Förändringslogg

Version 13.27.4 (24/07/2021)

  • 🔗 Commit 7430f • Optimization
    Current CTI scores in overviews are loaded and shown much faster which improves speed of site generation.

  • Current CTI scores are shown in overviews in any case even if the servers are under heavy load.

  • Current CTI scores in overviews show the correct timestamp of the last update for the most recent entries in the tooltip of the field.

Version 13.27.3 (17/07/2021)

  • 🔗 Commit 6861b • Optimization
    Better import and validation handling for APT actor IoC moderation to improve processing and quality.

Version 13.27.2 (16/07/2021)

  • 🔗 Commit 363b6 • Optimization
    Clarification of titles of privilege escalation vulnerabilities. Remote issues that require some form of authentication are shown as Privilege Escalation without mentioning of Remote. Only remote issues without authentication are shown as true Remote Privilege Escalation.

  • 🔗 Commit 61142 • Bugfix • Customer request
    Fixed a rare bug in API 1.11/2.24/3.31 that created an associative array for software_version if the list of versions numbers contained the value 0. Thanks to Fergus Nelson for reporting this issue.

Version 13.27.1 (15/07/2021)

Version 13.27.0 (14/07/2021)

  • 🔗 Commit cc0e3 • Feature • Customer request
    Cyber threat intelligence events display emerging, current, and upcoming activities by actors.

  • Fixed a bug that temp scores of CVSS vectors are not properly stored during initial entry create. This did not affect updated entries.

Version 13.26.4 (07/07/2021)

Version 13.26.3 (30/06/2021)

  • 🔗 Commit ea669 • Optimization
    Reinstated linking to CVEdetails.com as they resumed adding and updating new CVEs.

Version 13.26.2 (25/06/2021)

  • 🔗 Commit 28728 • Optimization • Customer request
    The Content-Type of all API responses is changed to application/json; charset=utf-8. This is not a change in the API itself which is why the version number of the API endpoints is not incremented.

Version 13.26.1 (24/06/2021)

  • 🔗 Commit 0d89b • Optimization • Customer request
    The official vulnerability API endpoint is located at /?api and will redirect faulty URLs and GET parameters. Microsoft Power Apps did not respect this URL structure and changed the query string to a parameter tuple with an empty value. Our API endpoint redirected to the correct URL but Power Apps is not capable of following such HTTP redirects. This issue got fixed as Power Apps is now allowed to access the API endpoint even though the request URL format is not entirely correct.

Version 13.26.0 (18/06/2021)

Version 13.25.3 (16/06/2021)

  • 🔗 Commit 0494b • Optimization
    Performance optimization during stress (e.g. many users, DDoS attacks).

  • 🔗 Commit 9660e • Optimization
    Changed the algorithm to generate the category values local and remote in the RSS feeds. Also added the value partial for local if the attack vector is physical.

Version 13.25.2 (15/06/2021)

Version 13.25.1 (14/06/2021)

  • 🔗 Commit fd133 • Optimization
    More accurate timing information about new IoC (Indicator of Compromise) assigned to an APT actor.

Version 13.25.0 (11/06/2021)

Version 13.24.1 (09/06/2021)

Version 13.24.0 (08/06/2021)

Version 13.23.0 (07/06/2021)

Version 13.22.1 (04/06/2021)

  • 🔗 Commit 03370 • Optimization
    Timelines indicating activities show the so called activity index instead of the generic entries label.

  • 🔗 Commit 03359 • Optimization
    Bar charts showing exploit prives use exploit instead of the generic entries label.

Version 13.22.0 (31/05/2021)

Version 13.21.0 (26/05/2021)

  • 🔗 Commit edf52 • Feature • Customer request
    Language support for Japanese (jp). This includes basic parts of the web site and vulnerability details.

Version 13.20.4 (18/05/2021)

  • 🔗 Commit 02cd6 • Optimization
    The event of web code improvement shown in the community stream links to the changelog.

  • 🔗 Commit e9923 • Optimization
    In API 1.9/2.21/3.28 requests by the official Splunk app with a license of less than 10 API credits will throw an 403 Splunk app license expired error to prevent stressing the service with expired Splunk installations.

Version 13.20.3 (12/05/2021)

  • 🔗 Commit b4953 • Optimization
    Streamlined entry identifier wording on community activity stream on the frontpage.

Version 13.20.2 (04/05/2021)

Version 13.20.1 (02/05/2021)

  • 🔗 Commit b0e75 • Optimization
    Community activities shown on the frontpage do refer to entries with their corresponding VDB ID to increase readability.

Version 13.20.0 (29/04/2021)

  • 🔗 Commit 0d72f • Feature
    Frontpage does now show the latest changelog entries of the current day.

  • 🔗 Commit d6b22 • Optimization • Customer request
    Vulnerability entries do now always contain links to available upgrades and patches in the Countermeasure section.

Version 13.19.3 (28/04/2021)

  • 🔗 Commit 6df70 • Optimization
    Performance optimization of the Threat Intelligence chart on the frontpage.

  • 🔗 Commit d1eb6 • Bugfix • Customer request
    Fixed an issue where count and overview of user commits were not updated. Reported by user misc

Version 13.19.2 (26/04/2021)

  • 🔗 Commit a9542 • Optimization
    Hardware upgrade for better memory and processing handling.

  • 🔗 Commit 8dd8c • Optimization
    In API 3.27 the values of numeric request types is verified and if not acceptable, a 400 Bad request error message is shown.

