Data Points
📌 Article pinned by VulDB Support Team
Every entry consists of different data points. The more data points are available, the better the detail level of the entry will be. The following tables illustrates all supported data points within our data feeds. The API allows accessing them individually. VulDB provides the best data quality with more than 525 different vulnerability data points. This article is discussing the available data points provided by the current release of our service.
Strings and Arrays
Simplicity is our primary goal when it comes to data accessibility. Some data points might consists of multiple data which will be provided as an array. If there is just one item, no such array will be used and the data delivered as single string instead. See the column Type to understand the appearance of the according data point.
Monoblock, Virtual Fields, and Meta Data
Most data is stored in the so called Monoblock. This data repository contains all commits associated with an entry. Some data is based on the Meta information of these commits. And others called Virtual Fields are not stored but generated on demand. They are either read-only or depend on fields which might be writable.
API Output Format
The output format of the API (e.g. JSON, XML, CSV) can be defined by request. The naming of the data fields in this article is the internal naming of the fields and not the naming structure of the various output formats. They transpond very easily.
Available API endpoints:
Vulnerability API | Vulnerabilities | datapoints | free sample |
---|---|---|---|
CTI API | IP Addresses, Hostnames, Actors | datapoints | free sample |
CTI API | Events | datapoints | free sample |
Vulnerabilities
The best possible vulnerability data source for professional vulnerability and patch management.
📥 Download Free API Response Sample
Data Point | Title | Example | Type | Repo | Availability |
---|---|---|---|---|---|
entry_id | Unique ID of vuldb entry | 80928 | number | meta | public |
entry_title | Title of the vulnerability | Google Android binder.c memory corruption | string | virtual | public |
entry_summary | Quick summary of the vulnerability (2-5 sentences) | A vulnerability has been found in Google Android and classified as very critical. Affected by this issue is some functionality of the file binder.c. Applying a patch is able to eliminate this problem. | string | virtual | public |
entry_details_affected | Textual representation of affected products | A vulnerability classified as critical was found in Google Android (Smartphone Operating System) (affected version unknown). | string | virtual | public |
entry_details_vulnerability | Textual representation of vulnerability details | The manipulation with an unknown input leads to a memory corruption vulnerability (Use-After-Free). The CWE definition for the vulnerability is CWE-416. | string | virtual | public |
entry_details_impact | Textual representation of attack impact | As an impact it is known to affect confidentiality, integrity, and availability. | string | virtual | public |
entry_details_countermeasure | Textual representation of countermeasure suggestions | Applying a patch is able to eliminate this problem. | string | virtual | public |
entry_details_sources | Textual representation of source data | Entries connected to this vulnerability are available at 145533, 145532, 145530 and 145529. | string | virtual | public |
entry_timestamp_queue | Unix timestamp of adding item to queue | 1044230400 | Unix timestamp | meta | internal |
entry_timestamp_create | Unix timestamp of creating the entry | 1044230400 | Unix timestamp | meta | public |
entry_timestamp_change | Unix timestamp of last change if the entry | 1454427609 | Unix timestamp | meta | public |
entry_maintainer_queue | Name of person that added item to queue | usr0133 | string | meta | internal |
entry_maintainer_create | Name of person that created the entry initially | usr0120 | string | meta | internal |
entry_maintainer_change | Name of person that updated the entry for the last time | usr201 | string | meta | internal |
entry_replaces | List of other entries which are declared duplicates and are replaced by this entry | 18273, 18277 | string array | monoblock | public |
entry_replacedby | ID of duplicate entry that got replaced by this entry | 18278 | number | monoblock | public |
entry_changelog | Change log with name of updated fields of the latest entry update | source_securityfocus_date source_securityfocus_class advisory_reportconfidence | string array | virtual | public |
entry_locked_status | Status if an entry is locked (e.g. due to changes not moderated yet) | 1 | number | meta | public |
entry_locked_reason | Reason for an entry to be locked | update in progress | string | meta | public |
entry_warning | Warning message if entry could not be fully shown | Details not available, archive access not unlocked | string | virtual | public |
entry_smss | Issue of smSS which discusses the item | 2019-01-19 | timestamp | monoblock | internal |
entry_smss_rank | Ranking number for smSS issue discussion | 1 | number | monoblock | internal |
software_type | Type of affected software | Operating System | string | monoblock | public |
software_vendor | Name of vendor of affected product | Microsoft | string/array | monoblock | public |
software_name | Name of affected product(s) | Windows | string/array | monoblock | public |
software_version | Version number(s) of affected product | Vista/7/8/8.1 | string/array | monoblock | public |
software_rollingrelease | If a product does not use version numbering but rolling release instead (1=yes, 0=no) | 1 | boolean (0, 1) | monoblock | public |
software_platform | Name of affected platform(s) | 64-bit | string/array | monoblock | public |
software_component | Name of affected component(s) | SSL Handler | string/array | monoblock | public |
software_file | Name of affected file(s) | ssl.exe | string | monoblock | public |
software_library | Name of affected library(s) | ssl.dll | string | monoblock | public |
software_function | Name of affected function(s) | decrypt() | string/array | monoblock | public |
software_argument | Name of affected argument(s) | $rawdata | string/array | monoblock | public |
software_input_type | Type of affected input | Regex | string | monoblock | public |
software_input_value | Example of input value to attack | ">foo | string/array | monoblock | public |
software_website_vendor | URL of the web site of the vendor of affected product | https://www.microsoft.com/ | string | virtual | public |
software_website_product | URL of the web site of the affected product itself | https://www.microsoft.com/en-us/windows | string | virtual | public |
software_license_type | Type of the license of the affected product | open-source | string (open-source, free, commercial) | virtual | public |
software_license_name | Name of the license of the affected product | GNU GPLv3 | string | virtual | public |
software_support_availability | Declaration if the software and/or version still gets vendor support | end of life | string | virtual | public |
software_managedservice | If a product is maintained and controlled as a managed service by a vendor (1=yes, 0=no) | 1 | boolean (0, 1) | monoblock | public |
software_affectedlist | List of affected products if very long and/or unordered (only if multiple and contradicting products are affected) | Google Android, Linux Kernel, FreeBSD | string array | monoblock | public |
software_notaffectedlist | List of not affected products if very long and/or unordered (only if multiple and contradicting products are affected) | Microsoft Windows ME/XP | string array | monoblock | public |
software_cpe | CPE 2.2-compatible list of affected products/versions, based on our own extended dictionary | cpe:/o:microsoft:windows_7:-:sp1, cpe:/o:microsoft:windows_8.1, cpe:/o:microsoft:windows_10 | string array | virtual | public |
software_cpe23 | CPE 2.3-compatible list of affected products/versions, based on our own extended dictionary | cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*, cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*, cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:* | string array | virtual | public |
