025-04-18)

  • Commit 5a426
    Optymalizacja
    Vulnerability entries contain the GCVE identifier of CVE (range 0) and VulDB (range 100) if available.

Wersja 18.22.1 (2025-04-17)

  • Commit 64514
    Optymalizacja
    Prośba klienta
    Improvement of the accuracy of the virtual field exploit_exploitability which will assess multiple other fields to determine the most reasonable value.

Wersja 18.22.0 (2025-04-16)

  • Commit e0f77
    Funkcjonalność
    VulDB has officially become a GCVE Numbering Authority (GNA) for the Global CVE Allocation System (GCVE). Our namespace is 100 and GCVE identifiers are derived from our VDB identifiers. GCVE identifiers are shown in the header and the source section of vulnerability entries.

Wersja 18.21.6 (2025-04-03)

  • Commit e3929
    Optymalizacja
    CVSS score handling of new commits in vulnerability entries is more robust.

Wersja 18.21.5 (2025-03-31)

Wersja 18.21.4 (2025-03-30)

  • Commit c690a
    Optymalizacja
    Improvement of performance by cleaning up unused code. Especially legacy code that was used for megablock handling.

Wersja 18.21.3 (2025-03-29)

Wersja 18.21.2 (2025-03-28)

  • Commit a2393
    Naprawa błędów
    Mail alerts were sent with the wrong language which has been reverted to being sent always in English.

Wersja 18.21.1 (2025-03-27)

Wersja 18.21.0 (2025-03-25)

Wersja 18.20.4 (2025-03-20)

  • Commit 35505
    Naprawa błędów
    Fixed an issue in certain CTI views were the amount of references and samples was not displayed correctly.

Wersja 18.20.3 (2025-03-19)

  • Commit 5e5ca
    Optymalizacja
    Improvement of translation of the web service to provide a better wording and reflect cultural context in details.

Wersja 18.20.2 (2025-03-12)

  • Commit 8b65d
    Optymalizacja
    Improved accessibility of submit moderation to increase performance and quality.

Wersja 18.20.1 (2025-03-11)

  • Commit 98de0
    Optymalizacja
    Performance improvements of chart views which do not include timeseries data.

Wersja 18.20.0 (2025-03-10)

Wersja 18.19.1 (2025-03-09)

  • Commit 72ac9
    Optymalizacja
    Optimization of the monoblock database engine to increase performance for certain special queries.

Wersja 18.19.0 (2025-03-05)

Wersja 18.18.1 (2025-03-02)

  • Commit adeb6
    Naprawa błędów
    Fixed an issue where certain CVSSv4 CNA vector values were not stored properly during update processes. This affected updates happening between 2025-02-24 and 2025-03-01. They will be corrected in a later update run.

Wersja 18.18.0 (2025-02-28)

Wersja 18.17.3 (2025-02-27)

  • Commit a3a19
    Naprawa błędów
    Zmiana API
    Fixed an issue where the renewal for an API key did not show a login prompt if an unauthenticated user accessing the feature.

Wersja 18.17.2 (2025-02-24)

  • Commit 7b151
    Naprawa błędów
    Fixed an issue where vulnerability entries without a CVSSv4 impact were not shown correctly in overview lists and detail views.

Wersja 18.17.1 (2025-02-20)

  • Commit 61977
    Naprawa błędów
    Fixed an issue where votes for threads of vulnerability comments were not possible on certain instances.

Wersja 18.17.0 (2025-02-18)

  • Commit f2efe
    Funkcjonalność
    Prośba klienta
    We provide a statistical overview of all CWE that are used in our vulnerability database entries.

Wersja 18.16.3 (2025-02-17)

  • Commit 9b5d0
    Optymalizacja
    Performance and stability optimization of vulnerability database queries.

Wersja 18.16.2 (2025-02-16)

  • Commit d4857
    Optymalizacja
    Vulnerability submissions with weak or wrong disclosure links get much less community points.

Wersja 18.16.1 (2025-02-02)

  • Commit 861aa
    Optymalizacja
    Cleaning obsolete code of features like threat intelligence, vulnerability edit handling, worldmap display, and blocklist maintenance.

Wersja 18.16.0 (2025-01-29)

Wersja 18.15.2 (2025-01-20)

  • Commit 10aff
    Naprawa błędów
    Fixed an issue where complex searches regarding affected versions were not returning all associated results correctly.

Wersja 18.15.1 (2025-01-19)

  • Commit 369b1
    Optymalizacja
    Improved handling of version data of Linux Kernel vulnerability entries.

Wersja 18.15.0 (2025-01-16)

Wersja 18.14.9 (2025-01-15)

  • Commit c4721
    Naprawa błędów
    Fixed a rare issue where certain extended search queries were not able to collect the necessary vulnerability information.

Wersja 18.14.8 (2025-01-13)

Wersja 18.14.7 (2025-01-05)

Wersja 18.14.6 (2024-12-29)

Wersja 18.14.5 (2024-12-26)

Wersja 18.14.4 (2024-12-23)

  • Commit 9a559
    Optymalizacja
    Editing a vulnerability entry will show a small tutorial to help new users enriching existing entries.

Wersja 18.14.3 (2024-12-22)

Wersja 18.14.2 (2024-12-21)

  • Commit dd0d7
    Optymalizacja
    The reference map for Tools also lists Qualys identifiers.

Wersja 18.14.1 (2024-12-20)

  • Commit fa758
    Optymalizacja
    Better value analysis of vulnerability commits to establish temporary or permanent bans of malicious activities.

Wersja 18.14.0 (2024-12-19)

  • Commit 54d4b
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.75 the CTI API support the new query type sector which shows recent activities targeting specific sectors.

Wersja 18.13.0 (2024-12-16)

Wersja 18.12.6 (2024-12-12)

  • Commit 13bd3
    Optymalizacja
    Zmiana API
    In API 3.73 requesting CTI queries listing associated countries are now sorted in descending order of activity detection.

Wersja 18.12.5 (2024-12-06)

  • Commit 1081d
    Optymalizacja
    Update of most active countries for CTI data is much faster and demands less memory.

Wersja 18.12.4 (2024-12-05)

  • Commit 6cc69
    Naprawa błędów
    Zmiana API
    Prośba klienta
    In API 3.72 fixed an issue where VulDB CVSSv4 scores with a value of 0.0 were not shown properly. This affected just a few vulnerability entries. Thanks to Ryan Egbert for reporting this issue.

  • Commit 6cc69
    Naprawa błędów
    Zmiana API
    Prośba klienta
    In API 3.72 fixed an issue where external CVSSv4 sources did not always contain vulnerability_cvss4_cna_bvector and vulnerability_cvss4_cna_btvector fields. Thanks to Ryan Egbert for reporting this issue.

Wersja 18.12.3 (2024-11-30)

  • Commit 7b1be
    Optymalizacja
    Faster and more accurate merge of CPE data provided by NVD with our own CPE data.

Wersja 18.12.2 (2024-11-28)

  • Commit 534e8
    Optymalizacja
    Zmiana API
    Optimization of personal views for access history, search history, and API history.

Wersja 18.12.1 (2024-11-25)

  • Commit 0bb99
    Optymalizacja
    Improved generation of CSRF tokens to increase complexity of successful CSRF attacks.

Wersja 18.12.0 (2024-11-21)

  • Commit 573a5
    Funkcjonalność
    Introduction of a new advanced search with additional artificial intelligence capabilities. Queries are much faster and provide better accuracy.

Wersja 18.11.0 (2024-11-19)

  • Commit 17636
    Funkcjonalność
    Introduction of a new simple search with additional artificial intelligence capabilities. Queries are much faster and provide better accuracy.

Wersja 18.10.1 (2024-11-13)

  • Commit 30cde
    Naprawa błędów
    Fixed an issue where under certain circumstances a listing of affected version numbers was not ordered properly.

Wersja 18.10.0 (2024-11-08)

Wersja 18.9.7 (2024-11-06)

  • Commit 2c281
    Optymalizacja
    Better duplicate action detection and processing warning during vulnerability moderation.

Wersja 18.9.6 (2024-11-05)

  • Commit f5ab6
    Optymalizacja
    Vulnerability entries with merged CPE data originating from NVD respect the different splitting methodologies to prevent data overloading between affected products.

Wersja 18.9.5 (2024-11-04)

  • Commit e6800
    Optymalizacja
    Vulnerability relate views show associated CVE identifiers for better analysis capabilities.

  • Commit f1d3f
    Optymalizacja
    Performance optimization of see also data of vulnerability entries.

Wersja 18.9.4 (2024-11-03)

Wersja 18.9.3 (2024-11-02)

Wersja 18.9.2 (2024-11-01)

  • Commit ed9c3
    Optymalizacja
    Improved speed of collecting and displaying CTI data in vulnerability entries (requires a CTI license).

Wersja 18.9.1 (2024-10-29)

Wersja 18.9.0 (2024-10-28)

  • Commit ce30b
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.70 introduces the Vulnerability API CTI fields cti_activity_ipaddr, cti_ioa_file, cti_ioa_library, cti_ioa_argument, cti_ioa_inputvalue, cti_ioa_pattern, cti_ioa_networkport, cti_ttp_attck, cti_ttp_cwe, and cti_ttp_capec.

Wersja 18.8.3 (2024-10-26)

  • Commit c0ee8
    Optymalizacja
    Vulnerability diff views now display up to 5 changes of an entry to provide better analysis possibilities.

Wersja 18.8.2 (2024-10-25)

  • Commit 5de35
    Optymalizacja
    Vulnerability diff views always show up to the last 4 changes of an entry, no matter if it was the initial creation or succeeding updates.

Wersja 18.8.1 (2024-10-24)

Wersja 18.8.0 (2024-10-23)

Wersja 18.7.1 (2024-10-22)

  • Commit 60c2a
    Naprawa błędów
    Prośba klienta
    Fixed a bug where some emails were sent with wrong end-of-line characters.

Wersja 18.7.0 (2024-10-18)

  • Commit 4be6a
    Funkcjonalność
    Prośba klienta
    The Cyber Threat Intelligence platform does not provide details about IP addresses. A CTI license is required to get full access.

Wersja 18.6.8 (2024-10-17)

  • Commit 05b00
    Optymalizacja
    The statistical view shows additional details about cyber threat intelligence (actor monitoring and exploit identification).

Wersja 18.6.7 (2024-10-14)

  • Commit 18e76
    Optymalizacja
    Improvement of vulnerability titles containing complex file name structures.

Wersja 18.6.6 (2024-10-13)

  • Commit 950f4
    Naprawa błędów
    Fixed an issue where certain products were flagged as end of life even though that was not true.

Wersja 18.6.5 (2024-10-12)

  • Commit 08e5a
    Naprawa błędów
    Fixed an issue where CVSSv4 vectors of sources without CVSS-BT data were transponding these fields from the VulDB vector data which could lead to sometimes confusing assignments.

Wersja 18.6.4 (2024-10-11)

Wersja 18.6.3 (2024-10-09)

  • Commit 5ffed
    Optymalizacja
    Within vulnerability diff views all data fields based on unix timestamps show human-readable dates as well.

Wersja 18.6.2 (2024-09-27)

  • Commit a7c8a
    Optymalizacja
    Prioritizing Nessus Plugin ID in vulnerability entry headers.

Wersja 18.6.1 (2024-09-23)

  • Commit 419a8
    Naprawa błędów
    Under certain circumstances the calculation of community points was not correct which lead to a decrease in collected points. Thanks to the user guru for reporting this issue.

Wersja 18.6.0 (2024-09-22)

  • Commit 45d0d
    Funkcjonalność
    Linked certain CTI views to the according knowledge base entries (e.g. actors, countries, events).

Wersja 18.5.0 (2024-09-21)

  • Commit c23e4
    Optymalizacja
    Added a symbol to all views that require moderation or administrative permissions.

  • Commit aac87
    Funkcjonalność
    Zmiana API
    Added CNA and API details to the CVE sync view which requires CNA or vulnerability moderation permissions.

Wersja 18.4.13 (2024-09-20)

  • Commit 5030c
    Optymalizacja
    Highlighted and tagged all main menu items that require moderation or administrative permissions.

  • Commit dbbf5
    Optymalizacja
    Improved the view and capabilities of the manual vulnerability import feature available to vulnerability moderators.

Wersja 18.4.12 (2024-09-19)

Wersja 18.4.11 (2024-09-17)

Wersja 18.4.10 (2024-09-16)

Wersja 18.4.9 (2024-09-15)

  • Commit 1efee
    Optymalizacja
    Re-caclulation of all points for vulnerability submits to penalize weak submission entries more (e.g. missing product details, very short descriptions).

Wersja 18.4.8 (2024-09-14)

  • Commit 052f0
    Optymalizacja
    Listing members of the vulnerability moderation team in the vulnerability moderation view.

  • Commit 89d2b
    Optymalizacja
    Improved action forms in the vulnerability moderation view.

Wersja 18.4.7 (2024-09-13)

  • Commit df251
    Optymalizacja
    Automated expiration of moderation rights for admin users.

Wersja 18.4.6 (2024-09-12)

  • Commit af51e
    Optymalizacja
    Listing members of the actor moderation team in the actor import view.

Wersja 18.4.5 (2024-09-09)

Wersja 18.4.4 (2024-09-04)

  • Commit 6c28e
    Optymalizacja
    History views of vulnerability entries show the username instead of the user in the chart legend.

  • Commit 6c28e
    Optymalizacja
    History views of vulnerability entries show shortened field names in the chart legend.

  • Commit 6c28e
    Optymalizacja
    History views of vulnerability entries list commits and approvals with 0 confidence as well in the charts.

Wersja 18.4.3 (2024-09-03)

  • Commit 400a0
    Naprawa błędów
    Fixed an issue where vulnerability entries sometimes mention a fix timeline even though there is no fix available.

Wersja 18.4.2 (2024-08-31)

Wersja 18.4.1 (2024-08-28)

  • Commit ca544
    Optymalizacja
    Optimized database connection handling to improve performance and decrease ressource occupancy on the servers.

Wersja 18.4.0 (2024-08-27)

Wersja 18.3.2 (2024-08-26)

  • Commit 59faf
    Optymalizacja
    Improved the handling of vulnerability titles if many names are listed as affected vendor.

Wersja 18.3.1 (2024-08-25)

  • Commit 1909d
    Optymalizacja
    The assignment of points for submits is more strict but takes details into consideration (e.g. technical details in descriptions).

Wersja 18.3.0 (2024-08-24)

Wersja 18.2.0 (2024-08-23)

  • Commit 6c1a6
    Funkcjonalność
    Public user profiles show details about their community engagement like recent submits and commits.

Wersja 18.1.7 (2024-08-22)

  • Commit 2e090
    Optymalizacja
    The view for personal search history is improved and contains additional details.

  • Commit 44262
    Naprawa błędów
    Fixed an issue were large vulnerability lists were sometimes not showing special characters properly due to an encoding problem.

Wersja 18.1.6 (2024-08-21)

  • Commit 49395
    Optymalizacja
    Vulnerability titles with unusual vulnerability classes explain those whenever possible and do not just show "unknown vulnerability" anymore.

  • Commit 8db81
    Optymalizacja
    The view for personal submits is improved and contains additional stats and more details.

  • Commit d167f
    Naprawa błędów
    Fixed a very rare issue where internal moderators were not able to debug search queries properly.

Wersja 18.1.5 (2024-08-20)

  • Commit 971a6
    Naprawa błędów
    Under certain circumstances the CPE string for products with dedicated patch levels was not shown correctly.

Wersja 18.1.4 (2024-08-17)

  • Commit 39bc4
    Optymalizacja
    Editing a vulnerability entry will warn if a deprecated CWE value is selected.

Wersja 18.1.3 (2024-08-11)

  • Commit 15e3f
    Optymalizacja
    Views with user avatars are loaded much faster thanks to multiple query optimization techniques.