Version 13.19.1 (24/04/2021)

  • 🔗 Commit 3855b • Optimization
    Optimized load balancing, limiter, and DDoS mitigation to provide more stability for legitimate users.

Version 13.19.0 (22/04/2021)

  • 🔗 Commit a85dc • Feature • Customer request
    Submitted items are reviewed by an automated pre-parser to define a priority for processing by the moderation team. This increases priority for most important items and therefore improves processing speed.

Version 13.18.0 (20/04/2021)

Version 13.17.1 (16/04/2021)

  • 🔗 Commit b93ed • Optimization
    Code optimization of CTI map generation for faster processing with less memory requirements.

Version 13.17.0 (15/04/2021)

  • 🔗 Commit 1ffb5 • Feature • Customer request
    Description of CTI trigger possibilities and threshold handling to create events and reports.

  • 🔗 Commit 881a3 • Optimization
    Footer does now refer to your specific copyright and license depending whether there is a commercial, enterprise, or reseller license established.

Version 13.16.0 (12/04/2021)

  • 🔗 Commit f7832 • Feature • Customer request
    Some users mistake their mail address as legitimate username to login. In this case a warning message informs the user about the mistake.

Version 13.15.3 (08/04/2021)

  • 🔗 Commit 265e0 • Optimization
    Performance optimization for CTI country analysis (closed beta invite only at the moment). Time range analysis is now incremental which makes report generation much faster (especially for larger ranges).

Version 13.15.2 (31/03/2021)

  • 🔗 Commit 05005 • Optimization
    All listings in the personal profile do contain timestamps to make identification of single items much easier.

  • 🔗 Commit cddb4 • Optimization
    Completed some of the missing translations for French, Italian, Spanish, Polish, and Swedish.

  • 🔗 Commit 6dc4a • Optimization
    Improved the handling of time format regarding country-specific definitions. The language en will show A.M. and P.M. only if the browser is also set to en-us. Otherwise the 24 hour format is used. If the language is set to fr and the browser announces fr-fr there will be the French format 12h34. The 24 hour format is also used as default for all languages without a specific definition.

Version 13.15.1 (30/03/2021)

  • Fixed a bug where some long product names, product listings and titles did not show the product name in its entirety.

  • 🔗 Commit 44ee5 • Optimization
    In API 3.26 fixed an issue where queries for advisory_date_start, entry_timestamp_create_start, entry_timestamp_change_start, and entry_timestamp_all_start did not work properly if the request value had a trailing whitespace.

Version 13.15.0 (29/03/2021)

  • 🔗 Commit 15c50 • Feature
    The personal API history does show the execution time for a request to help optimize queries. The column is shown as seconds and sortable.

  • 🔗 Commit c4d04 • Feature • Customer request
    Added planned features in a roadmap to announce upcoming functionality. The items shown are just suggestions and might change regarding implementation and deployment.

Version 13.14.3 (28/03/2021)

Version 13.14.2 (26/03/2021)

  • In API 2.20/3.25 the list of multiple items in software_affectedlist and software_notaffectedlist do trim trailing whitespaces correctly.

Version 13.14.1 (25/03/2021)

  • 🔗 Commit a8cdf • Optimization
    Added a new community rank Guru which requires 5000 points to be reached. Therefore, Grand Master is not the highest rank anymore.

Version 13.14.0 (24/03/2021)

  • 🔗 Commit 434e3 • Feature • Customer request
    Introduced API 3.24 with the new request type entry_timestamp_all_start which combines new items from entry_timestamp_create_start and updated items from entry_timestamp_change_start in a single stream.

Version 13.13.1 (20/03/2021)

Version 13.13.0 (17/03/2021)

Version 13.12.0 (10/03/2021)

  • 🔗 Commit 699d0 • Feature • Customer request
    Made internal changelog public to provide full transparency for our customers. Entries earlier than 2020 just show milestones and not detailed changes.

  • 🔗 Commit 43dfe • Feature
    Added link to changelog under support in main menu and in the footer of the page.

  • 🔗 Commit c0ba0 • Optimization
    Updated internal quality guidance for CVSS fields during creation of new entries based on official Microsoft disclosures.

Version 13.11.3 (08/03/2021)

  • 🔗 Commit 1faf6 • Optimization
    Updated internal quality requirements for advisory_person_name and advisory_person_nickname fields to prevent inaccurate information during daily update procedure.

Version 13.11.2 (04/03/2021)

  • 🔗 Commit ecf32 • Optimization
    Optimized limiter to prohibit crawling of view elements by non-commercial users.

  • 🔗 Commit fa612 • Optimization
    Limiter uses better geolocation data to prevent malicious users from changing IP addresses to slow down detection of abuse.

Version 13.11.1 (03/03/2021)

  • Fixed a rare German translation issue in a specific sentence of some vulnerability summaries.

Version 13.11.0 (01/03/2021)

Version 13.10.0 (28/02/2021)

Version 13.9.0 (22/02/2021)

Version 13.8.0 (04/02/2021)

  • 🔗 Commit 5626b • Feature
    Added load balancing features to handle performance peaks much better.

  • 🔗 Commit 2efad • Feature
    Enabled priority module to provide high-availability for enterprise customers.

Version 13.7.1 (03/02/2021)

  • 🔗 Commit 167ac • Optimization
    Optimized normalize module to improve quality assurance of vulnerability data management.

Version 13.7.0 (01/02/2021)

  • 🔗 Commit 14106 • Feature
    Initiated preparation for port of web services to PHP8. First polyfill functions tested.