software_advisoryquote | Quote about the affected software from the original advisory | The issue not well understood. | string | monoblock | public |
software_freetexten | Additional text describing the software (English) | Additional verification has shown that the issue is affecting default installs only. | string | monoblock | internal |
software_freetextde | Additional text describing the software (German) | Nachforschungen haben ergeben, dass die Schwachstelle nur bei Standardinstallationen auftritt. | string | monoblock | internal |
vulnerability_name | popular name of the vulnerability | Shellshock | string/array | monoblock | public |
vulnerability_titleword | Additional word for the vulnerability title | Cryptohammer | string | monoblock | public |
vulnerability_keywords | Additional keywords for search | W32.Cyptohammer.Worm, BlackSSL | string | monoblock | internal |
vulnerability_introductiondate | Unix timestamp of introducing the vulnerability | 1071705600 | Unix timestamp | monoblock | public |
vulnerability_discoverydate | Unix timestamp of discovering the vulnerability for the first time | 1071705600 | Unix timestamp | monoblock | public |
vulnerability_vendorinformdate | Unix timestamp of informing the vendor about the vulnerability for the first time | 1097539200 | Unix timestamp | monoblock | public |
vulnerability_timeline | Timeline of known events | 01/04/2016 | CVE assigned; 02/10/2016 | Advisory disclosed; 02/10/2016 | Exploit disclosed; 02/10/2016 | Countermeasure disclosed; 02/10/2016 | SecurityTracker entry created; 02/11/2016 | VulDB entry created; 02/15/2016 | VulDB entry updated | array (unix timestamp, string, url) | virtual | public |
vulnerability_class | Name of the vulnerability class | Buffer Overflow | string | virtual | public |
vulnerability_cwe | CWE id of the vulnerability class | CWE-121 | string | monoblock | public |
vulnerability_capec | CAPEC identifiers of the vulnerability class | 10, 209, 250 | string/array | virtual | public |
vulnerability_attck | Full identifier of MITRE ATT&CK technique | T1059.007 | string | virtual | public |
vulnerability_impact | Impact of a succesful exploitation | Executing arbitrary code | string | monoblock | public |
vulnerability_risk | scip Risk rating (1=problematic, 2=critical, 3=very critical) | 3 | number (1-3) | monoblock | public |
vulnerability_simplicity | Simplicity of exploitation (0-100) | 60 | number (0-100) | monoblock | public |
vulnerability_popularity | Popularity of the vulnerability (0-100) | 80 | number (0-100) | monoblock | public |
vulnerability_historic | Historical impact of the issue (1=yes, 0=no) | 1 | boolean (0, 1) | monoblock | public |
vulnerability_cvss4_vuldb_confidence | CVSSv4 Base Score confidence by VulDB | High | string | virtual | public |
vulnerability_cvss4_vuldb_bscore | CVSSv4 Base Score calculation by VulDB | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss4_vuldb_btscore | CVSSv4 Threat Score calculation by VulDB | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss4_vuldb_bvector | CVSSv4 Base Vector generation by VulDB | AV:N/AC:L/AT:N/PR:N/UI:N/ | string | virtual | public |
vulnerability_cvss4_vuldb_btvector | CVSSv4 Threat Vector generation by VulDB | AV:N/AC:L/AT:N/PR:N/UI:N/ | string | virtual | public |
vulnerability_cvss4_vuldb_bseverity | CVSSv4 Base Score Severity representation by responsible VulDB | High | string | virtual | public |
vulnerability_cvss4_vuldb_btseverity | CVSSv4 Threat Score Severity representation by responsible VulDB | High | string | virtual | public |
vulnerability_cvss4_vuldb_av | CVSSv4 Base Metrics Access Vector by VulDB | N | string | monoblock | public |
vulnerability_cvss4_vuldb_ac | CVSSv4 Base Metrics Attack Complexity by VulDB | L | string | monoblock | public |
vulnerability_cvss4_vuldb_at | CVSSv4 Base Metrics Attack Requirements by VulDB | N | string | monoblock | public |
vulnerability_cvss4_vuldb_pr | CVSSv4 Base Metrics Privileges Required by VulDB | N | string | monoblock | public |
vulnerability_cvss4_vuldb_ui | CVSSv4 Base Metrics User Interaction by VulDB | N | string | monoblock | public |
vulnerability_cvss4_vuldb_vc | CVSSv4 Base Metrics Confidentiality Impact by VulDB | L | string | monoblock | public |
vulnerability_cvss4_vuldb_vi | CVSSv4 Base Metrics Integrity Impact by VulDB | L | string | monoblock | public |
vulnerability_cvss4_vuldb_va | CVSSv4 Base Metrics Availability Impact by VulDB | L | string | monoblock | public |
vulnerability_cvss4_vuldb_sc | CVSSv4 Base Metrics Subsequent Confidentiality Impact by VulDB | N | string | monoblock | public |
vulnerability_cvss4_vuldb_si | CVSSv4 Base Metrics Subsequent Integrity Impact by VulDB | N | string | monoblock | public |
vulnerability_cvss4_vuldb_sa | CVSSv4 Base Metrics Subsequent Availability Impact by VulDB | N | string | monoblock | public |
vulnerability_cvss4_vuldb_s | CVSSv4 Supplemental Metrics Safety by VulDB | N | string | monoblock | public |
vulnerability_cvss4_vuldb_au | CVSSv4 Supplemental Metrics Automatable by VulDB | Y | string | monoblock | public |
vulnerability_cvss4_vuldb_r | CVSSv4 Supplemental Metrics Recovery by VulDB | U | string | monoblock | public |
vulnerability_cvss4_vuldb_v | CVSSv4 Supplemental Metrics Value Density by VulDB | D | string | monoblock | public |
vulnerability_cvss4_vuldb_re | CVSSv4 Supplemental Metrics Response Effort by VulDB | L | string | monoblock | public |
vulnerability_cvss4_vuldb_u | CVSSv4 Supplemental Metrics Provider Urgency by VulDB | Green | string | monoblock | public |
vulnerability_cvss4_vuldb_e | CVSSv4 Threats Metrics Exploit Maturity by VulDB | P | string | monoblock | public |
vulnerability_cvss4_nvd_bscore | CVSSv4 Base Score calculation by NIST NVD | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss4_nvd_btscore | CVSSv4 Threat Score calculation by NIST NVD | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss4_nvd_bvector | CVSSv4 Base Vector generation by NIST NVD | AV:N/AC:L/AT:N/PR:N/UI:N/ | string | virtual | public |
vulnerability_cvss4_nvd_btvector | CVSSv4 Threat Vector generation by NIST NVD | AV:N/AC:L/AT:N/PR:N/UI:N/ | string | virtual | public |
vulnerability_cvss4_nvd_bseverity | CVSSv4 Base Score Severity representation by responsible NIST NVD | High | string | virtual | public |
vulnerability_cvss4_nvd_btseverity | CVSSv4 Threat Score Severity representation by responsible NIST NVD | High | string | virtual | public |
vulnerability_cvss4_nvd_av | CVSSv4 Base Metrics Access Vector by NIST NVD | N | string | monoblock | public |
vulnerability_cvss4_nvd_ac | CVSSv4 Base Metrics Attack Complexity by NIST NVD | L | string | monoblock | public |
vulnerability_cvss4_nvd_at | CVSSv4 Base Metrics Attack Requirements by NIST NVD | N | string | monoblock | public |
vulnerability_cvss4_nvd_pr | CVSSv4 Base Metrics Privileges Required by NIST NVD | N | string | monoblock | public |
vulnerability_cvss4_nvd_ui | CVSSv4 Base Metrics User Interaction by NIST NVD | N | string | monoblock | public |
vulnerability_cvss4_nvd_vc | CVSSv4 Base Metrics Confidentiality Impact by NIST NVD | L | string | monoblock | public |
vulnerability_cvss4_nvd_vi | CVSSv4 Base Metrics Integrity Impact by NIST NVD | L | string | monoblock | public |
vulnerability_cvss4_nvd_va | CVSSv4 Base Metrics Availability Impact by NIST NVD | L | string | monoblock | public |
vulnerability_cvss4_nvd_sc | CVSSv4 Base Metrics Subsequent Confidentiality Impact by NIST NVD | N | string | monoblock | public |
vulnerability_cvss4_nvd_si | CVSSv4 Base Metrics Subsequent Integrity Impact by NIST NVD | N | string | monoblock | public |
vulnerability_cvss4_nvd_sa | CVSSv4 Base Metrics Subsequent Availability Impact by NIST NVD | N | string | monoblock | public |
vulnerability_cvss4_nvd_s | CVSSv4 Supplemental Metrics Safety by NIST NVD | N | string | monoblock | public |
vulnerability_cvss4_nvd_au | CVSSv4 Supplemental Metrics Automatable by NIST NVD | Y | string | monoblock | public |
vulnerability_cvss4_nvd_r | CVSSv4 Supplemental Metrics Recovery by NIST NVD | U | string | monoblock | public |
vulnerability_cvss4_nvd_v | CVSSv4 Supplemental Metrics Value Density by NIST NVD | D | string | monoblock | public |
vulnerability_cvss4_nvd_re | CVSSv4 Supplemental Metrics Response Effort by NIST NVD | L | string | monoblock | public |