  • Commit e1f4f
    Optymalizacja
    Color of duplicate submissions set to a darker orange tone to highlight that they are not very useful.

Wersja 18.1.2 (2024-08-10)

  • Commit 80e03
    Naprawa błędów
    Fixed an issue where the recent chart on the front page was not updated properly when the service was under heavy load.

Wersja 18.1.1 (2024-08-09)

Wersja 18.1.0 (2024-08-08)

  • Commit 91a5f
    Funkcjonalność
    Prośba klienta
    Community users are able to create their individual avatars in their profile settings.

  • Commit 91a5f
    Funkcjonalność
    Community user avatars are shown in lists, submits, commits, and posts.

Wersja 18.0.0 (2024-08-07)

Wersja 17.29.0 (2024-08-06)

  • Commit 4f9b9
    Funkcjonalność
    It is easier possible to change the password of existing accounts without using the password reset process.

  • Commit 091b3
    Funkcjonalność
    All password changes are reported to the associated mail address.

Wersja 17.28.10 (2024-08-02)

  • Commit 49614
    Optymalizacja
    Prośba klienta
    Optimized queries and performance for personal My-Views (Recent, Updates, and Alerts).

Wersja 17.28.9 (2024-08-01)

  • Commit a64d7
    Optymalizacja
    Short vulnerability titles do also show affected file names even if large quantities of GET parameters are necessary.

Wersja 17.28.8 (2024-07-28)

  • Commit 697de
    Optymalizacja
    Editing vulnerability entries loads forms and dependencies much faster.

Wersja 17.28.7 (2024-07-27)

  • Commit a07e4
    Optymalizacja
    The overview ob submits hides blurried items on small screens to provide better accessibility.

Wersja 17.28.6 (2024-07-24)

  • Commit 8bc47
    Optymalizacja
    CTI views of vulnerabilities are able to link the correct actor or campaign based on associated vulnerability names.

Wersja 17.28.5 (2024-07-23)

  • Commit a3456
    Optymalizacja
    Vulnerability history views do not have links to new data anymore if the data value is empty (e.g. an existing data point was deleted).

Wersja 17.28.4 (2024-07-20)

Wersja 17.28.3 (2024-07-18)

  • Commit 0aeaa
    Optymalizacja
    Indicators for CERT vulnerabilities are more prominent and link directly to the according advisory.

  • Commit e4a9d
    Optymalizacja
    Diff views for vulnerabilities now indicate the creation of an entry and the dedicated updatesets.

  • Commit 04f0f
    Naprawa błędów
    Zmiana API
    Fixed an issue where under certain circumstances paying customers with additional free API credits were shown negative values for available API credits in their user profile.

Wersja 17.28.2 (2024-07-17)

Wersja 17.28.1 (2024-07-16)

  • Commit 0b780
    Optymalizacja
    Vulnerability history views highlight rollbacks and reverts to distinguish them from regular rejects.

Wersja 17.28.0 (2024-07-04)

  • Commit 45cc8
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 2.42/3.68 introduced the fields source_cnnvd_id, source_cnnvd_name, source_cnnvd_hazardlevel, source_cnnvd_create, source_cnnvd_publish, and source_cnnvd_update.

Wersja 17.27.0 (2024-07-03)

Wersja 17.26.1 (2024-06-30)

  • Commit 6f955
    Optymalizacja
    Source monitoring parsing optimized for new CVSSv4 vectors provided by external parties (e.g. CVE, CISA).

Wersja 17.26.0 (2024-06-29)

  • Commit 5ccf0
    Funkcjonalność
    Vulnerability views for history and diff show the count of established commits.

Wersja 17.25.4 (2024-06-25)

  • Commit 45ee7
    Optymalizacja
    Vulnerability diff views are able to show 4 instead of just 3 generations of updated collections.

  • Commit 45ee7
    Optymalizacja
    Vulnerability history views provide optimized field names for better layouting and clarity.

Wersja 17.25.3 (2024-06-22)

  • Commit 92046
    Optymalizacja
    Performance optimization of the vulnerability database tables to make them smaller and faster to work with.

Wersja 17.25.2 (2024-06-19)

  • Commit b1b1a
    Optymalizacja
    Improved the structure of notification emails if a login of a new device was detected.

Wersja 17.25.1 (2024-06-18)

Wersja 17.25.0 (2024-06-16)

Wersja 17.24.0 (2024-06-14)

Wersja 17.23.0 (2024-06-11)

  • Commit 672d2
    Funkcjonalność
    The reliability level of IOCs degrades over time and is better shown with the confidence indicator.

Wersja 17.22.0 (2024-06-09)

  • Commit f4433
    Funkcjonalność
    Vulnerability lists and vulnerability entries mentioning zero-day.cz do properly link to the source entry.

Wersja 17.21.0 (2024-06-08)

  • Commit 2ecd8
    Funkcjonalność
    Vulnerability list overviews with EPSS scores show a tooltip with the associated EPSS percentile value.

  • Commit 2ecd8
    Funkcjonalność
    Vulnerability list overviews with revoked CVE identifiers show a tooltip with the reasoning.

Wersja 17.20.1 (2024-06-06)

Wersja 17.20.0 (2024-06-03)

Wersja 17.19.3 (2024-06-01)

  • Commit 99084
    Optymalizacja
    Performance optimization of database queries for vulnerability entries.

Wersja 17.19.2 (2024-05-28)

  • Commit a51a7
    Optymalizacja
    Optimized the language menu view to make it better readable.

Wersja 17.19.1 (2024-05-27)

  • Commit cdf1b
    Optymalizacja
    Commit histories of vulnerability entries flag not accepted commits and reverted commits differently.

Wersja 17.19.0 (2024-05-26)

Wersja 17.18.2 (2024-05-18)

  • Commit ff750
    Optymalizacja
    Behavior of vulnerability submits is shown in all user profiles of community member that have made at least one vulnerability submission.

Wersja 17.18.1 (2024-05-15)

  • Commit 8644a
    Optymalizacja
    Layout optimization of the relate table view for vulnerability entries.

Wersja 17.18.0 (2024-05-14)

  • Commit 5c336
    Funkcjonalność
    Introduction of the relate view for vulnerability entries which shows associated vulnerabilities based on affected elements.

Wersja 17.17.4 (2024-05-13)

  • Commit debd2
    Optymalizacja
    Vulnerability entries show other associated and similar entries much better.

Wersja 17.17.3 (2024-05-12)

  • Commit 6e778
    Optymalizacja
    Updating all references to align with the new structure of the upcoming CNA Rules 4.0.

Wersja 17.17.2 (2024-05-10)

  • Commit 66367
    Optymalizacja
    Completing version data for known products based on historical data is improved regarding quality and performance.

Wersja 17.17.1 (2024-05-08)

  • Commit 8d986
    Optymalizacja
    Performance improvement of historical version analysis provides a better user experience when accessing vulnerability enrtries.

Wersja 17.17.0 (2024-05-07)

  • Commit c8039
    Funkcjonalność
    Vulnerability entries contain the cache identifier to better associate activities to user groups.

Wersja 17.16.2 (2024-05-05)

  • Commit f65a0
    Optymalizacja
    Vulnerability submission entries link better to the associated vulnerability entry.

  • Commit f65a0
    Optymalizacja
    Vulnerability submissions link to the current process step as explained in the Knowledge Base.

Wersja 17.16.1 (2024-04-29)

  • Commit 6c2e6
    Optymalizacja
    Prośba klienta
    The CPE list is automcompleted based on historical data if a countermeasure version is known but affected versions are unknown.

Wersja 17.16.0 (2024-04-27)

  • Commit 79b0d
    Funkcjonalność
    Approved vulnerability submits are also published within a new RSS feed to make analysis of new vulnerability entries much easier.

Wersja 17.15.1 (2024-04-25)

  • Commit 05482
    Naprawa błędów
    Fixed an issue where under some rare circumstances some vulnerability entries did not show the CPE strings.

Wersja 17.15.0 (2024-04-24)

  • Commit 08a14
    Funkcjonalność
    Vulnerability entries list associated CAPEC identifierts.

Wersja 17.14.0 (2024-04-23)

Wersja 17.13.0 (2024-04-22)

  • Commit b56ac
    Funkcjonalność
    CTI views containing TTP (Tactics, Techniques, Procedures) information do also list associated CAPEC (Common Attack Pattern Enumeration and Classification) data.

Wersja 17.12.0 (2024-04-19)

Wersja 17.11.1 (2024-04-17)

  • Commit b9de6
    Optymalizacja
    Within vulnerability detail views the link for CPE strings is optimized to provide better search results on NVD.

Wersja 17.11.0 (2024-04-14)

  • Commit 37e20
    Funkcjonalność
    Some CTI list views show the EPSS percentile value to better assess exploiting risks for vulnerabilities.

  • Commit 079a3
    Optymalizacja
    All list views containing date or time values support tooltips which show how long ago an event happened.

Wersja 17.10.0 (2024-04-13)

  • Commit 13074
    Funkcjonalność
    All vulnerability list views associated with our work as a CVE Numbering Authority show the associated user submission to improve and simplify research capabilities.

  • Commit 12479
    Optymalizacja
    In some vulnerability list views the columns EPSS and CTI were swapped to show CTI values as last data point.

Wersja 17.9.1 (2024-04-12)

  • Commit 52022
    Naprawa błędów
    Prośba klienta
    Fixed a rare issue where lists of versions were not created properly.

Wersja 17.9.0 (2024-04-09)

Wersja 17.8.1 (2024-04-08)

Wersja 17.8.0 (2024-04-03)

  • Commit efec4
    Funkcjonalność
    Zmiana API
    In API 3.62 introduced additional detail fields for CISA Known Exploited Vulnerabilities Catalog data with the structure exploit_kev_*.

Wersja 17.7.1 (2024-04-02)

  • Commit e3042
    Optymalizacja
    Prośba klienta
    Availability of CPE for vulnerabilities is drastically improved as they are compiled based on historical data and different sources as well.

Wersja 17.7.0 (2024-04-01)

Wersja 17.6.4 (2024-03-31)

  • Commit 6c8e5
    Optymalizacja
    Performance improvement of updates of the internal EPSS data storage.

Wersja 17.6.3 (2024-03-30)

Wersja 17.6.2 (2024-03-29)

Wersja 17.6.1 (2024-03-28)

  • Commit 223de
    Optymalizacja
    Disabled delayed caching for certain views to provide better data in real-time.

Wersja 17.6.0 (2024-03-26)

  • Commit 1003a
    Funkcjonalność
    Prośba klienta
    It is possible to see all successfully processed vulnerability submissions. This raw data helps to get a better understanding of the structure of a security issue.

  • Commit b415c
    Funkcjonalność
    Vulnerability entries that are based on a submission by a VulDB community user list the associated submissions.

Wersja 17.5.1 (2024-03-25)

Wersja 17.5.0 (2024-03-23)

Wersja 17.4.0 (2024-03-21)

  • Commit 9dc56
    Funkcjonalność
    Zmiana API
    API 3.60 introduced additional detail fields for CVSS data: _basevector and _tempvector for all, _baseseverity and _tempseverity for CVSSv2 and CVSSv3, _bseverity and _btseverity for CVSSv4.

Wersja 17.3.1 (2024-03-20)

Wersja 17.3.0 (2024-03-19)

Wersja 17.2.0 (2024-03-18)

  • Commit b7147
    Funkcjonalność
    CVSSv4 scores in vulnerability entries are clickable to learn more about the generation of such scores.

  • Commit b7147
    Funkcjonalność
    CVSSv4 scores do also show the reliability level of the scoring assignment like we already do for CVSSv3 scores.

Wersja 17.1.0 (2024-03-17)

  • Commit 026ac
    Funkcjonalność
    Prośba klienta
    Dedicated view for CVSSv4 scores is available. All entries in our database do support CVSS-B and CVSS-BT scores.

Wersja 17.0.0 (2024-03-16)

  • Commit 357ce
    Funkcjonalność
    Prośba klienta
    Vulnerability entries display CVSSv4 scores (CVSS-B as Base and CVSS-BT as Temp). The main CVSS scores remain based on CVSSv3 until CVSSv4 is well-accepted in the industry.

Wersja 16.30.6 (2024-02-23)

  • Commit 49ba9
    Optymalizacja
    CTI data shown for vulnerability entries provides better identification of predictive and verified indicators.

Wersja 16.30.5 (2024-02-19)

  • Commit c912d
    Optymalizacja
    Zmiana API
    Prośba klienta
    Strong performance improvement of CTI data requests within the Vulnerability API and the CTI API in general.

Wersja 16.30.4 (2024-02-18)

  • Commit f694c
    Optymalizacja
    Vulnerability entries that show CTI data will list countries with their proper name.

  • Commit 20626
    Optymalizacja
    Performance improvement if CTI data is shown in vulnerability entries.

Wersja 16.30.3 (2024-02-17)

  • Commit d0970
    Optymalizacja
    Comments of vulnerability entries awaiting moderation or being rejected show more details for the posting user.

Wersja 16.30.2 (2024-02-16)

  • Commit e616d
    Optymalizacja
    Community points for posts are added during the approval process.

Wersja 16.30.1 (2024-02-13)

  • Commit 686da
    Optymalizacja
    CVE fields during the editing of a vulnerability are protected if VulDB is the official CNA for that assignment.

Wersja 16.30.0 (2024-02-07)

Wersja 16.29.4 (2024-02-06)

Wersja 16.29.3 (2024-02-05)

Wersja 16.29.2 (2024-02-03)

  • Commit 90afb
    Optymalizacja
    Prośba klienta
    If a vulnerability submission gets accepted, the submitter will receive an email which does now contain the request to keep and maintain the attached sources to help others verify and investigate the issue.

Wersja 16.29.1 (2024-01-27)

  • Commit daaee
    Optymalizacja
    A new vulnerability submit which gets merged into an existing entry as a duplicate will not give community points to the submitter.

Wersja 16.29.0 (2024-01-26)

  • Commit 7ddcf
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.58 the CTI responses for actors and IP addresses contain the object cve which lists all associated CVE identifiers.

Wersja 16.28.4 (2024-01-25)

Wersja 16.28.3 (2024-01-24)

  • Commit dbc60
    Optymalizacja
    Vulnerability entries show researchers as human-readable listings delimited by commas.

Wersja 16.28.2 (2024-01-19)

  • Commit 87dca
    Optymalizacja
    CTI views with actor names are now considering special characters properly to support multi-language representation of source data.

Wersja 16.28.1 (2024-01-18)

  • Commit afc60
    Optymalizacja
    Improved handling of an increased amount of service requests to provide a better user experience.

Wersja 16.28.0 (2024-01-17)

  • Commit a7d0e
    Funkcjonalność
    Prośba klienta
    The CTI export endpoint for IP addresses lists most recent entries for the last 24 hours by default. By adding a date in the form of YYYYmmdd it is possible to request items for a specific day.

  • Commit 7f645
    Optymalizacja
    Better identification of vulnerabilities with duplicate CVE assignments.

Wersja 16.27.2 (2024-01-16)

  • Commit d65c0
    Optymalizacja
    Prośba klienta
    Improved version handling of vulnerable products that use release candidates (e.g. Linux Kernel).

Wersja 16.27.1 (2024-01-15)

  • Commit af91b
    Optymalizacja
    Prośba klienta
    Improved version handling of vulnerable products that use characters as their minor version identifiers (e.g. OpenSSL).

Wersja 16.27.0 (2024-01-12)

  • Commit 124a4
    Funkcjonalność
    CVEs that we reserve and publish as a CNA distinguish between identifier (finder), submitter (reporter), and commiter (analyst).

Wersja 16.26.0 (2023-12-26)

  • Commit c138a
    Funkcjonalność
    Vulnerability commits that were rejected or reverted show an indicator within the commit history for better identification.