Version 13.6.1 (17/01/2021)

Version 13.6.0 (16/01/2021)

  • 🔗 Commit 960f5 • Feature
    Start of internal testing for CTI attribution module to identify APT group activities as such. Used by CTI team to create CTI alerts and infos for paying customers.

Version 13.5.3 (09/01/2021)

  • 🔗 Commit d53a8 • Optimization • Customer request
    Changed entry_timestamp_delta behavior from 7200 to 120 to keep commit grouping much smaller. Entries updated within a short period of time will pushed into the update stream to provide the most actual data to API users.

Version 13.5.2 (04/01/2021)

  • 🔗 Commit 96326 • Optimization
    Performance improvement of search engine. Early dissection will speed up some specific search requests.

  • 🔗 Commit 96326 • Optimization
    Performance improvement of monoblock engine. Compilation of entries is a bit faster under certain circumstances.

Version 13.4.1 (15/12/2020)

  • 🔗 Commit c227f • Optimization
    Performance optimization of monoblock data processing.

Version 13.4.0 (08/12/2020)

  • 🔗 Commit dcd32 • Feature
    In API 3.23 added request type cursorinit to determine ideal initial cursor position for ongoing vulnerability stream (e.g. Splunk).

Version 13.3.0 (04/12/2020)

  • 🔗 Commit 3abdf • Feature
    Introduced information regarding ATT&CK. The fields are currently auto-generated and not part of the monoblock.

  • 🔗 Commit dbcd2 • Feature
    In API 2.19/3.22 added field source_cve_cna which contains a string of the CVE Numbering Authority that assigned the CVE.

  • Corrected a display bug for tooltips of CVSS fields on certain overview pages.

Version 13.2.1 (03/12/2020)

  • 🔗 Commit 6c403 • Optimization
    Optimized signup flood protection to prevent malicious users from auto-generating community accounts.

Version 13.2.0 (26/11/2020)

  • 🔗 Commit 0cd93 • Feature
    Added new import feature for vulnerability moderators to handle custom entries and large batches of submissions.

  • 🔗 Commit a4571 • Feature
    The differences in a diff view are highlighted by color to provide better visibility.

Version 13.1.2 (13/11/2020)

  • 🔗 Commit 7983d • Optimization
    Performance optimization of monoblock data processing.

Version 13.1.1 (06/11/2020)

Version 13.1.0 (02/11/2020)

Version 13.0.1 (16/10/2020)

  • 🔗 Commit 68339 • Optimization
    Optimized some indexes within the database to improve performance.

Version 13.0.0 (09/10/2020) ⭐

  • 🔗 Commit 8b201 • Feature
    Introduced new monoblock structure to provide more possibilities like commits, commit histories, etc.

Version 12.26.0 (10/09/2020)

Version 12.25.1 (10/08/2020)

  • 🔗 Commit b3264 • Optimization
    Optimization of browser rendering speed by adding font-display: swap to the CSS style sheet.

Version 12.25.0 (16/05/2020)

  • 🔗 Commit f6e38 • Feature
    Added an optimization banner to inform users about upcoming changes and features.

Version 12.24.0 (13/05/2020)

  • 🔗 Commit 58be3 • Feature
    New horizontal table style to make some upcoming views better readable.

Version 12.23.5 (01/05/2020)

  • 🔗 Commit e655c • Optimization
    Upgrading to an extended server cluster for better performance.

Version 12.23.4 (17/04/2020)

  • In API 3.21 the field entry_timestamp_change is now always present even if the entry was just created and never updated yet. In this case it will contain the same value like entry_timestamp_create. User of the official VulDB Splunk App are advised to update to the latest release.

Version 12.23.3 (04/03/2020)

  • 🔗 Commit 328c8 • Optimization
    CVEdetails.com stopped updating their database. We keep linking old CVEs to their sites but do not do so for newer entries.

Version 12.23.2 (10/01/2020)

  • 🔗 Commit ce27f • Optimization
    Added validation styles for numbers, dates, emails, and urls for forms. These detect missing or wrong data before submitting a form.

Version 12.23.1 (19/11/2019)

  • 🔗 Commit 7d12f • Optimization
    Decreased the font-size of labes from 90% to 75% for better readability.

  • 🔗 Commit c8999 • Optimization
    Improved style and layout of tooltips for better readability.

Version 12.23.0 (15/11/2019)

  • 🔗 Commit 5c4b5 • Feature
    Load new pages with extended loading time show progress bar spinner at top of the site.

Version 12.22.0 (09/11/2019)

  • 🔗 Commit c4f43 • Feature
    Added logos of vendors/products in entries if available.

  • 🔗 Commit 46f6e • Optimization
    Stramlined CSS style sheet regarding mini buttons.

Version 12.21.0 (08/11/2019)

  • 🔗 Commit 4f1af • Feature
    Added tooltips for easier access to more information.

  • 🔗 Commit 63433 • Optimization
    Added fade effect for mini buttons for a better user experience.

Version 12.20.1 (06/11/2019)

Version 12.20.0 (31/10/2019)

  • 🔗 Commit 032a9 • Feature • Customer request
    In API 3.20 added field vulnerability_name which contains a string or array a popular names of the vulnerability (e.g. Shellshock, Poodle).

Version 12.19.0 (13/09/2019)

  • 🔗 Commit eaf94 • Feature • Customer request
    In API 3.19 added field family entry_details_* which contain entry_details_affected, entry_details_vulnerability, entry_details_impact, entry_details_exploit, entry_details_countermeasures, and entry_details_sources.