vulnerability_cvss4_nvd_u | CVSSv4 Supplemental Metrics Provider Urgency by NIST NVD | Green | string | monoblock | public |
vulnerability_cvss4_nvd_e | CVSSv4 Threats Metrics Exploit Maturity by NIST NVD | P | string | monoblock | public |
vulnerability_cvss4_cna_bscore | CVSSv4 Base Score calculation by CVE Numbering Authority | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss4_cna_btscore | CVSSv4 Threat Score calculation by CVE Numbering Authority | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss4_cna_bvector | CVSSv4 Base Vector generation by CVE Numbering Authority | AV:N/AC:L/AT:N/PR:N/UI:N/ | string | virtual | public |
vulnerability_cvss4_cna_btvector | CVSSv4 Threat Vector generation by CVE Numbering Authority | AV:N/AC:L/AT:N/PR:N/UI:N/ | string | virtual | public |
vulnerability_cvss4_cna_bseverity | CVSSv4 Base Score Severity representation by responsible CVE Numbering Authority | High | string | virtual | public |
vulnerability_cvss4_cna_btseverity | CVSSv4 Threat Score Severity representation by responsible CVE Numbering Authority | High | string | virtual | public |
vulnerability_cvss4_cna_av | CVSSv4 Base Metrics Access Vector by CVE Numbering Authority | N | string | monoblock | public |
vulnerability_cvss4_cna_ac | CVSSv4 Base Metrics Attack Complexity by CVE Numbering Authority | L | string | monoblock | public |
vulnerability_cvss4_cna_at | CVSSv4 Base Metrics Attack Requirements by CVE Numbering Authority | N | string | monoblock | public |
vulnerability_cvss4_cna_pr | CVSSv4 Base Metrics Privileges Required by CVE Numbering Authority | N | string | monoblock | public |
vulnerability_cvss4_cna_ui | CVSSv4 Base Metrics User Interaction by CVE Numbering Authority | N | string | monoblock | public |
vulnerability_cvss4_cna_vc | CVSSv4 Base Metrics Confidentiality Impact by CVE Numbering Authority | L | string | monoblock | public |
vulnerability_cvss4_cna_vi | CVSSv4 Base Metrics Integrity Impact by CVE Numbering Authority | L | string | monoblock | public |
vulnerability_cvss4_cna_va | CVSSv4 Base Metrics Availability Impact by CVE Numbering Authority | L | string | monoblock | public |
vulnerability_cvss4_cna_sc | CVSSv4 Base Metrics Subsequent Confidentiality Impact by CVE Numbering Authority | N | string | monoblock | public |
vulnerability_cvss4_cna_si | CVSSv4 Base Metrics Subsequent Integrity Impact by CVE Numbering Authority | N | string | monoblock | public |
vulnerability_cvss4_cna_sa | CVSSv4 Base Metrics Subsequent Availability Impact by CVE Numbering Authority | N | string | monoblock | public |
vulnerability_cvss4_cna_s | CVSSv4 Supplemental Metrics Safety by CVE Numbering Authority | N | string | monoblock | public |
vulnerability_cvss4_cna_au | CVSSv4 Supplemental Metrics Automatable by CVE Numbering Authority | Y | string | monoblock | public |
vulnerability_cvss4_cna_r | CVSSv4 Supplemental Metrics Recovery by CVE Numbering Authority | U | string | monoblock | public |
vulnerability_cvss4_cna_v | CVSSv4 Supplemental Metrics Value Density by CVE Numbering Authority | D | string | monoblock | public |
vulnerability_cvss4_cna_re | CVSSv4 Supplemental Metrics Response Effort by CVE Numbering Authority | L | string | monoblock | public |
vulnerability_cvss4_cna_u | CVSSv4 Supplemental Metrics Provider Urgency by CVE Numbering Authority | Green | string | monoblock | public |
vulnerability_cvss4_cna_e | CVSSv4 Threats Metrics Exploit Maturity by CVE Numbering Authority | P | string | monoblock | public |
vulnerability_cvss3_meta_basescore | CVSSv3 Base Meta Score calculation of all available risk sources | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_meta_tempscore | CVSSv3 Temp Meta Score calculation of all available risk sources | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_vuldb_confidence | CVSSv3 Base Score confidence by VulDB | High | string | virtual | public |
vulnerability_cvss3_vuldb_basescore | CVSSv3 Base Score calculation by VulDB | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_vuldb_tempscore | CVSSv3 Temp Score calculation by VulDB | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_vuldb_basevector | CVSSv3 Base Vector generation by VulDB | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | string | virtual | public |
vulnerability_cvss3_vuldb_tempvector | CVSSv3 Temp Vector generation by VulDB | E:X/RL:O/RC:C | string | virtual | public |
vulnerability_cvss3_vuldb_baseseverity | CVSSv3 Base Score Severity representation by VulDB | High | string | virtual | public |
vulnerability_cvss3_vuldb_tempseverity | CVSSv3 Temp Score Severity representation by VulDB | High | string | virtual | public |
vulnerability_cvss3_vuldb_av | CVSSv3 Base Score Access Vector by VulDB | N | string | monoblock | public |
vulnerability_cvss3_vuldb_ac | CVSSv3 Base Score Attack Complexity by VulDB | L | string | monoblock | public |
vulnerability_cvss3_vuldb_pr | CVSSv3 Base Score Privileges Required by VulDB | L | string | monoblock | public |
vulnerability_cvss3_vuldb_ui | CVSSv3 Base Score User Interactivity Required by VulDB | N | string | monoblock | public |
vulnerability_cvss3_vuldb_s | CVSSv3 Base Score Scope Change by VulDB | C | string | monoblock | public |
vulnerability_cvss3_vuldb_c | CVSSv3 Base Score Confidientality Impact by VulDB | H | string | monoblock | public |
vulnerability_cvss3_vuldb_i | CVSSv3 Base Score Integrity Impact by VulDB | H | string | monoblock | public |
vulnerability_cvss3_vuldb_a | CVSSv3 Base Score Availability Impact by VulDB | H | string | monoblock | public |
vulnerability_cvss3_vuldb_rc | CVSSv3 Base Score Report Confidence by VulDB | C | string | monoblock | public |
vulnerability_cvss3_vuldb_rl | CVSSv3 Base Score Remediation Level by VulDB | O | string | monoblock | public |
vulnerability_cvss3_vuldb_e | CVSSv3 Base Score Exploitability (Exploit Code Maturity) by VulDB | P | string | monoblock | public |
vulnerability_cvss3_vendor_basescore | CVSSv3 Base Score calculation by Vendor | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_vendor_tempscore | CVSSv3 Temp Score calculation by Vendor | 7.6 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_vendor_basevector | CVSSv3 Base Vector generation by Vendor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | string | virtual | public |
vulnerability_cvss3_vendor_tempvector | CVSSv3 Temp Vector generation by Vendor | E:X/RL:O/RC:C | string | virtual | public |
vulnerability_cvss3_vendor_baseseverity | CVSSv3 Base Score Severity representation by Vendor | High | string | virtual | public |
vulnerability_cvss3_vendor_tempseverity | CVSSv3 Temp Score Severity representation by Vendor | High | string | virtual | public |
vulnerability_cvss3_vendor_av | CVSSv3 Base Score Access Vector by Vendor | N | string | monoblock | public |
vulnerability_cvss3_vendor_ac | CVSSv3 Base Score Attack Complexity by Vendor | L | string | monoblock | public |
vulnerability_cvss3_vendor_pr | CVSSv3 Base Score Privileges Required by Vendor | L | string | monoblock | public |
vulnerability_cvss3_vendor_ui | CVSSv3 Base Score User Interactivity Required by Vendor | N | string | monoblock | public |
vulnerability_cvss3_vendor_s | CVSSv3 Base Score Scope Change by Vendor | C | string | monoblock | public |
vulnerability_cvss3_vendor_c | CVSSv3 Base Score Confidientality Impact by Vendor | H | string | monoblock | public |
vulnerability_cvss3_vendor_i | CVSSv3 Base Score Integrity Impact by Vendor | H | string | monoblock | public |
vulnerability_cvss3_vendor_a | CVSSv3 Base Score Availability Impact by Vendor | H | string | monoblock | public |
vulnerability_cvss3_vendor_rc | CVSSv3 Base Score Report Confidence by Vendor | C | string | monoblock | public |
vulnerability_cvss3_vendor_rl | CVSSv3 Base Score Remediation Level by Vendor | O | string | monoblock | public |
vulnerability_cvss3_vendor_e | CVSSv3 Base Score Exploitability (Exploit Code Maturity) by Vendor | P | string | monoblock | public |
vulnerability_cvss3_researcher_basescore | CVSSv3 Base Score calculation by Rersearcher | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_researcher_tempscore | CVSSv3 Temp Score calculation by Rersearcher | 7.6 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_researcher_basevector | CVSSv3 Base Vector generation by Researcher | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | string | virtual | public |