Wersja 16.25.1 (2023-12-08)

  • Commit a86ac
    Optymalizacja
    Performance improvement of internal HTTP processing to handle requests more efficient and to deliver results faster.

Wersja 16.25.0 (2023-11-18)

Wersja 16.24.7 (2023-11-17)

Wersja 16.24.6 (2023-11-09)

  • Commit fdcd0
    Optymalizacja
    The user menu shows more items to provide better accessibility.

Wersja 16.24.5 (2023-11-06)

  • Commit 47d40
    Optymalizacja
    Upgrade of the database engine to provide better performance and ressource management.

Wersja 16.24.4 (2023-10-30)

  • Commit 9d609
    Naprawa błędów
    Fixed an issue where certain CTI queries for hostnames were not executed in time.

Wersja 16.24.3 (2023-10-27)

Wersja 16.24.2 (2023-10-26)

Wersja 16.24.1 (2023-10-21)

Wersja 16.24.0 (2023-10-14)

  • Commit 1c51a
    Funkcjonalność
    Prośba klienta
    Users with old passwords are warned that their passwords are going to expire. They are encouraged to define a new password.

  • Commit d843d
    Funkcjonalność
    Old passwords expire and require a password reset via email to enforce a high level of security.

Wersja 16.23.2 (2023-10-12)

  • Commit c03c5
    Optymalizacja
    Better handling of special characters in vulnerability titles to provide improved readability.

Wersja 16.23.1 (2023-10-11)

Wersja 16.23.0 (2023-10-04)

  • Commit c7f4e
    Funkcjonalność
    Vulnerability entries show a dedicated list of affected version numbers as well.

Wersja 16.22.10 (2023-09-23)

  • Commit e7d66
    Optymalizacja
    Better and faster processing of mail alerts to keep users up-to-date about their affected products.

Wersja 16.22.9 (2023-09-20)

  • Commit 2b9d4
    Optymalizacja
    Improvement of flooding and denial of service protection to guarantee an even more reliable service.

Wersja 16.22.8 (2023-09-17)

  • Commit a91bf
    Optymalizacja
    The fields software_website_vendor and software_website_product are now auto-completed much better to provide improved data quality for less popular entries.

Wersja 16.22.7 (2023-09-15)

  • Commit eb2df
    Naprawa błędów
    Prośba klienta
    Fixed an issue where duplicates in CPE lists were creating odd JSON responses.

Wersja 16.22.6 (2023-08-31)

  • Commit 311c6
    Naprawa błędów
    Prośba klienta
    Fixed an issue where exported CPE lists (JSON) were shown as objects instead of arrays. Reported by Dave Thornley.

Wersja 16.22.5 (2023-08-29)

  • Commit 914ca
    Optymalizacja
    Improved handling of malicious requests to guarantee availability and responsiveness for our customers.

Wersja 16.22.4 (2023-08-09)

  • Commit 1e7dc
    Naprawa błędów
    Sums and average data of yearly views were not calculated correctly if there was a month with zero data.

Wersja 16.22.3 (2023-08-03)

  • Commit b7490
    Optymalizacja
    Vulnerability data storage of source_nessus_type is much more efficient which increases performance as well.

Wersja 16.22.2 (2023-08-02)

  • Commit 65890
    Optymalizacja
    Better handling of obsolete links to discontinued vulnerability sources.

Wersja 16.22.1 (2023-08-01)

  • Commit 4423b
    Optymalizacja
    Vulnerability data storage of source_vulnerabilitycenter_severity is much more efficient which increases performance as well.

Wersja 16.22.0 (2023-07-31)

  • Commit 09088
    Funkcjonalność
    Prośba klienta
    Changes to the personal filter are now considered critical and as such they will inform the user about the edit via email.

Wersja 16.21.7 (2023-07-30)

  • Commit d6b1e
    Optymalizacja
    Vulnerability data storage of source_nessus_risk and source_secunia_risk is much more efficient which increases performance as well.

Wersja 16.21.6 (2023-07-29)

Wersja 16.21.5 (2023-07-26)

  • Commit b552b
    Naprawa błędów
    In CTI views the list of references was not revealed entirely even if the user had a proper license.

Wersja 16.21.4 (2023-07-24)

Wersja 16.21.3 (2023-07-19)

  • Commit 707b0
    Optymalizacja
    Better IP address association for verified IOC (Indicators of Compromise). This increases the accuracy of CTI analysis of vulnerability entries.

Wersja 16.21.2 (2023-07-17)

Wersja 16.21.1 (2023-07-16)

Wersja 16.21.0 (2023-07-05)

  • Commit 0c32c
    Funkcjonalność
    Sometimes CNAs assign duplicate CVEs for the same vulnerability. We do now show such duplicates to help to better understand connections between CVE entries.

Wersja 16.20.3 (2023-06-27)

  • Commit 6ee4c
    Optymalizacja
    Better identification of vulnerability entries which affect products that are end-of-life. Version-specific association is now possible.

Wersja 16.20.2 (2023-06-26)

  • Commit bb031
    Optymalizacja
    Improvement of CTI analysis for vulnerabilities that spike within short timeframes (hours and days). The data is loaded, analyzed, and presented much faster.

Wersja 16.21.2 (2023-07-17)

  • Commit 39c9a
    Optymalizacja
    Optimization of monoblock capabilities to handle vulnerability data.

Wersja 16.20.0 (2023-06-13)

Wersja 16.19.0 (2023-06-10)

Wersja 16.18.1 (2023-06-03)

  • Commit e3b45
    Optymalizacja
    Detection of commit collisions during editing of vulnerability data. Entries will be locked until an edit has been finalized.

Wersja 16.18.0 (2023-05-26)

Wersja 16.17.2 (2023-05-23)

  • Commit b7248
    Optymalizacja
    Improved use of vulnerability names for better data matching on the web service.

Wersja 16.17.1 (2023-05-17)

  • Commit 6f54e
    Optymalizacja
    Upgraded database servers to improve performance during peak times.

Wersja 16.17.0 (2023-05-13)

  • Commit b7e2d
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 2.37/3.57 introduction of the field source_cve_duplicate to indicate whether a duplicate CVE has been assigned to an entry.

Wersja 16.16.4 (2023-05-11)

  • Commit 0fa94
    Naprawa błędów
    Fixed a minor view issue with Indicator of Compromise (IOC) tables that list IP ranges.

Wersja 16.16.3 (2023-05-10)

  • Commit 8f483
    Naprawa błędów
    Fixed an issue where sync of researcher data with the CVE stream did not happen properly under certain circumstances.

Wersja 16.16.2 (2023-05-05)

Wersja 16.16.1 (2023-05-03)

  • Commit bf769
    Optymalizacja
    Improved intelligent matching of vendor and product definitions in all search queries, especially in multi-line fields.

Wersja 16.16.0 (2023-04-29)

  • Commit eaaf4
    Funkcjonalność
    Due to our intensive involvement as a CNA (CVE Numbering Authority) we have extended the main menu to access CVE details that are maintained by us very quickly.

Wersja 16.15.1 (2023-04-22)

  • Commit e45ea
    Optymalizacja
    The discussion possibility for vulnerabilities mentions that they are intended for public exchange and not fort support queries. Use the contact form instead to approach our support team.

Wersja 16.15.0 (2023-04-21)

Wersja 16.14.1 (2023-04-18)

  • Commit f5a6c
    Optymalizacja
    Improvement of the field advisory_type to indicate where a vulnerability disclosure is originating from.

  • Commit 9cf62
    Naprawa błędów
    Zmiana API
    Fixed an issue where under certain circumstances the field advisory_type was not shown in an API response.

Wersja 16.14.0 (2023-04-17)

  • Commit a040a
    Funkcjonalność
    Added the setting to enable count information for certain views in the site title. This helps to determine how many items are listed on a page.

  • Commit 2ef13
    Naprawa błędów
    Fixed an issue in the overview of personal posts which did not show the name of a vulnerability entry properly.

Wersja 16.13.2 (2023-04-16)

  • Commit 9a6a2
    Optymalizacja
    Changed the HTML title of vulnerability entries to use a colon instead of a pipe symbol as delimiter. Please update your parsers if you are relying on this data structure.

Wersja 16.13.1 (2023-04-15)

Wersja 16.13.0 (2023-04-09)

Wersja 16.12.1 (2023-04-02)

Wersja 16.12.0 (2023-04-01)

  • Commit 67624
    Funkcjonalność
    Zmiana API
    In API 3.56 sources that are not available anymore are shown with the unavailable tag which contains the reason. This helps to determine defunct companies and dead links.

  • Commit b5b18
    Funkcjonalność
    Vulnerability entries indicate broken external links to help determine defunct companies and dead links.

Wersja 16.11.1 (2023-03-31)

Wersja 16.11.0 (2023-03-23)

  • Commit 7a109
    Funkcjonalność
    Zmiana API
    In API 2.36/3.55 introduction of the field source_cve_duplicateof to indicate CVE assignments which are potential duplicates of existing CVE assignments.

Wersja 16.10.3 (2023-03-17)

Wersja 16.10.2 (2023-03-16)

  • Commit 7b3a5
    Optymalizacja
    Improved accuracy of indicators for vulnerability entries of managed serviced that cannot get a CVE according to current CAN rules.

Wersja 16.10.1 (2023-03-13)

  • Commit ab8a8
    Optymalizacja
    Prośba klienta
    Handling of CPE values of vulnerabilities was optimized to provide better accuracy of data.

Wersja 16.10.0 (2023-03-11)

  • Commit c639d
    Funkcjonalność
    Prośba klienta
    Comments of vulnerability entries will show official replies by our community team to help visitors to understand details and inner workings of our processes.

  • Commit 13ff7
    Funkcjonalność
    Hovering over the time indicator of comments will show the exact time of the submission.

Wersja 16.9.3 (2023-03-09)

  • Commit f3d56
    Optymalizacja
    Performance improvement of EPSS (Exploit Prediction Scoring System) value handling.

Wersja 16.9.2 (2023-02-19)

Wersja 16.9.1 (2023-02-16)

  • Commit 636cc
    Optymalizacja
    Much better performance of the service by optimizing the partitioning of data. Especially if there are many tasks handled at the same time.

Wersja 16.9.0 (2023-02-15)

Wersja 16.8.0 (2023-02-13)

  • Commit 8a926
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.54 the field software_managedservice is introduced to indicate products that are managed services and therefore not maintained by users.

Wersja 16.7.0 (2023-02-11)

  • Commit 0ceeb
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 1.17/2.35/3.53 the field software_rollingrelease is introduced to indicate whether the product is not using version numbering but establishing a rolling release instead.

  • Commit 27319
    Funkcjonalność
    Zmiana API
    The changelog does now flag changes to the API as such. This helps customers to identify changes that might require their attention regarding automated processing of data.

Wersja 16.6.12 (2023-02-03)

  • Commit 1c4ca
    Optymalizacja
    Zmiana API
    Prośba klienta
    Invalid URL requests to the API are not always redirected to prevent inefficient usage of the API.

Wersja 16.6.11 (2023-01-28)

  • Commit 9e571
    Naprawa błędów
    Zmiana API
    Prośba klienta
    Fixed an issue in the API where request for entry_timstampe_change for older entries did not return the desired amount of items.

Wersja 16.6.10 (2023-01-23)

Wersja 16.6.9 (2023-01-22)

  • Commit 05f5c
    Optymalizacja
    Improvement of the Google Hacking view which provides a wide variety of Google Dorks.

  • Commit 32026
    Optymalizacja
    Faster and smarter processing of cache data which improves the overall performance of the service drastically.

Wersja 16.6.8 (2023-01-21)

  • Commit 830d3
    Optymalizacja
    Invalid URL requests to the service are usually redirected, to point the user to the correct URL. This is now approached more consistantly.

Wersja 16.6.7 (2023-01-20)

  • Commit e6e23
    Optymalizacja
    Performance optimization to increase responsibility for a wide variety of views.

Wersja 16.6.6 (2023-01-12)

  • Commit 6c542
    Optymalizacja
    Improvement of search by purl statements. Better matching of products and versions possible.

Wersja 16.6.5 (2023-01-11)

  • Commit 7c9bd
    Optymalizacja
    Better indicator for disputed vulnerability entries that are handled by our CNA team.

Wersja 16.6.4 (2023-01-10)

Wersja 16.6.3 (2023-01-09)

  • Commit 9b662
    Optymalizacja
    Better handling of user sessions, especially if there is a lot of activities on the service.

Wersja 16.6.2 (2023-01-07)

Wersja 16.6.1 (2023-01-04)

Wersja 16.6.0 (2023-01-03)

Wersja 16.5.4 (2023-01-02)

  • Commit 9a5e1
    Optymalizacja
    Extended display of multiline quotes of vulnerabilities for software, advisories, vulnerabilities, exploits, and countermeasures.

Wersja 16.5.3 (2022-12-21)

  • Commit 89dfe
    Naprawa błędów
    In very rare cases the derivative identification of vulnerability classes was not working.

Wersja 16.5.2 (2022-12-18)

Wersja 16.5.1 (2022-12-17)

Wersja 16.5.0 (2022-12-16)

Wersja 16.4.6 (2022-12-12)

Wersja 16.4.5 (2022-12-10)

  • Commit 47588
    Optymalizacja
    Zmiana API
    More performance improvement of the API for timeranges like advisory_date_start, entry_timestamp_create_start, entry_timestamp_change_start, and entry_timestamp_all_start.

Wersja 16.4.4 (2022-12-08)

  • Commit fc381
    Optymalizacja
    Zmiana API
    Prośba klienta
    In API 3.52 performance optimization of certain queries requesting timeranges like advisory_date_start, entry_timestamp_create_start, entry_timestamp_change_start, and entry_timestamp_all_start.

Wersja 16.4.3 (2022-12-07)

  • Commit dba58
    Optymalizacja
    Improved handling of duplicate vulnerability entries. These are processed much faster, flagged as duplicates or even hidden under certain circumstances.

Wersja 16.4.2 (2022-12-05)

Wersja 16.4.1 (2022-12-04)

Wersja 16.4.0 (2022-12-03)

Wersja 16.3.4 (2022-11-26)

  • Commit dae79
    Optymalizacja
    Improved extended CPE dictionary generation. By dropping attributes that are not necessary the file generation becomes faster and the file becomes smaller.

Wersja 16.3.3 (2022-11-25)

  • Commit 726b4
    Optymalizacja
    Hardware upgrade for better memory and processing handling.

Wersja 16.3.2 (2022-11-22)

  • Commit 21d9b
    Optymalizacja
    Improved coverage and flagging of software products known to be end-of-life.

Wersja 16.3.1 (2022-11-21)

  • Commit 23f71
    Optymalizacja
    Better handling of vulnerability entries flagges as false-positives or revoked data parts. Summaries reflect the status better and overviews tag them more prominent.

Wersja 16.3.0 (2022-11-18)

  • Commit 085b7
    Funkcjonalność
    Additional links to the internal knowledge base and external sources available in vulnerability summaries and descriptions. This makes research a lot faster, easier, and more comfortable.

Wersja 16.2.0 (2022-11-08)

  • Commit ba2e4
    Funkcjonalność
    Zmiana API
    Prośba klienta
    Introduction of the field software_support_availability to identify products which are end-of-life. These are shown in vulnerability entries and since API 3.51.

Wersja 16.1.1 (2022-11-07)

  • Commit 21a87
    Naprawa błędów
    Prośba klienta
    Fixed a bug where some searches for CPE strings were not working properly.

Wersja 16.1.0 (2022-10-31)

  • Commit 62218
    Funkcjonalność
    Zmiana API
    Prośba klienta
    Introduction of the fields software_license_type and software_license_name to better understand licensing and support coverage of an affected product. These are shown in vulnerability entries and since API 3.50.