Version 12.18.0 (31/08/2019)

  • 🔗 Commit 34a45 • Feature
    In API 3.18 added field entry_replaces to display duplicates which have been replaced by this entry.

Version 12.17.0 (26/08/2019)

Version 12.16.0 (22/08/2019)

Version 12.15.0 (06/07/2019)

Version 12.14.0 (01/07/2019)

  • 🔗 Commit 2fcc6 • Feature • Customer request
    Introduction of software type categories available in the field software_type.

Version 12.13.3 (04/06/2019)

  • In API 3.16 fixed value of field advisory_identifier, disabled safeguard mechanism to prevent inconsistency in result count.

Version 12.13.2 (01/06/2019)

Version 12.13.1 (27/05/2019)

  • 🔗 Commit 6e92e • Optimization
    Added loading bar on top of the page to indicate the loading of large pages.

Version 12.13.0 (24/05/2019)

  • 🔗 Commit bcb85 • Feature
    Submitting forms locks input fields and shows progress indicator.

Version 12.12.0 (17/05/2019)

Version 12.11.0 (08/05/2019)

  • 🔗 Commit 0fb91 • Feature
    In API 3.14 requesting dedicated CVSS fields supports the official response format (e.g. vulnerability_cvss3_vuldb_basescore) and the legacy format (e.g. vulnerability_cvss3_basescore_vuldb). The legacy format will be dropped in a future major release of the API.

Version 12.10.1 (24/04/2019)

  • 🔗 Commit 1dc8a • Optimization
    Improved the layout of the search menu item for better accessibility.

  • 🔗 Commit bb0d0 • Optimization
    The status boxes of live views are now pulsating if there is currently some activity.

Version 12.10.0 (17/04/2019)

  • 🔗 Commit d1042 • Feature • Customer request
    In API 1.8/2.18/3.13 added field software_cpe23 which introduces full CPE 2.3 support whereas software_cpe is still providing CPE 2.2 data.

Version 12.9.0 (15/04/2019)

Version 12.8.2 (10/04/2019)

  • 🔗 Commit 35519 • Optimization
    Hovering a clickable symbol in an overview will now be indicated by the cursor as pointer.

  • 🔗 Commit cdf7b • Optimization
    Improved the layout of buttons inside text boxes (e.g. searches).

Version 12.8.1 (01/04/2019)

  • 🔗 Commit 27ca6 • Optimization
    Centered the purchase table for better accessibility.

Version 12.8.0 (29/03/2019)

Version 12.7.0 (21/03/2019)

Version 12.6.0 (15/03/2019)

  • 🔗 Commit d3ac7 • Feature • Customer request
    Added multiple levels to the main menu to provide better accessibility to the variety of features.

  • 🔗 Commit 35f3e • Feature
    Added the possibility for buttons within textboxes (e.g. searches).

Version 12.5.0 (08/03/2019)

Version 12.4.0 (04/03/2019)

  • 🔗 Commit 55a0e • Feature
    In API 1.7/2.17/3.12 added fields entry_locked_status and entry_locked_reason to inform about entries undergoing update and review processes (they might change soon).

Version 12.3.0 (01/03/2019)

Version 12.2.0 (28/02/2019)

  • 🔗 Commit 231a4 • Feature
    Large tables might be shown with a striped layout to improve readability.

  • 🔗 Commit 16d23 • Optimization
    Improved the layout of buttons in the user submenu.

Version 12.1.0 (25/02/2019)

  • 🔗 Commit 9c6de • Feature • Customer request
    Symbols in overviews are clickable to provide a drilldown feature. This is true for CVSS, exploit prices, exploitability, and countermeasures.

  • 🔗 Commit 92aac • Optimization
    Header text is now a graphical element.

Version 12.0.4 (23/02/2019)

  • 🔗 Commit 82de5 • Optimization
    Slightly changed the colorization of remedation and exploitability levels.

Version 12.0.3 (22/02/2019)

  • 🔗 Commit 55aa5 • Optimization
    Changed the pointer behavior of certain table headers from grab to regular pointer.

Version 12.0.2 (21/02/2019)

Version 12.0.1 (20/02/2019)

Version 12.0.0 (18/02/2019) ⭐

  • 🔗 Commit b9184 • Feature • Customer request
    New overviews introduced with a lot of information items.

  • 🔗 Commit 65679 • Feature
    Added support for dynamic behavior for long tables with more than six columns.

  • 🔗 Commit 4c719 • Optimization
    Streamlined the behavior of content and article.

  • 🔗 Commit 4c719 • Optimization
    Streamlined the behavior of tables.

  • 🔗 Commit 4c719 • Optimization
    Streamlined the behavior of buttons.

Version 11.27.0 (15/02/2019)

  • 🔗 Commit c278e • Feature
    Added the posibility to fade-in some elements for a better user experience.

  • 🔗 Commit 07fdc • Optimization
    Improved the width behavior of user menu buttons.

Version 11.26.0 (08/02/2019)

Version 11.25.0 (06/02/2019)

  • 🔗 Commit 250b0 • Feature • Customer request
    In API 3.10 added request parameter offset to set a starting point for results (pagination).

Version 11.24.1 (01/02/2019)

  • 🔗 Commit 5d94f • Optimization
    Reached the 10.000th community user. Congratulations!