vulnerability_cvss3_researcher_tempvector | CVSSv3 Temp Vector generation by Researcher | E:X/RL:O/RC:C | string | virtual | public |
vulnerability_cvss3_researcher_baseseverity | CVSSv3 Base Score Severity representation by Researcher | High | string | virtual | public |
vulnerability_cvss3_researcher_tempseverity | CVSSv3 Temp Score Severity representation by Researcher | High | string | virtual | public |
vulnerability_cvss3_researcher_av | CVSSv3 Base Score Access Vector by Researcher | N | string | monoblock | public |
vulnerability_cvss3_researcher_ac | CVSSv3 Base Score Attack Complexity by Researcher | L | string | monoblock | public |
vulnerability_cvss3_researcher_pr | CVSSv3 Base Score Privileges Required by Researcher | L | string | monoblock | public |
vulnerability_cvss3_researcher_ui | CVSSv3 Base Score User Interactivity Required by Researcher | N | string | monoblock | public |
vulnerability_cvss3_researcher_s | CVSSv3 Base Score Scope Change by Researcher | C | string | monoblock | public |
vulnerability_cvss3_researcher_c | CVSSv3 Base Score Confidientality Impact by Researcher | H | string | monoblock | public |
vulnerability_cvss3_researcher_i | CVSSv3 Base Score Integrity Impact by Researcher | H | string | monoblock | public |
vulnerability_cvss3_researcher_a | CVSSv3 Base Score Availability Impact by Researcher | H | string | monoblock | public |
vulnerability_cvss3_researcher_rc | CVSSv3 Base Score Report Confidence by Researcher | C | string | monoblock | public |
vulnerability_cvss3_researcher_rl | CVSSv3 Base Score Remediation Level by Researcher | O | string | monoblock | public |
vulnerability_cvss3_researcher_e | CVSSv3 Base Score Exploitability (Exploit Code Maturity) by Vendor | P | string | monoblock | public |
vulnerability_cvss3_nvd_basescore | CVSSv3 Base Score calculation by NIST NVD | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_nvd_tempscore | CVSSv3 Temp Score calculation by NIST NVD | 7.6 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_nvd_basevector | CVSSv3 Base Vector generation by NIST NVD | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | string | virtual | public |
vulnerability_cvss3_nvd_tempvector | CVSSv3 Temp Vector generation by NIST NVD | E:X/RL:O/RC:C | string | virtual | public |
vulnerability_cvss3_nvd_baseseverity | CVSSv3 Base Score Severity representation by NIST NVD | High | string | virtual | public |
vulnerability_cvss3_nvd_tempseverity | CVSSv3 Temp Score Severity representation by NIST NVD | High | string | virtual | public |
vulnerability_cvss3_nvd_av | CVSSv3 Base Score Access Vector by NIST NVD | N | string | monoblock | public |
vulnerability_cvss3_nvd_ac | CVSSv3 Base Score Attack Complexity by NIST NVD | L | string | monoblock | public |
vulnerability_cvss3_nvd_pr | CVSSv3 Base Score Privileges Required by NIST NVD | L | string | monoblock | public |
vulnerability_cvss3_nvd_ui | CVSSv3 Base Score User Interactivity Required by NIST NVD | N | string | monoblock | public |
vulnerability_cvss3_nvd_s | CVSSv3 Base Score Scope Change by NIST NVD | C | string | monoblock | public |
vulnerability_cvss3_nvd_c | CVSSv3 Base Score Confidientality Impact by NIST NVD | H | string | monoblock | public |
vulnerability_cvss3_nvd_i | CVSSv3 Base Score Integrity Impact by NIST NVD | H | string | monoblock | public |
vulnerability_cvss3_nvd_a | CVSSv3 Base Score Availability Impact by NIST NVD | H | string | monoblock | public |
vulnerability_cvss3_nvd_rc | CVSSv3 Base Score Report Confidence by NIST NVD | C | string | monoblock | public |
vulnerability_cvss3_nvd_rl | CVSSv3 Base Score Remediation Level by NIST NVD | O | string | monoblock | public |
vulnerability_cvss3_nvd_e | CVSSv3 Base Score Exploitability (Exploit Code Maturity) by Vendor | P | string | monoblock | public |
vulnerability_cvss3_cna_basescore | CVSSv3 Base Score calculation by responsible CVE Numbering Authority | 7.8 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_cna_tempscore | CVSSv3 Temp Score calculation by responsible CVE Numbering Authority | 7.6 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss3_cna_basevector | CVSSv3 Base Vector generation by responsible CVE Numbering Authority | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | string | virtual | public |
vulnerability_cvss3_cna_tempvector | CVSSv3 Temp Vector generation by responsible CVE Numbering Authority | E:X/RL:O/RC:C | string | virtual | public |
vulnerability_cvss3_cna_baseseverity | CVSSv3 Base Score Severity representation by responsible CVE Numbering Authority | High | string | virtual | public |
vulnerability_cvss3_cna_tempseverity | CVSSv3 Temp Score Severity representation by responsible CVE Numbering Authority | High | string | virtual | public |
vulnerability_cvss3_cna_av | CVSSv3 Base Score Access Vector by responsible CVE Numbering Authority | N | string | monoblock | public |
vulnerability_cvss3_cna_ac | CVSSv3 Base Score Attack Complexity by responsible CVE Numbering Authority | L | string | monoblock | public |
vulnerability_cvss3_cna_pr | CVSSv3 Base Score Privileges Required by responsible CVE Numbering Authority | L | string | monoblock | public |
vulnerability_cvss3_cna_ui | CVSSv3 Base Score User Interactivity Required by responsible CVE Numbering Authority | N | string | monoblock | public |
vulnerability_cvss3_cna_s | CVSSv3 Base Score Scope Change by responsible CVE Numbering Authority | C | string | monoblock | public |
vulnerability_cvss3_cna_c | CVSSv3 Base Score Confidientality Impact by responsible CVE Numbering Authority | H | string | monoblock | public |
vulnerability_cvss3_cna_i | CVSSv3 Base Score Integrity Impact by responsible CVE Numbering Authority | H | string | monoblock | public |
vulnerability_cvss3_cna_a | CVSSv3 Base Score Availability Impact by responsible CVE Numbering Authority | H | string | monoblock | public |
vulnerability_cvss3_cna_rc | CVSSv3 Base Score Report Confidence by responsible CVE Numbering Authority | C | string | monoblock | public |
vulnerability_cvss3_cna_rl | CVSSv3 Base Score Remediation Level by responsible CVE Numbering Authority | O | string | monoblock | public |
vulnerability_cvss3_cna_e | CVSSv3 Base Score Exploitability (Exploit Code Maturity) by Vendor | P | string | monoblock | public |
vulnerability_cvss2_vuldb_basescore | CVSSv2 Base Score by VulDB | 6.6 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss2_vuldb_tempscore | CVSSv2 Temp Score by VulDB | 6.2 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss2_vuldb_baseseverity | CVSSv2 Base Score Severity representation by VulDB | Medium | string | virtual | public |
vulnerability_cvss2_vuldb_tempseverity | CVSSv2 Temp Score Severity representation by VulDB | Medium | string | virtual | public |
vulnerability_cvss2_vuldb_av | CVSSv2 Base Score Access Vector by VulDB | N | string | monoblock | public |
vulnerability_cvss2_vuldb_ac | CVSSv2 Base Score Access Complexity by VulDB | M | string | monoblock | public |
vulnerability_cvss2_vuldb_au | CVSSv2 Base Score Authentication by VulDB | S | string | monoblock | public |
vulnerability_cvss2_vuldb_ci | CVSSv2 Base Score Confidientality Impact by VulDB | C | string | monoblock | public |
vulnerability_cvss2_vuldb_ii | CVSSv2 Base Score Integrity Impact by VulDB | C | string | monoblock | public |
vulnerability_cvss2_vuldb_ai | CVSSv2 Base Score Availability Impact by VulDB | C | string | monoblock | public |
vulnerability_cvss2_vuldb_rc | CVSSv2 Base Score Report Confidence by VulDB | C | string | monoblock | public |
vulnerability_cvss2_vuldb_rl | CVSSv2 Base Score Remediation Level by VulDB | OF | string | monoblock | public |
vulnerability_cvss2_vuldb_e | CVSSv2 Base Score Exploitability by VulDB | POC | string | monoblock | public |
vulnerability_cvss2_vendor_basescore | CVSSv2 Base Score by Vendor | 6.6 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss2_vendor_tempscore | CVSSv2 Temp Score by Vendor | 6.2 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss2_vendor_baseseverity | CVSSv2 Base Score Severity representation by Vendor | Medium | string | virtual | public |
vulnerability_cvss2_vendor_tempseverity | CVSSv2 Temp Score Severity representation by Vendor | Medium | string | virtual | public |
vulnerability_cvss2_vendor_av | CVSSv2 Base Score Access Vector by Vendor | N | string | monoblock | public |