Wersja 16.0.3 (2022-10-20)

Wersja 16.0.2 (2022-10-19)

  • Commit df7bf
    Naprawa błędów
    Vulnerability entries without the definition of software_version but with a definition of countermeasure_upgrade_version will show this information properly in the document title.

Wersja 16.0.1 (2022-10-18)

  • Commit f18ee
    Optymalizacja
    Vulnerability entries list associated changesets with date and count of changes. This makes it easier to understand the lifecycle of an entry.

Wersja 16.0.0 (2022-10-15)

  • Commit 30f76
    Funkcjonalność
    Prośba klienta
    The vulnerability data team is taking advantage of the new source monitoring modules. An advanced artificial intelligence enumerates different sources to determine new vulnerabilities or additional details. If such are found, they are added to the submission queue and will be reviewed by the moderation team. This will increase coverage, processing speed, and data quality of vulnerability entries drastically.

Wersja 15.5.6 (2022-10-10)

Wersja 15.5.5 (2022-10-07)

  • Commit fb472
    Optymalizacja
    Optimization of the user menu as shown on devices with smaller screens.

Wersja 15.5.4 (2022-10-06)

  • Commit 78b19
    Optymalizacja
    Sites showing search results with a new search form will set the focus on the form field for faster processing of new search queries.

Wersja 15.5.3 (2022-09-30)

  • Commit 53399
    Naprawa błędów
    Zmiana API
    Prośba klienta
    In API 3.48 fixed an issue for the field parameter where only old notations of vulnerability_cvss3_basevector_vuldb and vulnerability_cvss3_tempvector_vuldb instead also of vulnerability_cvss3_vuldb_basevector and vulnerability_cvss3_vuldb_tempvector were supported.

  • Commit 4995f
    Optymalizacja
    Zmiana API
    In API 1.16/2.34/3.49 a more graceful handling of too many definitions in the fields parameter got established. If there are too many fields defined, only the first ones will be used and the others silently ignored.

Wersja 15.5.2 (2022-09-28)

Wersja 15.5.1 (2022-09-25)

Wersja 15.5.0 (2022-09-23)

Wersja 15.4.1 (2022-09-20)

  • Commit c9710
    Optymalizacja
    Improved the declaration of impacts within description and summaries of vulnerabilities.

Wersja 15.4.0 (2022-09-19)

Wersja 15.3.11 (2022-09-18)

Wersja 15.3.10 (2022-09-15)

  • Commit 8028c
    Optymalizacja
    Better memory handling of the service to improve responsiveness of queries and views.

Wersja 15.3.9 (2022-09-14)

Wersja 15.3.8 (2022-09-11)

  • Commit b4aec
    Naprawa błędów
    Fixed an issue where empty CWE data was shown in vulnerability entries. This was just an interface error on the web frontend.

Wersja 15.3.7 (2022-09-08)

  • Commit e5ba5
    Naprawa błędów
    Prośba klienta
    Fixed an issue with the RSS feeds where certain special characters in the title element lead to XML validation errors. Reported by Calvin Mende.

Wersja 15.3.6 (2022-09-07)

Wersja 15.3.5 (2022-09-06)

  • Commit 144c0
    Naprawa błędów
    Zmiana API
    Prośba klienta
    Fixed an issue where certain search requests via web and API were not executed at all. Reported by user showmax

Wersja 15.3.4 (2022-09-05)

  • Commit 61068
    Optymalizacja
    Another performance improvement of search queries. Lookups for functions and arguments are now multiple times faster as well.

Wersja 15.3.3 (2022-09-02)

  • Commit 6ae56
    Optymalizacja
    Prośba klienta
    Performance improvement of search queries. Especially queries for URLs are now multiple times faster.

Wersja 15.3.2 (2022-08-30)

Wersja 15.3.1 (2022-08-29)

Wersja 15.3.0 (2022-08-27)

  • Commit 13bc6
    Funkcjonalność
    Prośba klienta
    Vulnerability entries show multiple CWE if available. In this case they are listed in descending order of accuracy.

Wersja 15.2.3 (2022-08-19)

  • Commit 87315
    Optymalizacja
    Vulnerability entries flagged as false-positive are shown with this tag in lists (e.g. overview, search).

Wersja 15.2.2 (2022-08-17)

  • Commit 4bf82
    Optymalizacja
    Another improvement of entropy of the CSRF token generation for critical forms.

Wersja 15.2.1 (2022-08-14)

  • Commit 6d5fa
    Optymalizacja
    Zmiana API
    In API 3.46 he virtual fields advisory_reportconfidence, exploit_exploitability, countermeasure_remediationlevel provide better data accurary to improve data quality.

Wersja 15.2.0 (2022-08-11)

  • Commit c5cd8
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.45 the Vulnerability API is able to show additional CTI information by enabling cti=1 within requests. This is possible for free accounts, commercial accounts and enterprise accounts with the CTI option enabled. The real-time availability of the data introduces some increased round trip times for such queries.

Wersja 15.1.2 (2022-08-09)

Wersja 15.1.1 (2022-07-12)

  • Commit b168a
    Optymalizacja
    Fixed an issue where vulnerabilities with product versions ending with .x wildcards were handled inapprorpiately.

Wersja 15.1.0 (2022-07-08)

  • Commit 5134e
    Funkcjonalność
    Prośba klienta
    Certain views contain a column listing the latest EPSS (Exploit Prediction Scoring System) values for vulnerabilities.

Wersja 15.0.0 (2022-07-05)

  • Commit c13ba
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.44 introduced the CTI API which supports the request types ipaddr, actor, and events. API credit consumption is slightly different than within the Vulnerability API.

Wersja 14.27.1 (2022-06-29)

  • Commit 093a3
    Optymalizacja
    Listing of important identifiers of vulnerabilities were optimized to provide better searchability.

Wersja 14.27.0 (2022-06-24)

  • Commit ab1f7
    Funkcjonalność
    English vulnerability descriptions explain the vulnerability classes according to the CWE definitions.

Wersja 14.26.6 (2022-06-23)

  • Commit 0761d
    Optymalizacja
    Improved the support for less popular CWE classes to provide better identification capabilities of exotic vulnerabilities.

Wersja 14.26.5 (2022-06-16)

  • Commit 4a400
    Optymalizacja
    Faster synchronization of EPSS (Exploit Prediction Scoring System) data to increase confidence of predictions.

Wersja 14.26.4 (2022-06-11)

  • Commit e54df
    Optymalizacja
    Improved version listing for releases using letters in version numbering (e.g. OpenSSL).

Wersja 14.26.3 (2022-06-10)

  • Commit 986a8
    Optymalizacja
    Better accuracy of product requests in the Monoblock.

Wersja 14.26.2 (2022-06-07)

Wersja 14.26.1 (2022-06-02)

Wersja 14.26.0 (2022-06-01)

  • Commit 6b2ff
    Funkcjonalność
    Prośba klienta
    Introduction of the Exploit Prediction Scoring System which is able to predict chances of successful exploitation of vulnerabilities. Official EPSS data is kept in sync and shown in the vulnerability details.

  • Commit 51aab
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 2.32/3.43 introduced the fields exploit_epss_score and exploit_epss_percentile which provide live data of EPSS (Exploit Prediction Scoring System) to predict chances of successful exploitation.

Wersja 14.25.10 (2022-05-31)

  • Commit 6436a
    Naprawa błędów
    Fixed an issue where certain links were not correctly used in the vulnerability summaries for authenticated users. Reported by Andrea Hauser

Wersja 14.25.9 (2022-05-25)

Wersja 14.25.8 (2022-05-23)

  • Commit 01046
    Naprawa błędów
    Zmiana API
    Prośba klienta
    In API 3.41 accessing the field software_cpe23 is possible again. Other major releases of the API were not affected. Reported by Stefan Sander.

Wersja 14.25.7 (2022-05-15)

  • Commit ed7b9
    Naprawa błędów
    Sending certain host requests introduced the possibility for unexpected redirects. Reported by Pankaj lakshkar

Wersja 14.25.6 (2022-05-12)

Wersja 14.25.5 (2022-05-11)

Wersja 14.25.4 (2022-05-10)

  • Commit 0098a
    Naprawa błędów
    Prośba klienta
    Fixed an error message which was shown under certain circumstances for recent entries.

Wersja 14.25.3 (2022-05-06)

  • Commit e8a31
    Optymalizacja
    The latest videos shown on the frontpage are updated faster to provide access to the latest entries.

  • Commit dfe4e
    Naprawa błędów
    Zmiana API
    Prośba klienta
    In API 1.14/2.31/3.41 fixed an issue where requests with entry_timestamp_create did include entries that matched entry_timestamp_change instead. Reported by user peeradon.no

Wersja 14.25.2 (2022-05-04)

  • Commit 52eb6
    Optymalizacja
    The personal view of My Alert shows matching entries ranging back 90 days.

Wersja 14.25.1 (2022-05-03)

Wersja 14.25.0 (2022-05-02)

Wersja 14.24.1 (2022-04-29)

Wersja 14.24.0 (2022-04-27)

  • Commit 91fce
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.40 using the parameter format=csv makes it possible to output vulnerability data as CSV. Not all request types are supported, not all fields are included, and API header information is not part of the output.

Wersja 14.23.1 (2022-04-25)

  • Commit c49ec
    Optymalizacja
    Improved the actor and compaign association of the CTI module. Interlinking data is better and provides results with increased accuracy.

  • Commit 30e2c
    Optymalizacja
    CTI indicators shown are either verified or predictive and shown with the associated tag.

Wersja 14.23.0 (2022-04-24)

Wersja 14.22.0 (2022-04-21)

Wersja 14.21.2 (2022-04-20)

  • Commit 1ca57
    Optymalizacja
    Prośba klienta
    Alerts sent via email use asterisks to prevent Microsoft Outlook from deleting newlines.

  • Commit 1ca57
    Optymalizacja
    Alerts sent via email refer to entries with the new format VDB-1234 instead of the old format ID 1234.

  • Commit 00701
    Optymalizacja
    Switched symbols used in the community activity stream from emoji to a dedicated font to provide better reliability on different platforms.

Wersja 14.21.1 (2022-04-19)

  • Commit 90187
    Optymalizacja
    Certain elements on the frontpage use additional icons to visualize data sources.

Wersja 14.21.0 (2022-04-16)

  • Commit 0063c
    Funkcjonalność
    Zmiana API
    In API 3.39 enabled auto-complete feature for software_type even if the field is not yet defined in the monoblock.

Wersja 14.20.9 (2022-04-14)

Wersja 14.20.8 (2022-04-13)

Wersja 14.20.7 (2022-04-11)

  • Commit 766de
    Optymalizacja
    Performance optimization of certain filtered views used by the CNA team.

  • Commit 45617
    Naprawa błędów
    Prośba klienta
    The autocomplete feature for versioning of certain products was not able to finalize the output. Reported by user lywand

Wersja 14.20.6 (2022-04-09)

Wersja 14.20.5 (2022-04-08)

Wersja 14.20.4 (2022-04-01)

  • Commit 8e9e6
    Optymalizacja
    The overview of monitored actors displays the number of collected IOC (Indicators of Compromise), TTP (Tactics, Techniques, Procedures), IOA (Indicators of Attack), campaigns and external references.

Wersja 14.20.3 (2022-03-29)

  • Commit 45456
    Optymalizacja
    New overview of actors shows the amount of available indicators and used sources. The list is also sortable for better viewing.

Wersja 14.20.2 (2022-03-28)

  • Commit fdbeb
    Optymalizacja
    Update of icons used in menus and on other parts of the service.

Wersja 14.20.1 (2022-03-26)

Wersja 14.20.0 (2022-03-21)

Wersja 14.19.0 (2022-03-20)

Wersja 14.18.4 (2022-03-19)

Wersja 14.18.3 (2022-03-15)

  • Commit c2804
    Optymalizacja
    Scrollbars of elements provide better styling to improve user experience, especially on smaller screens.

Wersja 14.18.2 (2022-03-14)

Wersja 14.18.1 (2022-03-10)

  • Commit 25bad
    Optymalizacja
    Improved layout of the changelog items to provide better visibility.

  • Commit ed2be
    Optymalizacja
    Timelines in vulnerability entries do always link to countermeasures if patch or upgrade URLs are known.

  • Commit 91b01
    Naprawa błędów
    Some links to countermeasures were clickable but still threw a 404 even though the requested resources were available. Reported by user mael

Wersja 14.18.0 (2022-03-09)

  • Commit 72d69
    Funkcjonalność
    Items listed in legends of charts are clickable to allow quick drilldowns.

  • Commit a7e66
    Naprawa błędów
    Certain pie charts did not reflect the correct number of known matches.

Wersja 14.17.5 (2022-03-07)

  • Commit c162c
    Optymalizacja
    A better layout helps vulnerability moderators to identify priority entries in the submission queue.

Wersja 14.17.4 (2022-03-01)

  • Commit 23a47
    Naprawa błędów
    In certain views the generation of timeline graphs was not possible if the advisory_date of an entry has been changed to another year.

Wersja 14.17.3 (2022-02-28)

Wersja 14.17.2 (2022-02-27)

  • Commit c8b23
    Optymalizacja
    Performance optimization of list views which contain CVSSv3 Meta Scores.

  • Commit 48019
    Naprawa błędów
    Under certain circumstances an existing remediation level based on the field countermeasure_remediationlevel was not shown correctly.

Wersja 14.17.1 (2022-02-25)

  • Commit 4882d
    Optymalizacja
    Icon text in the submenu allows hyphenation to optimize the view on narrow screens.

  • Commit 60d49
    Optymalizacja
    Charts for timespans are optimized to zoom into the timeframe whenever possible and useful.

Wersja 14.17.0 (2022-02-23)

  • Commit f8d99
    Funkcjonalność
    The applicable copyright license is shown in the footer of the page.

Wersja 14.16.1 (2022-02-22)

  • Commit c6483
    Optymalizacja
    Table listings with narrow columns provide better spacing to fit the content.

Wersja 14.16.0 (2022-02-21)

  • Commit 93389
    Funkcjonalność
    Prośba klienta
    The CTI views do allow for drilldown of IP addresses as IoC (Indicator of Compromise).

  • Commit 9e1e2
    Naprawa błędów
    Prośba klienta
    Listing of version numbers ranging back to 0.x might have contained version 0.0. This is usually wrong and got fixed. Thanks to Cheek Yang of xFusion Digital Technologies for making us aware of this issue.

Wersja 14.15.1 (2022-02-20)

  • Commit 24c78
    Optymalizacja
    Certain CTI views which have complex hostnames as IoC (Indicator of Compromise) allow much faster analysis.

Wersja 14.15.0 (2022-02-18)

  • Commit 4da51
    Funkcjonalność
    Prośba klienta
    Custom CTI analysis contains IOC (Indicator of Compromise), TTP (Tactics, Techniques, Procedures) and IOA (Indicator of Attack) as well.

Wersja 14.14.0 (2022-02-17)

  • Commit 52552
    Funkcjonalność
    Prośba klienta
    The CTI view for countries lists popular TTP (Tactics, Techniques, Procedures) and IOA (Indicator of Attack) as well.

Wersja 14.13.4 (2022-02-09)

  • Commit 291bf
    Optymalizacja
    Search requests for CVE identifiers detects mismatching dashes (e.g. en and em) and corrects them automatically.

Wersja 14.13.3 (2022-02-08)

Wersja 14.13.2 (2022-01-31)

  • Commit b0bff
    Optymalizacja
    Activity charts provide data with better accuracy.

  • Commit b0bff
    Optymalizacja
    Activity charts have a better performance during generation.

Wersja 14.13.1 (2022-01-30)

  • Commit f1aa5
    Optymalizacja
    Performance optimization of APT actor association charts during generation.