Version 11.24.0 (18/01/2019)

Version 11.23.0 (11/01/2019)

  • 🔗 Commit dfb03 • Feature • Customer request
    In API 3.8 VulDB CVSSv3 scores use AI-driven autocomplete based on historical data and additional sources. The field vulnerability_cvss3_vuldb_confidence indicates the confidence of the vectors.

Version 11.22.1 (08/01/2019)

Version 11.22.0 (01/01/2019)

Version 11.21.0 (13/12/2018)

  • 🔗 Commit 1deb7 • Feature • Customer request
    In API 1.4/2.14/3.6 requesting details without unlocked archive access will warn in field entry_warning about limitation.

Version 11.20.0 (28/10/2018)

Version 11.19.0 (01/10/2018)

Version 11.18.1 (20/09/2018)

  • 🔗 Commit c4d5c • Optimization
    Changed the cursor behavior for votes from copy to default.

  • 🔗 Commit c4d5c • Optimization
    Changed the cursor behavior of ribbons to default.

Version 11.18.0 (18/09/2018)

  • 🔗 Commit afb23 • Feature
    Added custom ribbons to popup with interesting details if needed.

  • 🔗 Commit 8ee7c • Optimization
    Improved the behavior of items which have a fade-in effect.

Version 11.17.0 (01/09/2018)

Version 11.16.0 (31/08/2018)

  • 🔗 Commit c00a7 • Feature • Customer request
    Introduction of CPE lists in entry views to indicate the affected products.

Version 11.15.0 (06/08/2018)

  • 🔗 Commit 9e978 • Feature
    In API 3.5 support for the queries advisory_date_start, entry_timestamp_create_start, entry_timestamp_change_start.

  • 🔗 Commit 576a2 • Optimization • Customer request
    Disabled the gradients in symbols.

Version 11.14.4 (04/08/2018)

  • 🔗 Commit 48a03 • Optimization
    Fixed an issue with the visibility of long date symbols.

Version 11.14.3 (03/08/2018)

Version 11.14.2 (02/08/2018)

Version 11.14.1 (01/08/2018)

  • 🔗 Commit 7ef2d • Optimization
    Introduction of antialiasing of fonts for better readability on high-resolution displays.

Version 11.14.0 (31/07/2018)

Version 11.13.1 (22/07/2018)

Version 11.13.0 (12/07/2018)

  • 🔗 Commit b1af8 • Feature • Customer request
    Added dynamic layouts for tables to hide certain columns under specific conditions. This improves the mobile view a lot.

Version 11.12.1 (10/07/2018)

Version 11.12.0 (06/07/2018)

Version 11.11.3 (05/07/2018)

  • 🔗 Commit be3b7 • Optimization
    A new table wrapper optimizes how tables are shown on different screen sizes.

Version 11.11.2 (04/07/2018)

Version 11.11.1 (29/06/2018)

  • 🔗 Commit 7409e • Optimization
    Streamlining of mini button for unlock announcements.

Version 11.11.0 (28/06/2018)

Version 11.10.1 (12/06/2018)

Version 11.10.0 (11/06/2018)

Version 11.9.4 (10/06/2018)

Version 11.9.3 (08/06/2018)

Version 11.9.2 (06/06/2018)

  • 🔗 Commit 216df • Bugfix • Customer request
    In API 1.3/2.12/3.2 fixed wrong values in response_remaining (calculation was correct, value shown was wrong). This issue was reported by user portal.

Version 11.9.1 (04/06/2018)

Version 11.9.0 (18/05/2018)

Version 11.8.0 (15/05/2018)

Version 11.7.1 (14/05/2018)

  • 🔗 Commit 1d0c8 • Optimization • Customer request
    In API 2.9 added detailed error messages regarding API key problems (missing, wrong, unknown, valid).

  • 🔗 Commit 1d0c8 • Optimization
    In API 2.9 enterprise customers have performance priority over free users.

Version 11.7.0 (08/05/2018)

  • 🔗 Commit a20db • Feature
    In API 2.8 the field entry_title does not show CVE anymore.

  • 🔗 Commit a20db • Feature
    In API 2.8 added fields vulnerability_timeline, countermeasure_reactiondays, countermeasure_0daydays, countermeasure_exposuredays, and countermeasure_exploitdelaydays.

Version 11.6.0 (07/05/2018)

Version 11.5.0 (01/05/2018)

Version 11.4.0 (01/04/2018)

Version 11.3.0 (22/03/2018)

  • 🔗 Commit b90e6 • Feature • Customer request
    Working on a proof-of-concept to use Alexa as a gateway to work with vulnerability data.

Version 11.2.3 (17/02/2018)

  • 🔗 Commit f3590 • Optimization
    Introduction of a container element to have more flexibility with layout positioning on the web frontend.

Version 11.2.2 (01/02/2018)

  • 🔗 Commit 51a81 • Optimization
    Introduction of a sub-title on the site title to better describe the service.

Version 11.2.1 (29/01/2018)

Version 11.2.0 (22/01/2018)

  • 🔗 Commit 49bb7 • Feature
    Upgrade to API 2.0. Response contains three elements (request, response, result) instead just the results.

Version 11.1.1 (23/09/2017)

  • 🔗 Commit aebb3 • Optimization
    Improvement of the container margins to have a better layout.

Version 11.1.0 (16/09/2017)

Version 11.0.1 (02/06/2017)

Version 11.0.0 (01/06/2017) ⭐

  • 🔗 Commit a862d • Feature
    Introduction of dynamic graphs shown in different views.

Version 10.12.2 (19/05/2017)

Version 10.12.1 (16/05/2017)

  • Fixed a display issue on the frontpage. Under certain circumstances new items were not shown as bold.