vulnerability_cvss2_vendor_ac | CVSSv2 Base Score Access Complexity by Vendor | M | string | monoblock | public |
vulnerability_cvss2_vendor_au | CVSSv2 Base Score Authentication by Vendor | S | string | monoblock | public |
vulnerability_cvss2_vendor_ci | CVSSv2 Base Score Confidientality Impact by Vendor | C | string | monoblock | public |
vulnerability_cvss2_vendor_ii | CVSSv2 Base Score Integrity Impact by Vendor | C | string | monoblock | public |
vulnerability_cvss2_vendor_ai | CVSSv2 Base Score Availability Impact by Vendor | C | string | monoblock | public |
vulnerability_cvss2_vendor_rc | CVSSv2 Base Score Report Confidence by Vendor | C | string | monoblock | public |
vulnerability_cvss2_vendor_rl | CVSSv2 Base Score Remediation Level by Vendor | OF | string | monoblock | public |
vulnerability_cvss2_vendor_e | CVSSv2 Base Score Exploitability by Vendor | POC | string | monoblock | public |
vulnerability_cvss2_researcher_basescore | CVSSv2 Base Score by Researcher | 6.6 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss2_researcher_tempscore | CVSSv2 Temp Score by Researcher | 6.2 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss2_researcher_baseseverity | CVSSv2 Base Score Severity representation by Researcher | Medium | string | virtual | public |
vulnerability_cvss2_researcher_tempseverity | CVSSv2 Temp Score Severity representation by Researcher | Medium | string | virtual | public |
vulnerability_cvss2_researcher_av | CVSSv2 Base Score Access Vector by Researcher | N | string | monoblock | public |
vulnerability_cvss2_researcher_ac | CVSSv2 Base Score Access Complexity by Researcher | M | string | monoblock | public |
vulnerability_cvss2_researcher_au | CVSSv2 Base Score Authentication by Researcher | S | string | monoblock | public |
vulnerability_cvss2_researcher_ci | CVSSv2 Base Score Confidientality Impact by Researcher | C | string | monoblock | public |
vulnerability_cvss2_researcher_ii | CVSSv2 Base Score Integrity Impact by Researcher | C | string | monoblock | public |
vulnerability_cvss2_researcher_ai | CVSSv2 Base Score Availability Impact by Researcher | C | string | monoblock | public |
vulnerability_cvss2_researcher_rc | CVSSv2 Base Score Report Confidence by Researcher | C | string | monoblock | public |
vulnerability_cvss2_researcher_rl | CVSSv2 Base Score Remediation Level by Researcher | OF | string | monoblock | public |
vulnerability_cvss2_researcher_e | CVSSv2 Base Score Exploitability by Researcher | POC | string | monoblock | public |
vulnerability_cvss2_nvd_basescore | CVSSv2 Base Score by NIST NVD | 6.6 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss2_nvd_tempscore | CVSSv2 Temp Score by NIST NVD | 6.2 | number (0.0-10.0) | monoblock | public |
vulnerability_cvss2_nvd_baseseverity | CVSSv2 Base Score Severity representation by NVD | Medium | string | virtual | public |
vulnerability_cvss2_nvd_tempseverity | CVSSv2 Temp Score Severity representation by NVD | Medium | string | virtual | public |
vulnerability_cvss2_nvd_av | CVSSv2 Base Score Access Vector by NIST NVD | N | string | monoblock | public |
vulnerability_cvss2_nvd_ac | CVSSv2 Base Score Access Complexity by NIST NVD | M | string | monoblock | public |
vulnerability_cvss2_nvd_au | CVSSv2 Base Score Authentication by NIST NVD | S | string | monoblock | public |
vulnerability_cvss2_nvd_ci | CVSSv2 Base Score Confidientality Impact by NIST NVD | C | string | monoblock | public |
vulnerability_cvss2_nvd_ii | CVSSv2 Base Score Integrity Impact by NIST NVD | C | string | monoblock | public |
vulnerability_cvss2_nvd_ai | CVSSv2 Base Score Availability Impact by NIST NVD | C | string | monoblock | public |
vulnerability_cvss2_nvd_rc | CVSSv2 Base Score Report Confidence by NIST NVD | C | string | monoblock | public |
vulnerability_cvss2_nvd_rl | CVSSv2 Base Score Remediation Level by NIST NVD | OF | string | monoblock | public |
vulnerability_cvss2_nvd_e | CVSSv2 Base Score Exploitability by NIST NVD | POC | string | monoblock | public |
vulnerability_bugbounty_organization | Name of the organization that disclosed a bug bounty for the vulnerability | string | monoblock | public | |
vulnerability_bugbounty_price | Payout price of the bug bounty for the vulnerability | USD 5000 | string | monoblock | public |
vulnerability_bugbounty_payoutdate | Date of the payout of the bug bounty for the vulnerability | 1454427609 | string | Unix timestamp | public |
vulnerability_sourcecode | Source code snippet of affected parts | string (multiline possible) | monoblock | public | |
vulnerability_advisoryquote | Quote about the vulnerability from the original advisory | The issue got verified by the core developers right after the initial notification. | string | monoblock | public |
vulnerability_freetexten | Additional text describing the vulnerability (English) | string | monoblock | public | |
vulnerability_freetextde | Additional text describing the vulnerability (German) | string | monoblock | public | |
advisory_date | Unix timestamp of the disclosure date | 1097625600 | Unix timestamp | monoblock | public |
advisory_location | Name of the location of the initial disclosure | Website | string | monoblock | public |
advisory_type | Type of the initial disclosure | Advisory | string | monoblock | public |
advisory_url | URL of the initial disclosure | http://www.example.com/advisory.php?id=42 | string url | monoblock | public |
advisory_unavailable | The reason why a source is not available | acquired by Oracle | string | virtual | public |
advisory_via | Disclosure via a vulnerability broker | ZDI | string | monoblock | public |
advisory_identifier | Unique identifier of the advisory | MS-ADV:2016-42 | string/array | monoblock | public |
advisory_reportconfidence | CVSSv2 and CVSSv3 Base Score Confidence | C | string | monoblock | public |
advisory_coordination | Coordinated disclosure (1=yes, 0=no) | 1 | boolean (0, 1) | monoblock | public |
advisory_person_name | Name of the person that found the issue | John Doe | string/array | monoblock | public |
advisory_person_nickname | Nickname of the person that found the issue | Dr. Sashimi | string/array | monoblock | public |
advisory_person_mail | Email of the person that found the issue | sashimi@example.com | string mail address | monoblock | public |
advisory_person_website | Website of the person that found the issue | https://sashimi.example.com | string url | monoblock | public |
advisory_company_name | Name of the company of the person that found the issue | Sashimi Ltd. | string/array | monoblock | public |
advisory_reaction_date | Unix timestamp of the reaction of the vendor towards of the finding | 1097625600 | Unix timestamp | monoblock | public |
advisory_confirm_url | URL of the vendor confirmation of the vulnerability | http://www.microsoft.com/... | string url | monoblock | public |
advisory_confirm_date | Date of the vendor confirmation of the vulnerability | 1097625600 | Unix timestamp | monoblock | public |
advisory_confirm_unavailable | The reason why a source is not available | defunct due to bankruptcy | string | virtual | public |
advisory_disputed | The issue is disputed (1=yes, 0=no) | 1 | boolean (0, 1) | monoblock | public |
advisory_falsepositive | The issue is a false-positive (1=yes, 0=no) | 0 | boolean (0, 1) | monoblock | public |
advisory_advisoryquote | Quote about the disclosure from the original advisory | string | monoblock | public | |
advisory_freetexten | Additional text describing the disclosure0 (English) | string | monoblock | public | |
advisory_freetextde | Additional text describing the disclosure (German) | string | monoblock | public | |
exploit_availability | Availability of the exploit (1=yes, 0=no) | 1 | boolean (0, 1) | monoblock | public |
exploit_date | Unix timestamp of the first release of a public exploit | 1097625600 | Unix timestamp | monoblock | public |
exploit_publicity | Publicity of the exploit (e.g. public, private) | private | string | monoblock | public |
exploit_url | URL of the exploit | https://sashimi.example.com/exploit.php?id=23 | string url | monoblock | public |
exploit_unavailable | The reason why a source is not available | discontinued | string | virtual | public |
exploit_developer_name | Name of the person that created the exploit | John Doe | string/array | monoblock | public |