Wersja 14.13.0 (2022-01-28)

Wersja 14.12.1 (2022-01-27)

  • Commit 37a7c
    Optymalizacja
    Zmiana API
    In API 1.13/2.29/3.37 provoking 405 Unknown request type errors again is only possible after a few minutes. This prevents flooding the API access log and prevents misconfigured clients from exhausting the API credits quickly.

Wersja 14.12.0 (2022-01-24)

Wersja 14.11.8 (2022-01-21)

  • Commit b1aa4
    Optymalizacja
    Improvement of URL validation during moderation to prevent incorrect values.

Wersja 14.11.7 (2022-01-15)

  • Commit 9fa88
    Optymalizacja
    Improved security of SPF and DMARC. Recommendations were submitted by Nikhil Rane.

  • Commit 9fa88
    Optymalizacja
    Improved security and usability of signup procedure and passwort recovery procedure. Recommendations were submitted by Nikhil Rane.

Wersja 14.11.6 (2022-01-14)

  • Commit 68c68
    Optymalizacja
    Layout optimization of certain forms using additional information or CAPTCHA elements.

Wersja 14.11.5 (2022-01-13)

  • Commit ac2a6
    Optymalizacja
    Performance tweaks of certain views.

Wersja 14.11.4 (2022-01-12)

Wersja 14.11.3 (2022-01-11)

  • Commit b59d0
    Optymalizacja
    Performance and memory optimization of certain queries which do not need CTI data to be shown.

Wersja 14.11.2 (2022-01-07)

  • Commit 9ade9
    Optymalizacja
    Multi-threading has been optimized to decrease resource consumption and to increase performance.

  • Commit 509bb
    Optymalizacja
    External links in the table of contents of the Knowledge Base open a new window.

Wersja 14.11.1 (2022-01-05)

Wersja 14.11.0 (2022-01-04)

  • Commit bfdcd
    Funkcjonalność
    Prośba klienta
    It is possible to do a CTI analysis of dedicated entries to show activities, interest distribution, active actors, and indicators of compromise. This feature requires an additional CTI license.

Wersja 14.10.2 (2021-12-28)

  • Commit f43dd
    Naprawa błędów
    Users hiding their profile were not able to show their own profile. This has been fixed.

Wersja 14.10.1 (2021-12-24)

  • Commit 8b772
    Optymalizacja
    Prośba klienta
    Scrollbars on Mozilla browsers are styled or even hidden whenever useful to provide a better user experience on smaller screens.

Wersja 14.10.0 (2021-12-23)

Wersja 14.9.0 (2021-12-22)

Wersja 14.8.1 (2021-12-18)

Wersja 14.8.0 (2021-12-17)

  • Commit bb5ae
    Funkcjonalność
    Prośba klienta
    Language support for Russian (ru). This includes basic parts of the web site and vulnerability details.

Wersja 14.7.0 (2021-12-14)

Wersja 14.6.0 (2021-12-12)

Wersja 14.5.0 (2021-12-11)

Wersja 14.4.1 (2021-12-10)

  • Commit 5213b
    Optymalizacja
    Commit details show more information and link to additional resources.

  • Commit 03ef5
    Optymalizacja
    Performance optimization of the front page which loads the vulnerability of the day much faster.

Wersja 14.4.0 (2021-12-09)

  • Commit 53394
    Funkcjonalność
    Prośba klienta
    All documentation files are moved into the new Knowledge Base. Old links to the documentation remain valid.

  • Commit e75bd
    Optymalizacja
    Optimized padding of breadcrumb items provides better usability.

Wersja 14.3.1 (2021-12-08)

  • Commit 9f087
    Optymalizacja
    New multi-threading handling of expensive database queries increases the performance of many requests and views.

Wersja 14.3.0 (2021-12-07)

  • Commit 0328b
    Funkcjonalność
    Added a breadcrumb navigation item to access higher level sections easier.

  • Commit 20ade
    Funkcjonalność
    Release versions in the changelog might be accessed via ID.

  • Commit ebad6
    Naprawa błędów
    The user data in the side menu are shown properly even if there are very long strings used.

Wersja 14.2.0 (2021-12-06)

Wersja 14.1.3 (2021-12-05)

  • Commit 6ba63
    Optymalizacja
    Databox with vulnerability of the day uses better search box for increased accessibility.

Wersja 14.1.2 (2021-12-04)

  • Commit ab33b
    Optymalizacja
    Responsive app elements behave better on smaller rectangular screens.

  • Commit 07841
    Naprawa błędów
    All risk views show data properly under any circumstances for authenticated users.

Wersja 14.1.1 (2021-12-03)

  • Commit e5209
    Optymalizacja
    Prośba klienta
    The layout for printing views is optimized for better user experience.

  • Commit d0822
    Optymalizacja
    The language path for Japanese is changed from /jp/ to /ja/ to respect ISO 639-1 language two-letter conventions. Old links remain active and redirect to the new URL structure.

  • Commit fa317
    Optymalizacja
    The user menu layout has been optimized for better readability. Especially VulDB moderators and administrators get easier access to relevant data.

Wersja 14.1.0 (2021-12-02)

  • Commit e68e7
    Funkcjonalność
    Some chart types, especially pie charts and doughnut charts, show an additional legend to provide better visibility of data.

  • Commit 2fa71
    Optymalizacja
    Prośba klienta
    The responsiveness of the user menu on the side behaves better on smaller screens.

  • Commit ee455
    Optymalizacja
    External URLs to MITRE CVE link to the new cve.org domain.

Wersja 14.0.1 (2021-12-01)

Wersja 14.0.0 (2021-11-30)

  • Commit bb919
    Funkcjonalność
    Prośba klienta
    Relaunch of the service with a new layout and extended app capabilities.

Wersja 13.41.1 (2021-11-11)

  • Commit a667c
    Optymalizacja
    Vulnerability entries without user comments show the requested languages, even if English was the only language selected.

  • Commit 1ff69
    Optymalizacja
    Layout of the login recommendation to comment on vulnerability entries was optimized.

Wersja 13.41.0 (2021-11-10)

  • Commit 0c2ae
    Funkcjonalność
    Prośba klienta
    Commercial customers using credit card as payment method are able to show their last invoices online. Invoices and receipts can be downloaded from our partner Stripe. All documents are hosted externally. VulDB does not store credit card details, invoices nor receipts.

Wersja 13.40.1 (2021-11-09)

  • Commit dbc8a
    Naprawa błędów
    Zmiana API
    In API 2.28/3.36 the field vulnerability_bugbounty_price is only shown if there is a bug bounty price defined.

  • Commit 5fe48
    Optymalizacja
    Performance improvement (CPU and memory consumption) of long list views.

Wersja 13.40.0 (2021-11-08)

  • Commit 505be
    Funkcjonalność
    Zmiana API
    Prośba klienta
    in API 2.27/3.35 it is now possible to use URL encoding in advanced search queries to make them much easier to handle.

Wersja 13.39.1 (2021-11-06)

  • Commit 1c057
    Naprawa błędów
    Prośba klienta
    Under rare circumstances a timeframe request did contain entries outside the defined timeframe. Additional validation has been introduced to prevent this effect. Reported by user guliang

Wersja 13.39.0 (2021-11-03)

  • Commit 02e0b
    Funkcjonalność
    Prośba klienta
    Language support for Portuguese (pt). This includes basic parts of the web site and vulnerability details.

Wersja 13.38.0 (2021-11-01)

  • Commit 49840
    Funkcjonalność
    Prośba klienta
    Enterprise customers are able to create a custom dashboard with individual charts and lists to maintain their professional vulnerability management.

Wersja 13.37.0 (2021-10-29)

  • Commit ecf36
    Funkcjonalność
    External links in vulnerability entries known to be not working anymore are flagged as 404 Not Found.

  • Commit 00f47
    Optymalizacja
    In the commit view the column Moderated is renamed to Accepted to indicate the moment a change was approved.

Wersja 13.36.2 (2021-10-27)

  • Commit 6ba60
    Optymalizacja
    Most recent entries on the frontpage are listed faster and with more details right after the creation of a new entry.

Wersja 13.36.1 (2021-10-26)

  • Commit fe47a
    Optymalizacja
    Prośba klienta
    Overview pages with an huge number of entries are not limited anymore.

Wersja 13.36.0 (2021-10-25)

Wersja 13.35.1 (2021-10-19)

  • Commit fab04
    Optymalizacja
    Optimization of summaries and descriptions in certain languages to better consider the expected vulnerability class of an entry.

Wersja 13.35.0 (2021-10-09)

Wersja 13.34.0 (2021-09-15)

  • Commit 153c8
    Funkcjonalność
    Zmiana API
    In API 2.26/3.34 information about bug bounty organization vulnerability_bugbounty_organization, price vulnerability_bugbounty_price, and payout date vulnerability_bugbounty_payoutdate were introduced.

Wersja 13.33.1 (2021-09-13)

Wersja 13.33.0 (2021-09-10)

Wersja 13.32.4 (2021-09-07)

Wersja 13.32.3 (2021-09-06)

  • Commit 3c9ba
    Optymalizacja
    Ranges between versions and up to versions are shown with even higher level of accuracy. This includes titles and summaries as well.

Wersja 13.32.2 (2021-09-02)

Wersja 13.32.1 (2021-08-31)

  • Commit 7ad33
    Optymalizacja
    Hardware upgrade for better memory and processing handling.

Wersja 13.32.0 (2021-08-27)

Wersja 13.31.0 (2021-08-26)

Wersja 13.30.1 (2021-08-25)

Wersja 13.30.0 (2021-08-24)

Wersja 13.29.3 (2021-08-23)

  • Commit 2d4fa
    Optymalizacja
    Vulnerability comments in a specific language are only shown if the site is loaded in that language.

Wersja 13.29.2 (2021-08-22)

  • Commit 12bbe
    Optymalizacja
    Finalized data migration to provide much better performance.

  • Commit 363e0
    Optymalizacja
    Performance optimization of the year views of CVSSv3, CVSSv2, and Exploits by eliminating redundant queries.

Wersja 13.29.1 (2021-08-21)

  • Commit b2396
    Optymalizacja
    Eliminated all links to SecurityFocus vulnerability database as they discontinued the service. Thank you for all your contributions to the cyber security industry!

  • Commit adec0
    Optymalizacja
    Re-ordered the listing of external resourced within the reference tables.

  • Commit 9b464
    Optymalizacja
    New color scheme for yearly comparison of CVSS base and temp vectors.

Wersja 13.29.0 (2021-08-19)

Wersja 13.28.11 (2021-08-18)

  • Commit 2f6c2
    Optymalizacja
    Announcement banner is shown only if necessary to provide the maximum of space.

  • Commit abbea
    Optymalizacja
    Time-only statements are now always shown depending on the selected request language.

Wersja 13.28.10 (2021-08-17)

  • Commit 8ae38
    Optymalizacja
    Vulnerability entries hide header tooltip icons as soon as the screen is too small to read them.

Wersja 13.28.9 (2021-08-16)

  • Commit 51f56
    Optymalizacja
    Faster calculation and loading of Threat Intelligence activity index chart on the frontpage.

Wersja 13.28.8 (2021-08-15)

  • Commit 2b166
    Optymalizacja
    Better performance thanks to optimized database index for several different tables.

Wersja 13.28.7 (2021-08-08)

  • Commit 0fc46
    Naprawa błędów
    Fixed a rare bug on the frontpage where very recent entries are not shown with all available technical details in the title.

Wersja 13.28.6 (2021-08-07)

Wersja 13.28.5 (2021-08-05)

  • Commit 98081
    Optymalizacja
    Optimized the capabilities of searching with CPE strings. Such searches are now much faster and more accurate.

Wersja 13.28.4 (2021-08-04)

  • Commit b697e
    Optymalizacja
    Prośba klienta
    Aligned the listing of entry_changelog to show the field name of vulnerabilitycenter_lastupdatedate correctly. This issue was reported by Fergus Nelson.

  • Commit 006fc
    Naprawa błędów
    Prośba klienta
    Under certain circumstances the calculation of exploit prices was not happening. This has been fixed. This bug was reported by Fergus Nelson.

Wersja 13.28.3 (2021-08-02)

  • Commit 9864d
    Optymalizacja
    External redirects first tested for malicious code are using HTTP status code 301 Moved Permanently instead of 302 Found.

Wersja 13.28.2 (2021-07-28)

Wersja 13.28.1 (2021-07-27)

Wersja 13.28.0 (2021-07-26)

  • Commit 5f4e7
    Funkcjonalność
    Prośba klienta
    Language support for Arabic (ar). This includes basic parts of the web site and vulnerability details. Right-to-left is implemented whenever required.

Wersja 13.27.4 (2021-07-24)

  • Commit 7430f
    Optymalizacja
    Current CTI scores in overviews are loaded and shown much faster which improves speed of site generation.

  • Commit 7430f
    Naprawa błędów
    Current CTI scores are shown in overviews in any case even if the servers are under heavy load.

  • Commit 7430f
    Naprawa błędów
    Current CTI scores in overviews show the correct timestamp of the last update for the most recent entries in the tooltip of the field.

Wersja 13.27.3 (2021-07-17)

  • Commit 6861b
    Optymalizacja
    Better import and validation handling for APT actor IoC moderation to improve processing and quality.

Wersja 13.27.2 (2021-07-16)

  • Commit 363b6
    Optymalizacja
    Clarification of titles of privilege escalation vulnerabilities. Remote issues that require some form of authentication are shown as Privilege Escalation without mentioning of Remote. Only remote issues without authentication are shown as true Remote Privilege Escalation.

  • Commit 61142
    Naprawa błędów
    Zmiana API
    Prośba klienta
    Fixed a rare bug in API 1.11/2.24/3.31 that created an associative array for software_version if the list of versions numbers contained the value 0. Thanks to Fergus Nelson for reporting this issue.

Wersja 13.27.1 (2021-07-15)

Wersja 13.27.0 (2021-07-14)

  • Commit cc0e3
    Funkcjonalność
    Prośba klienta
    Cyber threat intelligence events display emerging, current, and upcoming activities by actors.

  • Commit dacc3
    Naprawa błędów
    Fixed a bug that temp scores of CVSS vectors are not properly stored during initial entry create. This did not affect updated entries.

Wersja 13.26.4 (2021-07-07)

Wersja 13.26.3 (2021-06-30)

  • Commit ea669
    Optymalizacja
    Reinstated linking to CVEdetails.com as they resumed adding and updating new CVEs.

Wersja 13.26.2 (2021-06-25)

  • Commit 28728
    Optymalizacja
    Zmiana API
    Prośba klienta
    The Content-Type of all API responses is changed to application/json; charset=utf-8. This is not a change in the API itself which is why the version number of the API endpoints is not incremented.

Wersja 13.26.1 (2021-06-24)

  • Commit 0d89b
    Optymalizacja
    Zmiana API
    Prośba klienta
    The official vulnerability API endpoint is located at /?api and will redirect faulty URLs and GET parameters. Microsoft Power Apps did not respect this URL structure and changed the query string to a parameter tuple with an empty value. Our API endpoint redirected to the correct URL but Power Apps is not capable of following such HTTP redirects. This issue got fixed as Power Apps is now allowed to access the API endpoint even though the request URL format is not entirely correct.

Wersja 13.26.0 (2021-06-18)

Wersja 13.25.3 (2021-06-16)

  • Commit 0494b
    Optymalizacja
    Performance optimization during stress (e.g. many users, DDoS attacks).

  • Commit 9660e
    Optymalizacja
    Changed the algorithm to generate the category values local and remote in the RSS feeds. Also added the value partial for local if the attack vector is physical.

Wersja 13.25.2 (2021-06-15)

Wersja 13.25.1 (2021-06-14)

  • Commit fd133
    Optymalizacja
    More accurate timing information about new IoC (Indicator of Compromise) assigned to an APT actor.