Version 10.12.0 (28/04/2017)

Version 10.11.0 (21/04/2017)

Version 10.10.0 (10/04/2017)

Version 10.9.0 (01/04/2017)

Version 10.8.0 (22/03/2017)

  • 🔗 Commit 1f1f6 • Feature • Customer request
    Vulnerability entries flagged as false-positive do now highlight this fact on their pages (title and introduction).

Version 10.7.0 (21/03/2017)

  • 🔗 Commit 2eb19 • Feature
    Introduced data for OVAL and IAVM. Completed all existing entries with appropriate data.

Version 10.6.0 (23/02/2017)

Version 10.5.1 (13/02/2017)

  • 🔗 Commit 915e2 • Optimization
    Optimized the indexing of the database to improve search performance.

Version 10.5.0 (01/02/2017)

Version 10.4.1 (20/01/2017)

  • 🔗 Commit ed89a • Optimization
    Optimized performance by using specific features and configuration settings in PHP7.

Version 10.4.0 (18/01/2017)

Version 10.3.0 (01/01/2017)

Version 10.2.0 (20/12/2016)

  • 🔗 Commit afa9d • Feature
    Introduced Bug of the Day on the front page. One of the more serious or interesting issues of the recent days is shown every day.

Version 10.1.1 (19/12/2016)

  • 🔗 Commit e0724 • Optimization
    Redesign of the front-page with a slick layout and better data accessibility.

Version 10.1.0 (16/12/2016)

  • 🔗 Commit 17b00 • Feature
    Implemented a module to detect loss of data integrity on the service.

Version 10.0.0 (01/12/2016) ⭐

Version 9.19.1 (08/11/2016)

  • 🔗 Commit 1bf65 • Optimization
    Optimization of database table structures to gain more flexibility and performance.

Version 9.19.0 (07/11/2016)

  • 🔗 Commit 41c1a • Feature
    Implementation of Content Security Policy (CSP) to improve web security of the service.

Version 9.18.0 (02/11/2016)

  • 🔗 Commit 2c835 • Feature
    It is now possible to upvote comments for vulnerability entries. Upvoted comments are shown on top of the list.

Version 9.17.0 (01/11/2016)

Version 9.16.0 (26/10/2016)

  • 🔗 Commit 464dc • Feature
    Editing a section of a vulnerability will automatically jump to the correct section of the edit form.

Version 9.15.0 (25/10/2016)

  • 🔗 Commit cbba3 • Feature
    Existing vulnerability entries can now be edited immediately by members of the moderation team.

Version 9.14.0 (14/10/2016)

  • 🔗 Commit 83203 • Feature
    Enhanced the existing cache module to allow caching of database queries and results.

Version 9.13.0 (11/10/2016)

  • 🔗 Commit 786cb • Feature
    Every user account has now a profile.

  • 🔗 Commit 7868e • Feature
    Registered users are able to tweak their own configuration of the service.

Version 9.12.0 (10/10/2016)

  • 🔗 Commit b9c2d • Feature
    Registered users are able to see history of vulnerability entries they have been viewing earlier.

Version 9.11.0 (07/10/2016)

Version 9.10.0 (06/10/2016)

Version 9.9.0 (05/10/2016)

  • 🔗 Commit da14a • Feature
    Users accessing ressources which require an authentication receive a proper error message.

Version 9.8.0 (04/10/2016)

  • 🔗 Commit 2f00f • Feature
    Users are able to reset their password via email (password recovery).

Version 9.7.0 (03/10/2016)

Version 9.6.0 (24/06/2016)

  • 🔗 Commit 688a5 • Feature
    Added a limiter to prevent malicious users from scraping our data without authorization.

Version 9.5.0 (22/06/2016)

Version 9.4.0 (01/10/2016)

Version 9.3.1 (05/07/2016)

Version 9.3.0 (30/06/2016)

  • 🔗 Commit 4aecf • Feature
    Some statistical data is now stored in a centralized table which allows them to be shown on multiple places without new calculations every time.

Version 9.2.0 (02/05/2016)

Version 9.1.1 (29/04/2016)

Version 9.1.0 (27/04/2016)

Version 9.0.0 (14/04/2016) ⭐

  • 🔗 Commit b3559 • Optimization
    Complete rewrite of the search engine to provide better matches and optimized performance.

Version 8.1.2 (06/04/2016)

  • 🔗 Commit 3ce21 • Optimization
    Optimization of HTML code to make pages smaller and faster to download and render.

Version 8.1.1 (04/04/2016)

  • Fixed a bug or slow indexes which improved the performance of vulnerability display a lot.

Version 8.1.0 (01/04/2016)

Version 8.0.0 (14/03/2016) ⭐

Version 7.1.3 (11/03/2016)

  • 🔗 Commit a0b92 • Optimization
    Establish VulDB as independent service to gain more flexibility.

Version 7.1.2 (23/02/2016)

Version 7.1.1 (17/02/2016)

  • 🔗 Commit 07bfb • Optimization
    Renaming the Twitter handle from scipvulbot to "vuldb"https://twitter.com/vuldb.

Version 7.1.0 (19/01/2016)

  • 🔗 Commit 55bf1 • Feature
    Enhancing statistical overview to provide previews and forecasts based in historical data.

  • 🔗 Commit 72424 • Feature
    Creating new text for different pages and sub-pages.

Version 7.0.5 (01/12/2015)

  • 🔗 Commit ea951 • Optimization • Customer request
    Adding caching modules to improve site performance. Caching is possible per site and file.