exploit_developer_nickname | Nickname of the person that created the exploit | Dr. Sashimi | string/array | monoblock | public |
exploit_developer_mail | Email of the person that created the exploit | sashimi@example.com | string mail address | monoblock | public |
exploit_developer_website | Website of the person that created the exploit | https://sashimi.example.com | string url | monoblock | public |
exploit_language | Programming language of the exploit | Python | string | monoblock | public |
exploit_exploitability | Exploitability level of the exploit | POC | string | monoblock | public |
exploit_reliability | Reliability of the exploit (0-100) | 99 | number (0-100) | monoblock | public |
exploit_wormified | Exploit got used within an automated worm (1=yes, 0=no) | 1 | boolean (0, 1) | monoblock | public |
exploit_googlehack | string for Google dork | inurl:ssl.aspx | string | monoblock | public |
exploit_epss_score | Current prediction score of EPSS (Exploit Prediction Scoring System) | 0.03444 | number (float) | virtual | public |
exploit_epss_percentile | Percentile of CVE within current EPSS (Exploit Prediction Scoring System) | 0.83482 | number (float) | virtual | public |
exploit_price_0day | Known or estimated 0-day price of the exploit | $50k-$100k | string | monoblock | public |
exploit_price_today | Known or estimated price of the exploit as of today (updated daily) | $10k-$25k | string | virtual | public |
exploit_price_trend | Will exploit prices rise or drop in the future | + | string | monoblock | public |
exploit_price_timeline | Not available yet | string array | virtual | internal | |
exploit_kev_vendorproject | Vendor or project associated with the CISA Known Exploited Vulnerabilities Catalog entry | Microsoft | string | monoblock | public |
exploit_kev_product | Product associated with the CISA Known Exploited Vulnerabilities Catalog entry | Windows | string | monoblock | public |
exploit_kev_vulnerabilityname | Name of the vulnerability associated with the CISA Known Exploited Vulnerabilities Catalog entry | Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability | string | monoblock | public |
exploit_kev_shortdescription | Short description associated with the CISA Known Exploited Vulnerabilities Catalog entry | A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system. | string | monoblock | public |
exploit_kev_added | Date of entry added to CISA Known Exploited Vulnerabilities Catalog | 2024-02-11 | string (YYYY-mm-dd) | monoblock | public |
exploit_kev_due | Date of expected due date to deploy countermeasures with the CISA Known Exploited Vulnerabilities Catalog entry | 2024-03-16 | string (YYYY-mm-dd) | monoblock | public |
exploit_kev_requiredaction | Recommended countermeasure associated with the CISA Known Exploited Vulnerabilities Catalog entry | Apply updates per vendor instructions. | string | monoblock | public |
exploit_kev_knownransomware | Status if there is a known ransomware campain associated with the CISA Known Exploited Vulnerabilities Catalog entry | Known | string | monoblock | public |
exploit_kev_notes | Additional notes associated with the CISA Known Exploited Vulnerabilities Catalog entry | Known | string | monoblock | public |
exploit_advisoryquote | Quote about the exploit from the original advisory | string | monoblock | public | |
exploit_sourcecode | Source code snippet of the exploit | string (multiline possible) | monoblock | public | |
exploit_freetexten | Additional text describing the exploit (English) | string | monoblock | public | |
exploit_freetextde | Additional text describing the exploit (German) | string | monoblock | public | |
countermeasure_remediationlevel | Generic remediation level description | official fix | string | virtual | public |
countermeasure_name | Name of the suggested countermeasure | Upgrade | string | monoblock | public |
countermeasure_date | Unix timestamp of the release of the first countermeasure | 1097625600 | Unix timestamp | monoblock | public |
countermeasure_reliability | Reliability of the countermeasure (0-100) | 99 | number (0-100) | monoblock | public |
countermeasure_reactiondays | Days of reaction between vendor notification and disclosure/countermeasure | 13 | number | virtual | public |
countermeasure_exposuredays | Days of public exposure between public dicsloure and countermeasure | 23 | number | virtual | public |
countermeasure_0daydays | Days of 0day lifecycle before any kind of disclosure | 5 | number | virtual | public |
countermeasure_exploitdelaydays | Days between disclosure and first exploit availability | 7 | number | virtual | public |
countermeasure_upgrade_version | First known unaffected version(s) | 10/Server 2003 | string/array | monoblock | public |
countermeasure_upgrade_url | URL of the upgraded version | https://windowsupdate.microsoft.com | string url | monoblock | public |
countermeasure_upgrade_unavailable | The reason why a source is not available | defunct | string | virtual | public |
countermeasure_patch_name | Name of the patch | MS16-099 | string/array | monoblock | public |
countermeasure_patch_url | URL of the patch | https://technet.microsoft.com/ | string | monoblock | public |
countermeasure_patch_unavailable | The reason why a source is not available | defunct | string | virtual | public |
countermeasure_config_setting | Config setting to eliminate the vulnerability | AllowSHA1=FALSE | string | monoblock | public |
countermeasure_firewalling_port | Firewall port(s) to eliminate the vulnerability | tcp/80 (http) & tcp/443 (https) | string | monoblock | public |
countermeasure_authentication_name | Additional authentication(s) to eliminate the vulnerability | .htaccess | string/array | monoblock | public |
countermeasure_encryption_name | Additional encryption(s) to eliminate the vulnerability | IPsec | string/array | monoblock | public |
countermeasure_workaround_name | Name of the workaround(s) to eliminate the vulnerability | Change the Template | string/array | monoblock | public |
countermeasure_workaround_url | URL of the workaround(s) to eliminate the vulnerability | https://example.com | string | monoblock | public |
countermeasure_workaround_unavailable | The reason why a source is not available | defunct | string | virtual | public |
countermeasure_alternative_name | Alternative products that provide similar features without this vulnerability | Mozilla Firefox, Google Chrome | string/array | monoblock | public |
countermeasure_sourcecode | Source code snippet of the countermeasure | string (multiline possible) | monoblock | public | |
countermeasure_advisoryquote | Quote about the countermeasure from the original advisory | string | monoblock | public | |
countermeasure_freetexten | Additional text describing the countermeasure (English) | string | monoblock | public | |
countermeasure_freetextde | Additional text describing the countermeasure (German) | string | monoblock | public | |
source_cve | CVE ID | CVE-2016-1234 | string | monoblock | public |
source_cve_assigned | Unix timestamp of the CVE assignment | 1108857600 | Unix timestamp | monoblock | public |
source_cve_nvd_published | Unix timestamp of the CVE published on NVD | 1097539200 | Unix timestamp | monoblock | public |
source_cve_nvd_summary | CVE summary provided on NVD | Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. | string | monoblock | public |
source_cve_cna | Responsible CVE Numbering Authority (CNA) responsible for maintaining the CVE entry | MITRE | string | monoblock | public |
source_cve_duplicate | List of all duplicate CVEs that were also assigned | CVE-2021-36545 | string/array | monoblock | public |
source_cve_duplicateof | List of all CVEs that this CVE might be a duplicate of | CVE-2023-0946 | string/array | monoblock | public |
source_oval_id | OVAL ID | oval:org.mitre.oval:def:14735 | string | monoblock | public |
source_iavm_id | IAVM | 2011-A-0167 | string | monoblock | public |
source_iavm_vmskey | IAVM VMSKEY | V0030830 | string | monoblock | public |
source_iavm_title | IAVM title | Microsoft Cumulative Security Update of ActiveX Kill Bits | string | monoblock | public |
source_osvdb_id | OSVDB ID | 12914 | number | monoblock | public |
source_osvdb_create | Unix timestamp of the OSVDB entry creation | 1104710400 | Unix timestamp | monoblock | public |