Wersja 13.25.0 (2021-06-11)

Wersja 13.24.1 (2021-06-09)

  • Commit 0d01f
    Optymalizacja
    Optimized abuse detection of search queries for authenticated users.

Wersja 13.24.0 (2021-06-08)

Wersja 13.23.0 (2021-06-07)

Wersja 13.22.1 (2021-06-04)

  • Commit 03370
    Optymalizacja
    Timelines indicating activities show the so called activity index instead of the generic entries label.

  • Commit 03359
    Optymalizacja
    Bar charts showing exploit prives use exploit instead of the generic entries label.

Wersja 13.22.0 (2021-05-31)

Wersja 13.21.0 (2021-05-26)

  • Commit edf52
    Funkcjonalność
    Prośba klienta
    Language support for Japanese (jp). This includes basic parts of the web site and vulnerability details.

Wersja 13.20.4 (2021-05-18)

  • Commit 02cd6
    Optymalizacja
    The event of web code improvement shown in the community stream links to the changelog.

  • Commit e9923
    Optymalizacja
    Zmiana API
    In API 1.9/2.21/3.28 requests by the official Splunk app with a license of less than 10 API credits will throw an 403 Splunk app license expired error to prevent stressing the service with expired Splunk installations.

Wersja 13.20.3 (2021-05-12)

  • Commit b4953
    Optymalizacja
    Streamlined entry identifier wording on community activity stream on the frontpage.

Wersja 13.20.2 (2021-05-04)

Wersja 13.20.1 (2021-05-02)

  • Commit b0e75
    Optymalizacja
    Community activities shown on the frontpage do refer to entries with their corresponding VDB ID to increase readability.

Wersja 13.20.0 (2021-04-29)

  • Commit 0d72f
    Funkcjonalność
    Frontpage does now show the latest changelog entries of the current day.

  • Commit d6b22
    Optymalizacja
    Prośba klienta
    Vulnerability entries do now always contain links to available upgrades and patches in the Countermeasure section.

Wersja 13.19.3 (2021-04-28)

  • Commit 6df70
    Optymalizacja
    Performance optimization of the Threat Intelligence chart on the frontpage.

  • Commit d1eb6
    Naprawa błędów
    Prośba klienta
    Fixed an issue where count and overview of user commits were not updated. Reported by user misc

Wersja 13.19.2 (2021-04-26)

  • Commit a9542
    Optymalizacja
    Hardware upgrade for better memory and processing handling.

  • Commit 8dd8c
    Optymalizacja
    Zmiana API
    In API 3.27 the values of numeric request types is verified and if not acceptable, a 400 Bad request error message is shown.

Wersja 13.19.1 (2021-04-24)

  • Commit 3855b
    Optymalizacja
    Optimized load balancing, limiter, and DDoS mitigation to provide more stability for legitimate users.

Wersja 13.19.0 (2021-04-22)

  • Commit a85dc
    Funkcjonalność
    Prośba klienta
    Submitted items are reviewed by an automated pre-parser to define a priority for processing by the moderation team. This increases priority for most important items and therefore improves processing speed.

Wersja 13.18.0 (2021-04-20)

  • Commit 612a5
    Funkcjonalność
    Prośba klienta
    Language support for Chinese simplified (zh-Hans). This includes basic parts of the web site and vulnerability details.

Wersja 13.17.1 (2021-04-16)

  • Commit b93ed
    Optymalizacja
    Code optimization of CTI map generation for faster processing with less memory requirements.

Wersja 13.17.0 (2021-04-15)

  • Commit 1ffb5
    Funkcjonalność
    Prośba klienta
    Description of CTI trigger possibilities and threshold handling to create events and reports.

  • Commit 881a3
    Optymalizacja
    Footer does now refer to your specific copyright and license depending whether there is a commercial, enterprise, or reseller license established.

Wersja 13.16.0 (2021-04-12)

  • Commit f7832
    Funkcjonalność
    Prośba klienta
    Some users mistake their mail address as legitimate username to login. In this case a warning message informs the user about the mistake.

Wersja 13.15.3 (2021-04-08)

  • Commit 265e0
    Optymalizacja
    Performance optimization for CTI country analysis (closed beta invite only at the moment). Time range analysis is now incremental which makes report generation much faster (especially for larger ranges).

Wersja 13.15.2 (2021-03-31)

  • Commit 05005
    Optymalizacja
    All listings in the personal profile do contain timestamps to make identification of single items much easier.

  • Commit cddb4
    Optymalizacja
    Completed some of the missing translations for French, Italian, Spanish, Polish, and Swedish.

  • Commit 6dc4a
    Optymalizacja
    Improved the handling of time format regarding country-specific definitions. The language en will show A.M. and P.M. only if the browser is also set to en-us. Otherwise the 24 hour format is used. If the language is set to fr and the browser announces fr-fr there will be the French format 12h34. The 24 hour format is also used as default for all languages without a specific definition.

Wersja 13.15.1 (2021-03-30)

  • Commit d71be
    Naprawa błędów
    Fixed a bug where some long product names, product listings and titles did not show the product name in its entirety.

  • Commit 44ee5
    Optymalizacja
    Zmiana API
    In API 3.26 fixed an issue where queries for advisory_date_start, entry_timestamp_create_start, entry_timestamp_change_start, and entry_timestamp_all_start did not work properly if the request value had a trailing whitespace.

Wersja 13.15.0 (2021-03-29)

  • Commit 15c50
    Funkcjonalność
    Zmiana API
    The personal API history does show the execution time for a request to help optimize queries. The column is shown as seconds and sortable.

  • Commit c4d04
    Funkcjonalność
    Prośba klienta
    Added planned features in a roadmap to announce upcoming functionality. The items shown are just suggestions and might change regarding implementation and deployment.

Wersja 13.14.3 (2021-03-28)

  • Commit 1ec36
    Optymalizacja
    Prośba klienta
    Better description of update handling, especially prioritization of new data for existing entries and update requests by customers.

  • Commit ae8c3
    Optymalizacja
    Optimized the description of different commit moderation approaches. The actions for handling spam and profanity are explained in detail.

Wersja 13.14.2 (2021-03-26)

  • Commit 206df
    Naprawa błędów
    Zmiana API
    In API 2.20/3.25 the list of multiple items in software_affectedlist and software_notaffectedlist do trim trailing whitespaces correctly.

Wersja 13.14.1 (2021-03-25)

  • Commit a8cdf
    Optymalizacja
    Added a new community rank Guru which requires 5000 points to be reached. Therefore, Grand Master is not the highest rank anymore.

Wersja 13.14.0 (2021-03-24)

  • Commit 434e3
    Funkcjonalność
    Zmiana API
    Prośba klienta
    Introduced API 3.24 with the new request type entry_timestamp_all_start which combines new items from entry_timestamp_create_start and updated items from entry_timestamp_change_start in a single stream.

Wersja 13.13.1 (2021-03-20)

Wersja 13.13.0 (2021-03-17)

Wersja 13.12.0 (2021-03-10)

  • Commit 699d0
    Funkcjonalność
    Prośba klienta
    Made internal changelog public to provide full transparency for our customers. Entries earlier than 2020 just show milestones and not detailed changes.

  • Commit 43dfe
    Funkcjonalność
    Added link to changelog under support in main menu and in the footer of the page.

  • Commit c0ba0
    Optymalizacja
    Updated internal quality guidance for CVSS fields during creation of new entries based on official Microsoft disclosures.

Wersja 13.11.3 (2021-03-08)

  • Commit 1faf6
    Optymalizacja
    Updated internal quality requirements for advisory_person_name and advisory_person_nickname fields to prevent inaccurate information during daily update procedure.

Wersja 13.11.2 (2021-03-04)

  • Commit ecf32
    Optymalizacja
    Optimized limiter to prohibit crawling of view elements by non-commercial users.

  • Commit fa612
    Optymalizacja
    Limiter uses better geolocation data to prevent malicious users from changing IP addresses to slow down detection of abuse.

Wersja 13.11.1 (2021-03-03)

  • Commit 09cef
    Naprawa błędów
    Fixed a rare German translation issue in a specific sentence of some vulnerability summaries.

Wersja 13.11.0 (2021-03-01)

  • Commit 17052
    Funkcjonalność
    Prepared language database for upcoming translations.

  • Commit b3dfc
    Optymalizacja
    Optimized language database for better performance.

Wersja 13.10.0 (2021-02-28)

Wersja 13.9.0 (2021-02-22)

Wersja 13.8.0 (2021-02-04)

  • Commit 5626b
    Funkcjonalność
    Added load balancing features to handle performance peaks much better.

  • Commit 2efad
    Funkcjonalność
    Enabled priority module to provide high-availability for enterprise customers.

Wersja 13.7.1 (2021-02-03)

  • Commit 167ac
    Optymalizacja
    Optimized normalize module to improve quality assurance of vulnerability data management.

Wersja 13.7.0 (2021-02-01)

  • Commit 14106
    Funkcjonalność
    Initiated preparation for port of web services to PHP8. First polyfill functions tested.

Wersja 13.6.1 (2021-01-17)

  • Commit bdc13
    Naprawa błędów
    Fixed a bug where some new user submissions were shown as rejected even though they were still not processsed yet. This issue was reported by user misc.

Wersja 13.6.0 (2021-01-16)

  • Commit 960f5
    Funkcjonalność
    Start of internal testing for CTI attribution module to identify APT group activities as such. Used by CTI team to create CTI alerts and infos for paying customers.

Wersja 13.5.4 (2021-01-09)

  • Commit d53a8
    Optymalizacja
    Zmiana API
    Prośba klienta
    Changed entry_timestamp_delta behavior from 7200 to 120 to keep commit grouping much smaller. Entries updated within a short period of time will pushed into the update stream to provide the most actual data to API users.

Wersja 13.5.3 (2021-01-04)

  • Commit 96326
    Optymalizacja
    Performance improvement of search engine. Early dissection will speed up some specific search requests.

  • Commit 96326
    Optymalizacja
    Performance improvement of monoblock engine. Compilation of entries is a bit faster under certain circumstances.

Wersja 13.5.2 (2020-12-23)

  • Commit db3d5
    Optymalizacja
    Unordered lists in regular content to not a a maximum heigh and auto scrollbars anymore.

Wersja 13.5.1 (2020-12-15)

  • Commit c227f
    Optymalizacja
    Performance optimization of monoblock data processing.

Wersja 13.5.0 (2020-12-09)

  • Commit 93707
    Funkcjonalność
    Added a stylesheet to display "time ago" for stream items.

Wersja 13.4.0 (2020-12-08)

  • Commit dcd32
    Funkcjonalność
    Zmiana API
    In API 3.23 added request type cursorinit to determine ideal initial cursor position for ongoing vulnerability stream (e.g. Splunk).

Wersja 13.3.0 (2020-12-04)

  • Commit 3abdf
    Funkcjonalność
    Introduced information regarding ATT&CK. The fields are currently auto-generated and not part of the monoblock.

  • Commit dbcd2
    Funkcjonalność
    Zmiana API
    In API 2.19/3.22 added field source_cve_cna which contains a string of the CVE Numbering Authority that assigned the CVE.

  • Commit 118c6
    Naprawa błędów
    Corrected a display bug for tooltips of CVSS fields on certain overview pages.

Wersja 13.2.1 (2020-12-03)

  • Commit 6c403
    Optymalizacja
    Optimized signup flood protection to prevent malicious users from auto-generating community accounts.

Wersja 13.2.0 (2020-11-26)

  • Commit 0cd93
    Funkcjonalność
    Added new import feature for vulnerability moderators to handle custom entries and large batches of submissions.

  • Commit a4571
    Funkcjonalność
    The differences in a diff view are highlighted by color to provide better visibility.

Wersja 13.1.2 (2020-11-13)

  • Commit 7983d
    Optymalizacja
    Performance optimization of monoblock data processing.

Wersja 13.1.1 (2020-11-06)

Wersja 13.1.0 (2020-11-02)

  • Commit f6cc6
    Funkcjonalność
    Paying customers do now see a summary on top of every vulnerability entry to identify the most important aspects of the vulnerability.

Wersja 13.0.1 (2020-10-16)

  • Commit 68339
    Optymalizacja
    Optimized some indexes within the database to improve performance.

Wersja 13.0.0 (2020-10-09)

  • Commit 8b201
    Funkcjonalność
    Introduced new monoblock structure to provide more possibilities like commits, commit histories, etc.

Wersja 12.26.1 (2020-09-26)

Wersja 12.26.0 (2020-09-10)

  • Commit b015c
    Funkcjonalność
    The live symbol is pulsating.

  • Commit 2d270
    Optymalizacja
    The CSS code for the custom worldmap is deleted to stramline the CSS file.

Wersja 12.25.1 (2020-08-10)

  • Commit b3264
    Optymalizacja
    Optimization of browser rendering speed by adding font-display: swap to the CSS style sheet.

Wersja 12.25.0 (2020-05-16)

  • Commit f6e38
    Funkcjonalność
    Added an optimization banner to inform users about upcoming changes and features.

Wersja 12.24.0 (2020-05-13)

  • Commit 58be3
    Funkcjonalność
    New horizontal table style to make some upcoming views better readable.

Wersja 12.23.5 (2020-05-01)

  • Commit e655c
    Optymalizacja
    Upgrading to an extended server cluster for better performance.

Wersja 12.23.4 (2020-04-17)

  • Commit ee0cc
    Naprawa błędów
    Zmiana API
    In API 3.21 the field entry_timestamp_change is now always present even if the entry was just created and never updated yet. In this case it will contain the same value like entry_timestamp_create. User of the official VulDB Splunk App are advised to update to the latest release.

Wersja 12.23.3 (2020-03-04)

  • Commit 328c8
    Optymalizacja
    CVEdetails.com stopped updating their database. We keep linking old CVEs to their sites but do not do so for newer entries.

Wersja 12.23.2 (2020-01-10)

  • Commit ce27f
    Optymalizacja
    Added validation styles for numbers, dates, emails, and urls for forms. These detect missing or wrong data before submitting a form.

Wersja 12.23.1 (2019-11-19)

  • Commit 7d12f
    Optymalizacja
    Decreased the font-size of labes from 90% to 75% for better readability.

  • Commit c8999
    Optymalizacja
    Improved style and layout of tooltips for better readability.

Wersja 12.23.0 (2019-11-15)

  • Commit 5c4b5
    Funkcjonalność
    Load new pages with extended loading time show progress bar spinner at top of the site.

Wersja 12.22.0 (2019-11-09)

  • Commit c4f43
    Funkcjonalność
    Added logos of vendors/products in entries if available.

  • Commit 46f6e
    Optymalizacja
    Stramlined CSS style sheet regarding mini buttons.

Wersja 12.21.0 (2019-11-08)

  • Commit 4f1af
    Funkcjonalność
    Added tooltips for easier access to more information.

  • Commit 63433
    Optymalizacja
    Added fade effect for mini buttons for a better user experience.

Wersja 12.20.1 (2019-11-06)

  • Commit 01634
    Optymalizacja
    Stramlined box elements and columns.

Wersja 12.20.0 (2019-10-31)

  • Commit 032a9
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.20 added field vulnerability_name which contains a string or array a popular names of the vulnerability (e.g. Shellshock, Poodle).

Wersja 12.19.0 (2019-09-13)

  • Commit eaf94
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.19 added field family entry_details_* which contain entry_details_affected, entry_details_vulnerability, entry_details_impact, entry_details_exploit, entry_details_countermeasures, and entry_details_sources.

Wersja 12.18.0 (2019-08-31)

Wersja 12.17.0 (2019-08-26)

Wersja 12.16.0 (2019-08-22)

  • Commit 3ef93
    Funkcjonalność
    Added experimental world map to highlight CTI activities.

  • Commit 5054e
    Optymalizacja
    Improved the layout of checkboxes on web forms.