Version 7.0.4 (20/11/2015)

  • 🔗 Commit 58def • Optimization • Customer request
    Increasing update frequency of existing entries.

Version 7.0.3 (19/08/2015)

  • Corrected the listing of multiple authors of a vulnerability.

Version 7.0.2 (07/08/2015)

  • 🔗 Commit 3b6e7 • Optimization
    More performance optimization of database queries.

Version 7.0.1 (03/08/2015)

Version 7.0.0 (10/07/2015) ⭐

  • 🔗 Commit 243a7 • Feature
    Redesign of modular frontpage with the introduction of Top 5 lists.

Version 6.31.0 (07/07/2015)

Version 6.30.0 (09/03/2015)

  • 🔗 Commit e19c1 • Feature
    Introduction of new queue for vulnerability processing by mod team.

Version 6.29.3 (25/02/2015)

  • 🔗 Commit 8695f • Optimization
    Optimization of all X-Force data import and display.

Version 6.29.2 (03/02/2015)

  • 🔗 Commit 3453e • Optimization
    Optimizaton of summaries and descriptions of vulnerability entries.

Version 6.29.1 (08/01/2015)

  • 🔗 Commit 7ac76 • Optimization
    Optimization of version descriptions of vulnerability entries.

Version 6.29.0 (24/06/2014)

Version 6.28.0 (26/05/2014)

  • 🔗 Commit 0f72a • Feature
    Introduction of the "see also" hint which lists entries with are connected or similar.

Version 6.27.0 (17/04/2014)

  • 🔗 Commit 35f6f • Feature
    Adding a field to declare the date of the introduction of a vulnerability.

Version 6.26.1 (27/03/2014)

  • 🔗 Commit 3efc3 • Optimization
    Optimization of queuing of new vulnerabilities to better prioritize processing.

Version 6.26.0 (20/03/2014)

Version 6.25.12 (14/03/2014)

Version 6.25.11 (07/03/2014)

  • 🔗 Commit d0dda • Optimization
    Optimizing collision detection during the processing of new entries.

Version 6.25.10 (10/02/2014)

  • 🔗 Commit ce076 • Optimization
    Optimizing summaries regarding sources of vulnerability entries.

Version 6.25.9 (29/01/2014)

  • 🔗 Commit 03d37 • Optimization
    Added helper for vulnerability moderation team to determine arguments of attacks faster and more reliable.

Version 6.25.8 (28/01/2014)

Version 6.25.7 (23/01/2014)

  • 🔗 Commit 61b0d • Optimization
    Optimizing helper for vulnerability moderation team to complete new and existing entries with additional data. This increases data quality drastically.

Version 6.25.6 (14/01/2014)

  • Fixed a bug where sometimes summaries and descriptions did contain spaces twice instead of once. This was just a problem in the HTML source code and not on the rendered web site.

Version 6.25.5 (09/01/2014)

  • 🔗 Commit 1cd31 • Optimization
    Added helper for vulnerability moderation team to determine keywords which shall be used within the title of a vulnerability entry.

Version 6.25.4 (19/12/2013)

  • 🔗 Commit 12a4f • Optimization
    Optimizing the autocomplete feature to update new entries with historical data.

Version 6.25.3 (06/11/2013)

  • 🔗 Commit 1434c • Optimization
    Optimizing the pre-parser to handle import of new vulnerability entries.

Version 6.25.2 (22/10/2013)

  • 🔗 Commit a52cf • Optimization
    Changing the algorithm to calculate the current threat level.

Version 6.25.1 (21/10/2013)

  • 🔗 Commit 921d7 • Optimization
    Changing the algorithm to calculate the risk rating of vulnerability entries.

Version 6.25.0 (18/10/2013)

Version 6.24.0 (17/10/2013)

  • 🔗 Commit 01303 • Feature
    Introducing the threat level to show an indicator for the current vulnerability landscape.

Version 6.23.0 (03/10/2013)

  • 🔗 Commit e8e8f • Feature
    Adding the possibility to add a custom word to the title to provide more details on first sight.

Version 6.22.0 (01/10/2013)

  • 🔗 Commit f8c1e • Feature
    Establishing a background updater which handles entries which need to be updated without interfering with the manual work of the moderation team.

  • 🔗 Commit 5abb3 • Optimization
    Enhancement of the review procedure of CVE entries pushed by MITRE to improve processing and quality.

Version 6.21.0 (13/09/2013)

Version 6.20.1 (12/09/2013)

  • 🔗 Commit 088ac • Optimization
    Completing all existing entries with Secunia data.

Version 6.20.0 (11/09/2013)

Version 6.19.0 (10/09/2013)

Version 6.18.0 (23/08/2013)

Version 6.17.0 (12/08/2013)

Version 6.16.0 (09/08/2013)

Version 6.15.2 (05/07/2013)

  • 🔗 Commit 4dffe • Optimization
    Enhancement of the review procedure of Nessus entries.

Version 6.15.1 (28/06/2013)

  • 🔗 Commit 4b14b • Optimization
    Optimizing the plausability checks during vulnerability moderation to prevent contradicting and wrong data.

Version 6.15.0 (19/06/2013)

Version 6.14.1 (11/06/2013)

  • 🔗 Commit 0b61c • Optimization
    Updating large quantities of vulnerabilities is now improved thanks to incremental updates.

Version 6.14.0 (03/06/2013)

Version 6.13.0 (31/05/2013)

  • 🔗 Commit 22b2b • Feature
    Added the capability to add quotes from advisories to enrich entries.