source_osvdb_title | OSVDB title | Windows Kernel Multiprocessor Page Fault Handler Race Condition | string | monoblock | public |
source_osvdb_unavailable | The reason why a source is not available | discontinued | string | virtual | public |
source_secunia_id | Secunia ID | 13822 | number | monoblock | public |
source_secunia_date | Unix timestamp of the Secunia entry creation | 1104710400 | Unix timestamp | monoblock | public |
source_secunia_title | Secunia title | Windows Kernel Page Fault Handler Privilege Escalation | string | monoblock | public |
source_secunia_risk | Secunia risk level | Less Critical | string | monoblock | public |
source_secunia_unavailable | The reason why a source is not available | acquired by Flexera | string | virtual | public |
source_securityfocus_id | SecurityFocus ID | 12244 | number | monoblock | public |
source_securityfocus_date | Unix timestamp of the SecurityFocus entry creation | 1104710400 | Unix timestamp | monoblock | public |
source_securityfocus_class | SecurityFocus vulnerability class | Input Validation Error | string | monoblock | public |
source_securityfocus_title | SecurityFocus title | Windows Remote Format String Vulnerability | string | monoblock | public |
source_sectracker_id | SecurityTracker ID | 1012862 | number | monoblock | public |
source_sectracker_date | Unix timestamp of the SecurityTracker entry creation | 1105488000 | Unix timestamp | monoblock | public |
source_sectracker_title | SecurityTracker title | Windows Kernel Multiprocessor Page Fault Handler Race Condition Lets Local Users Gain Elevated Privileges | string | monoblock | public |
source_sectracker_cause | SecurityTracker cause | Access control error | string | monoblock | public |
source_sectracker_unavailable | The reason why a source is not available | discontinued | string | virtual | public |
source_vulnerabilitycenter_id | Vulnerability Center ID | 51222 | number | monoblock | public |
source_vulnerabilitycenter_title | Vulnerability Center title | Windows Kernel Multiprocessor Page Fault Handler Race Condition Lets Local Users Gain Elevated Privileges | string | monoblock | public |
source_vulnerabilitycenter_severity | Vulnerability Center severity | Medium | string | monoblock | public |
source_vulnerabilitycenter_creationdate | Unix timestamp of the Vulnerability Center entry creation | 1105488000 | Unix timestamp | monoblock | public |
source_vulnerabilitycenter_lastupdate | Unix timestamp of the Vulnerability Center entry last update | 1105488000 | Unix timestamp | monoblock | public |
source_vulnerabilitycenter_reportingdate | Unix timestamp of the Vulnerability Center reporting date | 1105488000 | Unix timestamp | monoblock | public |
source_vupen_id | Vupen ID | ADV-2009-1233 | string | monoblock | public |
source_vupen_unavailable | The reason why a source is not available | defunct | string | virtual | public |
source_xforce_id | IBM X-Force ID | 11695 | number | monoblock | public |
source_xforce_date | Unix timestamp of the IBM X-Force entry creation | 1105488000 | Unix timestamp | monoblock | public |
source_xforce_title | IBM X-Force title | Windows LF (Line Feed) denial of service | string | monoblock | public |
source_xforce_identifier | IBM X-Force identifier | microsoft-http-lf-dos | string | monoblock | public |
source_xforce_risk | IBM X-Force risk (obsolete since 2015) | Medium Risk | string | monoblock | public |
source_zerodaycz_id | Zero-day.cz ID | 889 | number | monoblock | public |
source_zerodaycz_title | Zero-day.cz title | Information disclosure in Check Point Quantum Gateway | string | monoblock | public |
source_cert_vu | CERT VU | 252068 | number | monoblock | public |
source_securiteam_url | SecuriTeam.com URL | http://www.securiteam.com/ | string url | monoblock | public |
source_securiteam_unavailable | The reason why a source is not available | discontinued | string | virtual | public |
source_cnnvd_id | CNNVD ID | CNNVD-202403-298 | string | monoblock | public |
source_cnnvd_name | CNNVD title | JetBrains TeamCity 安全漏洞 | string | monoblock | public |
source_cnnvd_hazardlevel | CNNVD risk | 1 | integer | monoblock | public |
source_cnnvd_create | Timestamp of the CNNVD entry creation | 2024-03-05 | string (YYYY-mm-dd) | monoblock | public |
source_cnnvd_publish | Timestamp of the CNNVD entry disclosure | 2024-03-05 | string (YYYY-mm-dd) | monoblock | public |
source_cnnvd_update | Timestamp of the CNNVD entry update | 2024-03-05 | string (YYYY-mm-dd) | monoblock | public |
source_exploitdb_id | Exploit-DB ID | 37932 | number | monoblock | public |
source_exploitdb_date | Unix timestamp of the Exploit-DB entry creation | 1105488000 | Unix timestamp | monoblock | public |
source_milw0rm_id | Milw0rm ID | 37932 | number | monoblock | public |
source_milw0rm_unavailable | The reason why a source is not available | discontinued | string | virtual | public |
source_0daytoday_id | 0day.today ID | 37932 | number | monoblock | public |
source_0daytoday_date | Unix timestamp of the 0day.today entry creation | 1105488000 | Unix timestamp | monoblock | public |
source_0daytoday_title | Unix timestamp of the 0day.today entry creation | 1105488000 | Unix timestamp | monoblock | public |
source_heise_id | Heise.de URL ID | 44502 | number | monoblock | public |
source_tecchannel_id | Tecchannel URL ID (obsolete) | 2093 | string | monoblock | public |
source_nessus_id | Nessus ID | 88647 | number | monoblock | public |
source_nessus_name | Nessus plugin title | MS16-015: Security Update for Microsoft Office to Address Remote Code Execution (3134226) | string | monoblock | public |
source_nessus_filename | Nessus plugin filename | microsoft_windows_ssl.nasl | string | monoblock | public |
source_nessus_risk | Nessus risk | Critical | string | monoblock | public |
source_nessus_family | Nessus family | Windows : Microsoft Bulletins | string | monoblock | public |
source_nessus_type | Nessus plugin type | remote | string | monoblock | public |
source_nessus_port | Nessus plugin port | 445 | string | monoblock | public |
source_nessus_date | Nessus plugin date | 1105488000 | Unix timestamp | monoblock | public |
source_pvs_id | PVS ID | 8276 | number | monoblock | public |
source_pvs_title | PVS title | Windows Multiple Vulnerabilities | string | monoblock | public |
source_pvs_risk | PVS risk | High | string | monoblock | public |
source_pvs_family | PVS family | Windows | string | monoblock | public |
source_openvas_id | OpenVAS ID | 881920 | number | monoblock | public |
source_openvas_filename | OpenVAS filename | gb_CESA-2014_0383_samba4_centos6.nasl | string | monoblock | public |
source_openvas_title | OpenVAS title | Windows Update for samba4 CESA-2014:0383 | string | monoblock | public |
source_openvas_family | OpenVAS family | Windows Local Security Checks | string | monoblock | public |
source_qualys_id | Qualys ID | 38370 | number | monoblock | public |
source_qualys_title | Qualys title | Windows Privilege Escalation Vulnerability | string | monoblock | public |
source_saint_id | SAINT ID | exploit_info/iis5_webdav | string | monoblock | public |
source_saint_title | SAINT title | ntdll.dll buffer overflow via IIS 5.0 WebDAV | string | monoblock | public |
source_saint_link | SAINT link | http://www.saintcorporation.com/ | string | monoblock | public |
source_msf_id | Metasploit ID | ms03_007_ntdll_webdav.rb | string | monoblock | public |
source_msf_filename | Metasploit filename | metasploit-framework/modules/ | string | monoblock | public |
source_msf_title | Metasploit title | MS03-007 Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow | string | monoblock | public |
source_d2sec_url | D2 Elliot URL | http://www.d2sec.com/exploits/ | string url | monoblock | public |
source_d2sec_title | D2 Elliot title | vBulletin 4.1.x RCE | string | monoblock | public |
source_d2sec_desc | D2 Elliot description | Remote command execution vulnerability in vBulletin upgrade.php | string | monoblock | public |
source_d2sec_family | D2 Elliot family | Remote Command Execution | string | monoblock | public |
source_atk_id | ATK ID | 99 | number | monoblock | public |
source_snort_id | Snort ID | 2090 | number | monoblock | public |
source_snort_class | Snort class | attempted-admin | string | monoblock | public |