Wersja 12.15.0 (2019-07-06)

Wersja 12.14.0 (2019-07-01)

  • Commit 2fcc6
    Funkcjonalność
    Prośba klienta
    Introduction of software type categories available in the field software_type.

Wersja 12.13.3 (2019-06-04)

  • Commit dd112
    Naprawa błędów
    Zmiana API
    In API 3.16 fixed value of field advisory_identifier, disabled safeguard mechanism to prevent inconsistency in result count.

Wersja 12.13.2 (2019-06-01)

Wersja 12.13.1 (2019-05-27)

  • Commit 6e92e
    Optymalizacja
    Added loading bar on top of the page to indicate the loading of large pages.

Wersja 12.13.0 (2019-05-24)

  • Commit bcb85
    Funkcjonalność
    Submitting forms locks input fields and shows progress indicator.

Wersja 12.12.0 (2019-05-17)

Wersja 12.11.0 (2019-05-08)

  • Commit 0fb91
    Funkcjonalność
    Zmiana API
    In API 3.14 requesting dedicated CVSS fields supports the official response format (e.g. vulnerability_cvss3_vuldb_basescore) and the legacy format (e.g. vulnerability_cvss3_basescore_vuldb). The legacy format will be dropped in a future major release of the API.

Wersja 12.10.1 (2019-04-24)

  • Commit 1dc8a
    Optymalizacja
    Improved the layout of the search menu item for better accessibility.

  • Commit bb0d0
    Optymalizacja
    The status boxes of live views are now pulsating if there is currently some activity.

Wersja 12.10.0 (2019-04-17)

  • Commit d1042
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 1.8/2.18/3.13 added field software_cpe23 which introduces full CPE 2.3 support whereas software_cpe is still providing CPE 2.2 data.

Wersja 12.9.0 (2019-04-15)

  • Commit 3bfed
    Funkcjonalność
    Added a detailed clendar view for years an months.

  • Commit faa07
    Optymalizacja
    Streamlined the row behavior.

Wersja 12.8.2 (2019-04-10)

  • Commit 35519
    Optymalizacja
    Hovering a clickable symbol in an overview will now be indicated by the cursor as pointer.

  • Commit cdf7b
    Optymalizacja
    Improved the layout of buttons inside text boxes (e.g. searches).

Wersja 12.8.1 (2019-04-01)

  • Commit 27ca6
    Optymalizacja
    Centered the purchase table for better accessibility.

Wersja 12.8.0 (2019-03-29)

  • Commit 54a22
    Funkcjonalność
    Prośba klienta
    Added the possibility to purchase new licenses online.

Wersja 12.7.0 (2019-03-21)

Wersja 12.6.0 (2019-03-15)

  • Commit d3ac7
    Funkcjonalność
    Prośba klienta
    Added multiple levels to the main menu to provide better accessibility to the variety of features.

  • Commit 35f3e
    Funkcjonalność
    Added the possibility for buttons within textboxes (e.g. searches).

Wersja 12.5.0 (2019-03-08)

Wersja 12.4.0 (2019-03-04)

  • Commit 55a0e
    Funkcjonalność
    Zmiana API
    In API 1.7/2.17/3.12 added fields entry_locked_status and entry_locked_reason to inform about entries undergoing update and review processes (they might change soon).

Wersja 12.3.0 (2019-03-01)

  • Commit 81d15
    Funkcjonalność
    Introduction of the C3BM Index (CVSSv3 Base Meta Index) based on CVSS data of multiple sources.

Wersja 12.2.0 (2019-02-28)

  • Commit 231a4
    Funkcjonalność
    Large tables might be shown with a striped layout to improve readability.

  • Commit 16d23
    Optymalizacja
    Improved the layout of buttons in the user submenu.

Wersja 12.1.0 (2019-02-25)

  • Commit 9c6de
    Funkcjonalność
    Prośba klienta
    Symbols in overviews are clickable to provide a drilldown feature. This is true for CVSS, exploit prices, exploitability, and countermeasures.

  • Commit 92aac
    Optymalizacja
    Header text is now a graphical element.

Wersja 12.0.4 (2019-02-23)

  • Commit 82de5
    Optymalizacja
    Slightly changed the colorization of remedation and exploitability levels.

Wersja 12.0.3 (2019-02-22)

  • Commit 55aa5
    Optymalizacja
    Changed the pointer behavior of certain table headers from grab to regular pointer.

Wersja 12.0.2 (2019-02-21)

Wersja 12.0.1 (2019-02-20)

Wersja 12.0.0 (2019-02-18)

  • Commit b9184
    Funkcjonalność
    Prośba klienta
    New overviews introduced with a lot of information items.

  • Commit 65679
    Funkcjonalność
    Added support for dynamic behavior for long tables with more than six columns.

  • Commit 4c719
    Optymalizacja
    Streamlined the behavior of content and article.

  • Commit 4c719
    Optymalizacja
    Streamlined the behavior of tables.

  • Commit 4c719
    Optymalizacja
    Streamlined the behavior of buttons.

Wersja 11.27.0 (2019-02-15)

  • Commit c278e
    Funkcjonalność
    Added the posibility to fade-in some elements for a better user experience.

  • Commit 07fdc
    Optymalizacja
    Improved the width behavior of user menu buttons.

Wersja 11.26.0 (2019-02-08)

Wersja 11.25.0 (2019-02-06)

Wersja 11.24.1 (2019-02-01)

  • Commit 5d94f
    Optymalizacja
    Reached the 10.000th community user. Congratulations!

Wersja 11.24.0 (2019-01-18)

Wersja 11.23.0 (2019-01-11)

  • Commit dfb03
    Funkcjonalność
    Zmiana API
    Prośba klienta
    In API 3.8 VulDB CVSSv3 scores use AI-driven autocomplete based on historical data and additional sources. The field vulnerability_cvss3_vuldb_confidence indicates the confidence of the vectors.

Wersja 11.22.1 (2019-01-08)

Wersja 11.22.0 (2019-01-01)

  • Commit 772cf
    Funkcjonalność
    Enabling real-time views of recent and updated entries. You are now able to see the moderation time at work.

Wersja 11.21.0 (2018-12-13)

Wersja 11.20.0 (2018-10-28)

Wersja 11.19.0 (2018-10-01)

Wersja 11.18.1 (2018-09-20)

  • Commit c4d5c
    Optymalizacja
    Changed the cursor behavior for votes from copy to default.

  • Commit c4d5c
    Optymalizacja
    Changed the cursor behavior of ribbons to default.

Wersja 11.18.0 (2018-09-18)

  • Commit afb23
    Funkcjonalność
    Added custom ribbons to popup with interesting details if needed.

  • Commit 8ee7c
    Optymalizacja
    Improved the behavior of items which have a fade-in effect.

Wersja 11.17.0 (2018-09-01)

Wersja 11.16.0 (2018-08-31)

  • Commit c00a7
    Funkcjonalność
    Prośba klienta
    Introduction of CPE lists in entry views to indicate the affected products.

Wersja 11.15.0 (2018-08-06)

  • Commit 9e978
    Funkcjonalność
    Zmiana API
    In API 3.5 support for the queries advisory_date_start, entry_timestamp_create_start, entry_timestamp_change_start.

  • Commit 576a2
    Optymalizacja
    Prośba klienta
    Disabled the gradients in symbols.

Wersja 11.14.4 (2018-08-04)

  • Commit 48a03
    Optymalizacja
    Fixed an issue with the visibility of long date symbols.

Wersja 11.14.3 (2018-08-03)

  • Commit 7d763
    Optymalizacja
    Improvement of gradient in symbols.

  • Commit 856af
    Optymalizacja
    Adding support for other font families in symbols.

Wersja 11.14.2 (2018-08-02)

  • Commit b0000
    Optymalizacja
    Introduction of gradients in symbols.

Wersja 11.14.1 (2018-08-01)

  • Commit 7ef2d
    Optymalizacja
    Introduction of antialiasing of fonts for better readability on high-resolution displays.

Wersja 11.14.0 (2018-07-31)

  • Commit dc2ae
    Funkcjonalność
    Added support for stream symbols shown on overviews.

Wersja 11.13.1 (2018-07-22)

  • Commit b675b
    Optymalizacja
    Improved the layout of mini buttons.

Wersja 11.13.0 (2018-07-12)

  • Commit b1af8
    Funkcjonalność
    Prośba klienta
    Added dynamic layouts for tables to hide certain columns under specific conditions. This improves the mobile view a lot.

Wersja 11.12.1 (2018-07-10)

  • Commit d5a10
    Optymalizacja
    Optimized the margin of header elements.

Wersja 11.12.0 (2018-07-06)

  • Commit bc316
    Funkcjonalność
    Introduction of the user menu for authenticated users. This menu shows additional details and provides access to more features.

Wersja 11.11.3 (2018-07-05)

  • Commit be3b7
    Optymalizacja
    A new table wrapper optimizes how tables are shown on different screen sizes.

Wersja 11.11.2 (2018-07-04)

Wersja 11.11.1 (2018-06-29)

  • Commit 7409e
    Optymalizacja
    Streamlining of mini button for unlock announcements.

Wersja 11.11.0 (2018-06-28)

Wersja 11.10.1 (2018-06-12)

Wersja 11.10.0 (2018-06-11)

Wersja 11.9.4 (2018-06-10)

Wersja 11.9.3 (2018-06-08)

  • Commit 88f01
    Optymalizacja
    Mini buttons do now animate on hover.

Wersja 11.9.2 (2018-06-06)

Wersja 11.9.1 (2018-06-04)

Wersja 11.9.0 (2018-05-18)

Wersja 11.8.0 (2018-05-15)

Wersja 11.7.1 (2018-05-14)

Wersja 11.7.0 (2018-05-08)

  • Commit a20db
    Funkcjonalność
    Zmiana API
    In API 2.8 the field entry_title does not show CVE anymore.

  • Commit a20db
    Funkcjonalność
    Zmiana API
    In API 2.8 added fields vulnerability_timeline, countermeasure_reactiondays, countermeasure_0daydays, countermeasure_exposuredays, and countermeasure_exploitdelaydays.

Wersja 11.6.0 (2018-05-07)

Wersja 11.5.0 (2018-05-01)

Wersja 11.4.0 (2018-04-01)

Wersja 11.3.0 (2018-03-22)

  • Commit b90e6
    Funkcjonalność
    Prośba klienta
    Working on a proof-of-concept to use Alexa as a gateway to work with vulnerability data.

Wersja 11.2.3 (2018-02-17)

  • Commit f3590
    Optymalizacja
    Introduction of a container element to have more flexibility with layout positioning on the web frontend.

Wersja 11.2.2 (2018-02-01)

  • Commit 51a81
    Optymalizacja
    Introduction of a sub-title on the site title to better describe the service.

Wersja 11.2.1 (2018-01-29)

Wersja 11.2.0 (2018-01-22)

  • Commit 49bb7
    Funkcjonalność
    Zmiana API
    Upgrade to API 2.0. Response contains three elements (request, response, result) instead just the results.

Wersja 11.1.1 (2017-09-23)

  • Commit aebb3
    Optymalizacja
    Improvement of the container margins to have a better layout.

Wersja 11.1.0 (2017-09-16)

Wersja 11.0.1 (2017-06-02)

Wersja 11.0.0 (2017-06-01)

  • Commit a862d
    Funkcjonalność
    Introduction of dynamic graphs shown in different views.

Wersja 10.12.2 (2017-05-19)

Wersja 10.12.1 (2017-05-16)

  • Commit 93c6e
    Naprawa błędów
    Fixed a display issue on the frontpage. Under certain circumstances new items were not shown as bold.

Wersja 10.12.0 (2017-04-28)

Wersja 10.11.0 (2017-04-21)

  • Commit e7f52
    Funkcjonalność
    Added dynamic charts of all kind of overview pages.

Wersja 10.10.0 (2017-04-10)

Wersja 10.9.0 (2017-04-01)

Wersja 10.8.0 (2017-03-22)

  • Commit 1f1f6
    Funkcjonalność
    Prośba klienta
    Vulnerability entries flagged as false-positive do now highlight this fact on their pages (title and introduction).

Wersja 10.7.0 (2017-03-21)

  • Commit 2eb19
    Funkcjonalność
    Introduced data for OVAL and IAVM. Completed all existing entries with appropriate data.

Wersja 10.6.0 (2017-02-23)

  • Commit f7af4
    Funkcjonalność
    Prośba klienta
    Supporting CVSS scores from multiple sources (VulDB, vendor, researcher, NVD).

Wersja 10.5.1 (2017-02-13)

  • Commit 915e2
    Optymalizacja
    Optimized the indexing of the database to improve search performance.

Wersja 10.5.0 (2017-02-01)

Wersja 10.4.1 (2017-01-20)

  • Commit ed89a
    Optymalizacja
    Optimized performance by using specific features and configuration settings in PHP7.

Wersja 10.4.0 (2017-01-18)

Wersja 10.3.0 (2017-01-01)

  • Commit 766b4
    Funkcjonalność
    Start open beta of community edition.

Wersja 10.2.0 (2016-12-20)

  • Commit afa9d
    Funkcjonalność
    Introduced Bug of the Day on the front page. One of the more serious or interesting issues of the recent days is shown every day.

Wersja 10.1.1 (2016-12-19)

  • Commit e0724
    Optymalizacja
    Redesign of the frontpage with a slick layout and better data accessibility.

Wersja 10.1.0 (2016-12-16)

  • Commit 17b00
    Funkcjonalność
    Implemented a module to detect loss of data integrity on the service.

Wersja 10.0.0 (2016-12-01)

Wersja 9.19.1 (2016-11-08)

  • Commit 1bf65
    Optymalizacja
    Optimization of database table structures to gain more flexibility and performance.

Wersja 9.19.0 (2016-11-07)

  • Commit 41c1a
    Funkcjonalność
    Implementation of Content Security Policy (CSP) to improve web security of the service.

Wersja 9.18.0 (2016-11-02)

  • Commit 2c835
    Funkcjonalność
    It is now possible to upvote comments for vulnerability entries. Upvoted comments are shown on top of the list.

Wersja 9.17.0 (2016-11-01)

  • Commit 01762
    Funkcjonalność
    Start closed beta of community edition.

Wersja 9.16.0 (2016-10-26)

  • Commit 464dc
    Funkcjonalność
    Editing a section of a vulnerability will automatically jump to the correct section of the edit form.

Wersja 9.15.0 (2016-10-25)

  • Commit cbba3
    Funkcjonalność
    Existing vulnerability entries can now be edited immediately by members of the moderation team.

Wersja 9.14.0 (2016-10-14)

  • Commit 83203
    Funkcjonalność
    Enhanced the existing cache module to allow caching of database queries and results.

Wersja 9.13.0 (2016-10-11)

  • Commit 786cb
    Funkcjonalność
    Every user account has now a profile.

  • Commit 7868e
    Funkcjonalność
    Registered users are able to tweak their own configuration of the service.

Wersja 9.12.0 (2016-10-10)

  • Commit b9c2d
    Funkcjonalność
    Registered users are able to see history of vulnerability entries they have been viewing earlier.

Wersja 9.11.0 (2016-10-07)

Wersja 9.10.0 (2016-10-06)

Wersja 9.9.0 (2016-10-05)

  • Commit da14a
    Funkcjonalność
    Users accessing resources which require an authentication receive a proper error message.

Wersja 9.8.0 (2016-10-04)

  • Commit 2f00f
    Funkcjonalność
    Users are able to reset their password via email (password recovery).

Wersja 9.7.0 (2016-10-03)

  • Commit 5a1b1
    Funkcjonalność
    Prośba klienta
    Logins with a new device or from an unknown source will inform the account holder about the potentially suspicious login. New devices are stored and shown in the personal device management overview.