  • 🔗 Commit 22b2b • Feature
    Added the capability to add links to videos for a vulnerability.

Version 6.12.0 (29/04/2013)

Version 6.11.0 (11/04/2013)

  • 🔗 Commit 6a9d2 • Feature
    Added the capability to list multiple different products in an affected list. This is done additionally to the main product that is affected by a vulnerability.

Version 6.10.2 (04/04/2013)

  • 🔗 Commit 239ac • Optimization
    Enhanced input validation mechanism during vulnerability management to prevent mistakes regarding vendor/product definitions.

Version 6.10.1 (28/03/2013)

  • 🔗 Commit 497c0 • Optimization
    Optimization of logging and tracking of queued items processed by the moderation team.

Version 6.10.0 (19/03/2013)

  • 🔗 Commit c46f6 • Feature
    Added input validation mechanisms during vulnerability management.

  • 🔗 Commit bc987 • Optimization
    Optimized input validation mechanisms during vulnerability management.

Version 6.9.1 (09/01/2013)

  • Fixed an issue in the database. This did only affect moderation of vulnerabilities and was not reflected on the user-side of the service.

Version 6.9.0 (21/12/2012)

  • 🔗 Commit 79a9b • Feature
    Added a feature to normalize terms between different vulnerability entries.

Version 6.8.1 (26/11/2012)

  • 🔗 Commit d0a20 • Optimization
    Prepared the support for Milw0rm data for entries with an ID up to 50000.

Version 6.8.0 (31/10/2012)

Version 6.7.0 (15/10/2012)

Version 6.6.0 (01/10/2012)

Version 6.5.0 (24/09/2012)

Version 6.4.0 (04/07/2012)

Version 6.3.0 (18/06/2012)

Version 6.2.2 (05/06/2012)

  • 🔗 Commit 895ea • Optimization
    Optimizing the autocomplete feature to update new entries with historical data.

Version 6.2.1 (10/04/2012)

Version 6.2.0 (13/03/2012)

Version 6.1.1 (09/03/2012)

Version 6.1.0 (08/03/2012)

  • 🔗 Commit c17b6 • Feature
    Added the calculation of the exposure time which measures the time of the disclosure and the mitigation possibilities of a vulnerability.

  • 🔗 Commit 23aa8 • Optimization
    Reviewed all available data of OSVDB.

Version 6.0.0 (06/03/2012) ⭐

Version 5.2.2 (05/03/2012)

Version 5.2.1 (02/03/2012)

Version 5.2.0 (15/02/2012)

  • 🔗 Commit d6183 • Feature
    Added web import feature for vulnerability moderators to handle new entries based on web ressources.

Version 5.1.0 (06/01/2012)

  • 🔗 Commit 2e4ed • Feature
    Added single import feature for vulnerability moderators to handle single entries outside the regular queueing.

Version 5.0.0 (22/02/2011) ⭐

  • 🔗 Commit 04086 • Feature
    Establishing new database backend with much more possibilities.

Version 4.10.2 (01/12/2010)

  • 🔗 Commit 8b4df • Optimization
    Move to more powerful hardware due to increase in access.

Version 4.10.1 (30/07/2010)

Version 4.10.0 (10/06/2010)

  • 🔗 Commit 57677 • Feature
    Adding Alert Info on web site to inform visitors about latest critical issue.

  • 🔗 Commit 80bfa • Feature
    Delivering ads for non-paying and unauthenticated users.

  • 🔗 Commit acc6f • Optimization
    Optimizing database structure for more flexibility and performance.

Version 4.9.0 (08/03/2010)

Version 4.8.1 (10/02/2010)

Version 4.8.0 (08/02/2010)

  • 🔗 Commit 47351 • Feature
    Adding the alert info on top of the site to show the most recent vulnerability with the highest emergency rating.

Version 4.7.2 (05/02/2020)

Version 4.7.1 (02/02/2010)

Version 4.7.0 (11/01/2011)

  • 🔗 Commit 90de3 • Feature • Customer request
    Added VulDB Alert to inform customers about issues applicable for them.

Version 4.6.0 (16/12/2009)

Version 4.5.0 (27/10/2009)

Version 4.4.0 (03/09/2009)

Version 4.3.0 (25/08/2009)

  • Completing existing entries with mast actual data. This includes but is not limited to CVE, Secunia, SecurityTracker, vendor, and confirmation details.

Version 4.2.0 (20/08/2009)

Version 4.1.0 (01/08/2009)

Version 4.0.1 (26/06/2009)

Version 4.0.0 (23/06/2009) ⭐

Version 3.5.0 (01/07/2006)

Version 3.4.0 (19/05/2004)

Version 3.3.0 (01/01/2004)

Version 3.2.0 (19/12/2003)

Version 3.1.0 (18/11/2003)

Version 3.0.0 (01/03/2003) ⭐

  • 🔗 Commit 94f12 • Feature
    Bugbase is completely re-written in Perl and uses a dedicated backend for vulnerability moderation to gain more flexibility.

  • 🔗 Commit 94f12 • Optimization
    Bugbase is re-branded as scip VulnDB and hosted on www.scip.ch.

Version 2.0.0 (01/09/2002) ⭐

  • 🔗 Commit 51e87 • Optimization
    Changed from static web site to dynamic database (with the kind support of DukeCS).

Version 1.0.0 (01/01/1997) ⭐

Interested in the pricing of exploits?

See the underground prices here!