source_snort_message | Snort message | SERVER-IIS WEBDAV exploit attempt | string | monoblock | public |
source_snort_pattern | Snort pattern | }SNORT- | string | monoblock | public |
source_suricata_id | Suricata ID | 2002844 | number | monoblock | public |
source_suricata_sig | Suricata signature | ET WEB_SERVER WebDAV search overflow | string | monoblock | public |
source_suricata_class | Suricata class | web-application | string | monoblock | public |
source_sourcefire_ips_id | Sourcefire IPS ID | 8427 | number | monoblock | public |
source_issproventia_id | ISS Proventia ID | 2118084 | number | monoblock | public |
source_tippingpoint_id | Tippingpoint ID | 4725 | number | monoblock | public |
source_tippingpoint_title | Tippingpoint title | HTTP: AOL ICQ ActiveX Control Code Execution (ZDI-06-037) | string | monoblock | public |
source_tippingpoint_category | Tippingpoint category | Vulnerabilities | string | monoblock | public |
source_mcafee_ips_id | McAfee IPS ID | DNS: ISC BIND Resolver Library Buffer Overflow Vulnerability | string | monoblock | public |
source_mcafee_ips_version | McAfee IPS version | 8.1.38.3 | string | monoblock | public |
source_paloalto_ips_id | Palo-Alto IPS ID | 30354 | number | monoblock | public |
source_fortigate_ips_id | Fortigate IPS ID | 12718 | number | monoblock | public |
source_screenshot | Screenshot of the vulnerability and/or attack | example_screenshot.jpg | string filename | virtual | public |
source_videolink | Link to video describing or showing the attack (Youtube, Vimeo, etc.) | https://youtu.be/GsCpyUJDyjQ | string url | monoblock | public |
source_sciplabs | Link to recommended scip Labs entry | https://www.scip.ch/en/?labs.20191010 | string url | virtual | public |
source_misc | Misc. Link | https://blog.exodusintel.com/ | string url | monoblock | public |
source_misc_unavailable | The reason why a source is not available | defunct | string | virtual | public |
source_seealso | IDs of similar VulDB entries (if available) | 12354, 84635, 78413 | string array | monoblock | public |
cti_activity_score | Current activity score for the specific item | 4.38 | number (0.00-10.00) | virtual | public |
cti_activity_trend | Forecast if the current activity score of the item will increase (+), decrease (-) or remain as it is | + | string | virtual | public |
cti_activity_countries | List of countries which are associated with latest activities of the item | us, cn, ru | string array | virtual | public |
cti_activity_actors | List of APT actors which are associated with latest activities of the item | Conti, Black Basta, Carbanak | string array | virtual | public |
cna_responsible | Name of the CNA with the original scope | Microsoft | string array | monoblock | public (ro) |
cna_contact_date | Unix timestamp of contacting the CNA | 1643366633 | Unix timestamp | monoblock | public (ro) |
cna_response_date | Unix timestamp of the response by the CNA | 1643366633 | Unix timestamp | monoblock | public (ro) |
cna_response_summary | Description of the response by the CNA | We reject this issue because the feature works as intended. | string | monoblock | public (ro) |
cna_decision_date | Unix timestamp of our decision as CNA | 1643366633 | Unix timestamp | monoblock | public (ro) |
cna_decision_summary | Description of our decision as CNA | We overrule the vendor CNA because there is a risk for customers. | string | monoblock | public (ro) |
cna_eol | Flagging products as not supported when assigned as demanded by the CVE program for EoL products | 1 | boolean (0, 1) | monoblock | public (ro) |
cna_nocve | Flagging entries as not eligible for CVE assignments according to our submission rules and/or the CNA rules | 1 | boolean (0, 1) | monoblock | public (ro) |
legacy_title | Legacy title (old entries) | (obsolete) | string | monoblock | internal |
legacy_affected | Legacy affected products (old entries) | (obsolete) | string | monoblock | internal |
legacy_description | Legacy description (old entries) | (obsolete) | string | monoblock | internal |
legacy_expert | Legacy comment (old entries) | (obsolete) | string | monoblock | internal |
Cyber Threat Intelligence
Using the CTI API requires additional access capabilities unlocked for the requesting user account. Accessing the CTI API consumes more API credits than accessing the Vulnerability API.
IP Addresses, Hostnames, Actors
Ideal to lookup indicators for malicious activities and to analyze behavior of actors.
📥 Download Free API Response Sample
Data Point | Title | Example | Type | Repo | Availability |
---|---|---|---|---|---|
ipv4 | IPv4 addresses associated with the actor | 192.168.0.1, 192.168.0.2 | string array | virtual | public |
hostname | Hostnames associated with the actor | www.example.com, test.example.com | string array | virtual | public |
timestamp_reported | Unix timestamp of adding item to database | 1607986800 | Unix timestamp | meta | public |
timestamp_confirmed | Unix timestamp of last confirmation of item | 1607986800 | Unix timestamp | meta | public |
risk_value | Current activity and risk level of the actor | 4.23 | number (0.00-10.00) | virtual | public |
risk_name | Current activity and risk level of the actor readable for humans | Medium | string | virtual | public |
attribution | Actor group attribution of the item | Zegost | string | virtual | public |
association | Actor country association of the item | us, cn, ru | string array | virtual | public |
vulnerability | Known vulnerabilities associated with the item (VulDB identifiers) | 199177, 205666, 206240 | number array | virtual | public |
ioa_file | Indicators of Attack based on file names associated with the item | backdoor.php, proxy.aspx | string array | virtual | public |
ioa_library | Indicators of Attack based on library names associated with the item | /lib/auth.php, hidden.dll | string array | virtual | public |
ioa_argument | Indicators of Attack based on argument names associated with the item | username, password, admin | string array | virtual | public |
ioa_input_value | Indicators of Attack based on input values associated with the item | <script>, alert(1), /etc/passwd | string array | virtual | public |
ioa_pattern | Indicators of Attack based on pattern values associated with the item | |05 00 00|, abcd | string array | virtual | public |
ioa_network_port | Indicators of Attack based on network ports associated with the item | 37777, tcp/666 | string array | virtual | public |
ttp_technique | Tactics, techniques, and procedures associated with the item | T1006, T1055, T1059.007 | string array | virtual | public |
ttp_capec | CAPEC-items associated with the item | 1, 10, 16 | string array | virtual | public |
ttp_cwe | Weaknesses associated with the item | CWE-22, CWE-79, CWE-200 | string array | virtual | public |
sources | Online sources associated with the item, actor, campaign or indicators | https://www.scip.ch/en/?labs.20210923 | string url array | virtual | public |
Events
Helps you to determine ongoing activities and emerging threats.
📥 Download Free API Response Sample
Data Point | Title | Example | Type | Repo | Availability |
---|---|---|---|---|---|
timestamp | Unix timestamp of beginning of event | 1660581175 | Unix timestamp | virtual | public |
title | Title of event | Actor Group in US review vendor Cisco | string | virtual | public |
summary | Short summary of event | During an analysis our CTI team identified an interesting event on 06:32 PM. It was possible to identify multiple members of an unknown group to be part of the activities. The center of attention is the vendor Cisco. This event is classified as General Danger. | string | virtual | public |
type | Type of event | group | string | virtual | public |
country | Country involved in activities | us | string | virtual | public |
focus | Focus of activity | vendor | string | virtual | public |
object | Targeted object | Cisco | string | virtual | public |
vulnerability | Targeted vulnerability | 1057 | number | virtual | public |
weight | Importance of event | 131 | number (0-n) | virtual | public |
risk | Risk of identified event | General Danger | string | virtual | public |
details | Link to the CTI platform which provides drilldown details | https://vuldb.com/?vendor.cisco | string url | virtual | public |
Actualizado em: 05/09/2024 a partir de VulDB Documentation Team