Wersja 9.6.0 (2016-06-24)

  • Commit 688a5
    Funkcjonalność
    Added a limiter to prevent malicious users from scraping our data without authorization.

Wersja 9.5.0 (2016-06-22)

Wersja 9.4.0 (2016-10-01)

Wersja 9.3.1 (2016-07-05)

  • Commit 4aa37
    Optymalizacja
    Performance optimization for all web views.

Wersja 9.3.0 (2016-06-30)

  • Commit 4aecf
    Funkcjonalność
    Some statistical data is now stored in a centralized table which allows them to be shown on multiple places without new calculations every time.

Wersja 9.2.0 (2016-05-02)

  • Commit 3fee0
    Funkcjonalność
    Support for data fields of Tenable Nessus.

Wersja 9.1.1 (2016-04-29)

Wersja 9.1.0 (2016-04-27)

  • Commit 8ab5b
    Funkcjonalność
    Some data points are now shown in bubbles.

  • Commit 939cf
    Optymalizacja
    Introduced a new site footer.

Wersja 9.0.0 (2016-04-14)

  • Commit b3559
    Optymalizacja
    Complete rewrite of the search engine to provide better matches and optimized performance.

Wersja 8.1.2 (2016-04-06)

  • Commit 3ce21
    Optymalizacja
    Optimization of HTML code to make pages smaller and faster to download and render.

Wersja 8.1.1 (2016-04-04)

  • Commit 3b609
    Naprawa błędów
    Fixed a bug or slow indexes which improved the performance of vulnerability display a lot.

Wersja 8.1.0 (2016-04-01)

  • Commit 7bc0a
    Funkcjonalność
    Introduction of new summaries and descriptions with more data enrichment.

  • Commit 56864
    Optymalizacja
    Performance optimization.

Wersja 8.0.0 (2016-03-14)

  • Commit 5e4e5
    Funkcjonalność
    Introducing Chart.js to generate dynamic charts.

Wersja 7.1.3 (2016-03-11)

  • Commit a0b92
    Optymalizacja
    Establish VulDB as independent service to gain more flexibility.

Wersja 7.1.2 (2016-02-23)

Wersja 7.1.1 (2016-02-17)

  • Commit 07bfb
    Optymalizacja
    Renaming the Twitter handle from scipvulbot to "vuldb"https://twitter.com/vuldb.

Wersja 7.1.0 (2016-01-19)

  • Commit 55bf1
    Funkcjonalność
    Enhancing statistical overview to provide previews and forecasts based in historical data.

  • Commit 72424
    Funkcjonalność
    Creating new text for different pages and sub-pages.

Wersja 7.0.5 (2015-12-01)

  • Commit ea951
    Optymalizacja
    Prośba klienta
    Adding caching modules to improve site performance. Caching is possible per site and file.

Wersja 7.0.4 (2015-11-20)

  • Commit 58def
    Optymalizacja
    Prośba klienta
    Increasing update frequency of existing entries.

Wersja 7.0.3 (2015-08-19)

  • Commit 2ddb7
    Naprawa błędów
    Corrected the listing of multiple authors of a vulnerability.

Wersja 7.0.2 (2015-08-07)

  • Commit 3b6e7
    Optymalizacja
    More performance optimization of database queries.

Wersja 7.0.1 (2015-08-03)

  • Commit b1554
    Optymalizacja
    Performance optimization of database queries.

Wersja 7.0.0 (2015-07-10)

  • Commit 243a7
    Funkcjonalność
    Redesign of modular frontpage with the introduction of Top 5 lists.

Wersja 6.31.0 (2015-07-07)

  • Commit 44e99
    Funkcjonalność
    Adding Qualys data to vulnerability entries.

  • Commit fe3d0
    Funkcjonalność
    Adding SecurityCenter data to vulnerability entries.

Wersja 6.30.0 (2015-03-09)

  • Commit e19c1
    Funkcjonalność
    Introduction of new queue for vulnerability processing by mod team.

Wersja 6.29.3 (2015-02-25)

  • Commit 8695f
    Optymalizacja
    Optimization of all X-Force data import and display.

Wersja 6.29.2 (2015-02-03)

  • Commit 3453e
    Optymalizacja
    Optimizaton of summaries and descriptions of vulnerability entries.

Wersja 6.29.1 (2015-01-08)

  • Commit 7ac76
    Optymalizacja
    Optimization of version descriptions of vulnerability entries.

Wersja 6.29.0 (2014-06-24)

  • Commit 0b232
    Funkcjonalność
    Prośba klienta
    Approaching backlog of old entries before 2003 with vulnerabilities ranging back to 1988. More information.

Wersja 6.28.0 (2014-05-26)

  • Commit 0f72a
    Funkcjonalność
    Introduction of the "see also" hint which lists entries with are connected or similar.

Wersja 6.27.0 (2014-04-17)

  • Commit 35f6f
    Funkcjonalność
    Adding a field to declare the date of the introduction of a vulnerability.

Wersja 6.26.1 (2014-03-27)

  • Commit 3efc3
    Optymalizacja
    Optimization of queuing of new vulnerabilities to better prioritize processing.

Wersja 6.26.0 (2014-03-20)

Wersja 6.25.12 (2014-03-14)

Wersja 6.25.11 (2014-03-07)

  • Commit d0dda
    Optymalizacja
    Optimizing collision detection during the processing of new entries.

Wersja 6.25.10 (2014-02-10)

  • Commit ce076
    Optymalizacja
    Optimizing summaries regarding sources of vulnerability entries.

Wersja 6.25.9 (2014-01-29)

  • Commit 03d37
    Optymalizacja
    Added helper for vulnerability moderation team to determine arguments of attacks faster and more reliable.

Wersja 6.25.8 (2014-01-28)

  • Commit 53a64
    Optymalizacja
    Optimizing summaries regarding code samples.

Wersja 6.25.7 (2014-01-23)

  • Commit 61b0d
    Optymalizacja
    Optimizing helper for vulnerability moderation team to complete new and existing entries with additional data. This increases data quality drastically.

Wersja 6.25.6 (2014-01-14)

  • Commit a17f4
    Naprawa błędów
    Fixed a bug where sometimes summaries and descriptions did contain spaces twice instead of once. This was just a problem in the HTML source code and not on the rendered web site.

Wersja 6.25.5 (2014-01-09)

  • Commit 1cd31
    Optymalizacja
    Added helper for vulnerability moderation team to determine keywords which shall be used within the title of a vulnerability entry.

Wersja 6.25.4 (2013-12-19)

  • Commit 12a4f
    Optymalizacja
    Optimizing the autocomplete feature to update new entries with historical data.

Wersja 6.25.3 (2013-11-06)

  • Commit 1434c
    Optymalizacja
    Optimizing the pre-parser to handle import of new vulnerability entries.

Wersja 6.25.2 (2013-10-22)

  • Commit a52cf
    Optymalizacja
    Changing the algorithm to calculate the current threat level.

Wersja 6.25.1 (2013-10-21)

  • Commit 921d7
    Optymalizacja
    Changing the algorithm to calculate the risk rating of vulnerability entries.

Wersja 6.25.0 (2013-10-18)

  • Commit b4283
    Funkcjonalność
    Adding the support for OpenVAS data.

Wersja 6.24.0 (2013-10-17)

  • Commit 01303
    Funkcjonalność
    Introducing the threat level to show an indicator for the current vulnerability landscape.

Wersja 6.23.0 (2013-10-03)

  • Commit e8e8f
    Funkcjonalność
    Adding the possibility to add a custom word to the title to provide more details on first sight.

Wersja 6.22.0 (2013-10-01)

  • Commit f8c1e
    Funkcjonalność
    Establishing a background updater which handles entries which need to be updated without interfering with the manual work of the moderation team.

  • Commit 5abb3
    Optymalizacja
    Enhancement of the review procedure of CVE entries pushed by MITRE to improve processing and quality.

Wersja 6.21.0 (2013-09-13)

Wersja 6.20.1 (2013-09-12)

  • Commit 088ac
    Optymalizacja
    Completing all existing entries with Secunia data.

Wersja 6.20.0 (2013-09-11)

  • Commit 2b409
    Funkcjonalność
    Introducing risk maps to provide easy comparability between risk ratings of different sources.

Wersja 6.19.0 (2013-09-10)

  • Commit 8966c
    Funkcjonalność
    Introducing support for Secunia data as a source.

  • Commit 8966c
    Funkcjonalność
    Introducing support for IBM X-Force data as a source.

Wersja 6.18.0 (2013-08-23)

Wersja 6.17.0 (2013-08-12)

Wersja 6.16.0 (2013-08-09)

Wersja 6.15.2 (2013-07-05)

  • Commit 4dffe
    Optymalizacja
    Enhancement of the review procedure of Nessus entries.

Wersja 6.15.1 (2013-06-28)

  • Commit 4b14b
    Optymalizacja
    Optimizing the plausability checks during vulnerability moderation to prevent contradicting and wrong data.

Wersja 6.15.0 (2013-06-19)

  • Commit 0b42c
    Funkcjonalność
    Added support for CPE to better identification of products.

Wersja 6.14.1 (2013-06-11)

  • Commit 0b61c
    Optymalizacja
    Updating large quantities of vulnerabilities is now improved thanks to incremental updates.

Wersja 6.14.0 (2013-06-03)

  • Commit 207db
    Funkcjonalność
    Added support for screenshots per entries to illustrate attacks and countermeasures. More information.

  • Commit 207db
    Funkcjonalność
    Added support to embed external videos per entries to illustrate attacks and countermeasures. Videos can be hosted at YouTube and Vimeo. More information.

Wersja 6.13.0 (2013-05-31)

  • Commit 22b2b
    Funkcjonalność
    Added the capability to add quotes from advisories to enrich entries.

  • Commit 22b2b
    Funkcjonalność
    Added the capability to add links to videos for a vulnerability.

Wersja 6.12.0 (2013-04-29)

Wersja 6.11.0 (2013-04-11)

  • Commit 6a9d2
    Funkcjonalność
    Added the capability to list multiple different products in an affected list. This is done additionally to the main product that is affected by a vulnerability.

Wersja 6.10.2 (2013-04-04)

  • Commit 239ac
    Optymalizacja
    Enhanced input validation mechanism during vulnerability management to prevent mistakes regarding vendor/product definitions.

Wersja 6.10.1 (2013-03-28)

  • Commit 497c0
    Optymalizacja
    Optimization of logging and tracking of queued items processed by the moderation team.

Wersja 6.10.0 (2013-03-19)

  • Commit c46f6
    Funkcjonalność
    Added input validation mechanisms during vulnerability management.

  • Commit bc987
    Optymalizacja
    Optimized input validation mechanisms during vulnerability management.

Wersja 6.9.1 (2013-01-09)

  • Commit b0410
    Naprawa błędów
    Fixed an issue in the database. This did only affect moderation of vulnerabilities and was not reflected on the user-side of the service.

Wersja 6.9.0 (2012-12-21)

  • Commit 79a9b
    Funkcjonalność
    Added a feature to normalize terms between different vulnerability entries.

Wersja 6.8.1 (2012-11-26)

  • Commit d0a20
    Optymalizacja
    Prepared the support for Milw0rm data for entries with an ID up to 50000.

Wersja 6.8.0 (2012-10-31)

Wersja 6.7.0 (2012-10-15)

Wersja 6.6.0 (2012-10-01)

Wersja 6.5.0 (2012-09-24)

Wersja 6.4.0 (2012-07-04)

  • Commit a681e
    Funkcjonalność
    Migrating all available data from NASLDB.

Wersja 6.3.0 (2012-06-18)

Wersja 6.2.2 (2012-06-05)

  • Commit 895ea
    Optymalizacja
    Optimizing the autocomplete feature to update new entries with historical data.

Wersja 6.2.1 (2012-04-10)

Wersja 6.2.0 (2012-03-13)

  • Commit e00e9
    Funkcjonalność
    Added support for better linking to external sources.

Wersja 6.1.1 (2012-03-09)

Wersja 6.1.0 (2012-03-08)

  • Commit c17b6
    Funkcjonalność
    Added the calculation of the exposure time which measures the time of the disclosure and the mitigation possibilities of a vulnerability.

  • Commit 23aa8
    Optymalizacja
    Reviewed all available data of OSVDB.

Wersja 6.0.0 (2012-03-06)

  • Commit 934a4
    Optymalizacja
    Optimization of summaries and descriptions.

  • Commit 3484c
    Funkcjonalność
    Added support to show images of vendors/products.

  • Commit 3484c
    Funkcjonalność
    Added support for Google dorks to find issues very quickly.

Wersja 5.2.2 (2012-03-05)

Wersja 5.2.1 (2012-03-02)

Wersja 5.2.0 (2012-02-15)

  • Commit d6183
    Funkcjonalność
    Added web import feature for vulnerability moderators to handle new entries based on web resources.

Wersja 5.1.0 (2012-01-06)

  • Commit 2e4ed
    Funkcjonalność
    Added single import feature for vulnerability moderators to handle single entries outside the regular queueing.

Wersja 5.0.0 (2011-02-22)

  • Commit 04086
    Funkcjonalność
    Establishing new database backend with much more possibilities.

Wersja 4.10.2 (2010-12-01)

  • Commit 8b4df
    Optymalizacja
    Move to more powerful hardware due to increase in access.

Wersja 4.10.1 (2010-07-30)

Wersja 4.10.0 (2010-06-10)

  • Commit 57677
    Funkcjonalność
    Adding Alert Info on web site to inform visitors about latest critical issue.

  • Commit 80bfa
    Funkcjonalność
    Delivering ads for non-paying and unauthenticated users.

  • Commit acc6f
    Optymalizacja
    Optimizing database structure for more flexibility and performance.

Wersja 4.9.0 (2010-03-08)

Wersja 4.8.1 (2010-02-10)

Wersja 4.8.0 (2010-02-08)

  • Commit 47351
    Funkcjonalność
    Adding the alert info on top of the site to show the most recent vulnerability with the highest emergency rating.

Wersja 4.7.2 (2020-02-05)

  • Commit 1a52b
    Optymalizacja
    Improvement of VulDB alert system.

Wersja 4.7.1 (2010-02-02)

Wersja 4.7.0 (2011-01-11)

  • Commit 90de3
    Funkcjonalność
    Prośba klienta
    Added VulDB Alert to inform customers about issues applicable for them.

Wersja 4.6.0 (2009-12-16)

Wersja 4.5.0 (2009-10-27)

Wersja 4.4.0 (2009-09-03)

Wersja 4.3.0 (2009-08-25)

  • Commit 61ad7
    Funkcjonalność
    Completing existing entries with most actual data. This includes but is not limited to CVE, Secunia, SecurityTracker, vendor, and confirmation details. More information.

Wersja 4.2.0 (2009-08-20)

Wersja 4.1.0 (2009-08-01)

Wersja 4.0.1 (2009-06-26)

Wersja 4.0.0 (2009-06-23)

Wersja 3.5.0 (2006-07-01)

Wersja 3.4.0 (2004-05-19)

Wersja 3.3.0 (2004-01-01)

  • Commit a2ec5
    Funkcjonalność
    Introduction of Emergency-SMS notification service.

Wersja 3.2.0 (2003-12-19)

Wersja 3.1.0 (2003-11-18)

Wersja 3.0.0 (2003-03-01)

  • Commit d28ca
    Funkcjonalność
    Service is completely re-written in Perl and uses a dedicated backend for vulnerability moderation to gain more flexibility.

  • Commit 94f12
    Optymalizacja
    Bugbase is re-branded as scip VulnDB and hosted on www.scip.ch.

Wersja 2.0.0 (2002-09-01)

  • Commit 51e87
    Optymalizacja
    Changed from static web site to dynamic database (with the kind support of DukeCS).

Wersja 1.0.0 (1997-01-01)

Interested in the pricing of exploits?

See the underground prices here!

PoprzedniPrzeglądKolejny