Version 16.22.9 (20/09/2023)
- Commit 2b9d4OptimizationImprovement of flooding and denial of service protection to guarantee an even more reliable service.
Version 16.22.8 (17/09/2023)
- Commit a91bfOptimizationThe fields
software_website_productare now auto-completed much better to provide improved data quality for less popular entries.
Version 16.22.7 (15/09/2023)
- Commit eb2dfBugfixCustomer requestFixed an issue where duplicates in CPE lists were creating odd JSON responses.
Version 16.22.6 (31/08/2023)
- Commit 311c6BugfixCustomer requestFixed an issue where exported CPE lists (JSON) were shown as objects instead of arrays. Reported by Dave Thornley.
Version 16.22.5 (29/08/2023)
- Commit 914caOptimizationImproved handling of malicious requests to guarantee availability and responsiveness for our customers.
Version 16.22.4 (09/08/2023)
- Commit 1e7dcBugfixSums and average data of yearly views were not calculated correctly if there was a month with zero data.
Version 16.22.3 (03/08/2023)
- Commit b7490OptimizationVulnerability data storage of
source_nessus_typeis much more efficient which increases performance as well.
Version 16.22.2 (02/08/2023)
- Commit 65890OptimizationBetter handling of obsolete links to discontinued vulnerability sources.
Version 16.22.1 (01/08/2023)
- Commit 4423bOptimizationVulnerability data storage of
source_vulnerabilitycenter_severityis much more efficient which increases performance as well.
Version 16.22.0 (31/07/2023)
- Commit 09088FeatureCustomer requestChanges to the personal filter are now considered critical and as such they will inform the user about the edit via email.
Version 16.21.7 (30/07/2023)
- Commit d6b1eOptimizationVulnerability data storage of
source_secunia_riskis much more efficient which increases performance as well.
Version 16.21.6 (29/07/2023)
- Commit 3a72bBugfixA display bug showed merged vulnerability submissions as rejected instead of merged into the existing entry. Thanks to Calvin Star for making us aware of this issue.
Version 16.21.5 (26/07/2023)
- Commit b552bBugfixIn CTI views the list of references was not revealed entirely even if the user had a proper license.
Version 16.21.4 (24/07/2023)
Version 16.21.3 (19/07/2023)
- Commit 707b0OptimizationBetter IP address association for verified IOC (Indicators of Compromise). This increases the accuracy of CTI analysis of vulnerability entries.
Version 16.21.2 (17/07/2023)
- Commit 71759OptimizationThe submission form for new vulnerabilities allows URLs for exploits as well.
Version 16.21.1 (16/07/2023)
Version 16.21.0 (05/07/2023)
- Commit 0c32cFeatureSometimes CNAs assign duplicate CVEs for the same vulnerability. We do now show such duplicates to help to better understand connections between CVE entries.
Version 16.20.3 (27/06/2023)
- Commit 6ee4cOptimizationBetter identification of vulnerability entries which affect products that are end-of-life. Version-specific association is now possible.
Version 16.20.2 (26/06/2023)
- Commit bb031OptimizationImprovement of CTI analysis for vulnerabilities that spike within short timeframes (hours and days). The data is loaded, analyzed, and presented much faster.
Version 16.21.2 (17/07/2023)
- Commit 39c9aOptimizationOptimization of monoblock capabilities to handle vulnerability data.
Version 16.20.0 (13/06/2023)
- Commit e7287FeatureThere is also a list of most recent IP addresses added as IOCs available for paying users.
Version 16.19.0 (10/06/2023)
Version 16.18.1 (03/06/2023)
- Commit e3b45OptimizationDetection of commit collisions during editing of vulnerability data. Entries will be locked until an edit has been finalized.
Version 16.18.0 (26/05/2023)
Version 16.17.2 (23/05/2023)
- Commit b7248OptimizationImproved use of vulnerability names for better data matching on the web service.
Version 16.17.1 (17/05/2023)
- Commit 6f54eOptimizationUpgraded database servers to improve performance during peak times.
Version 16.17.0 (13/05/2023)
- Commit b7e2dFeatureAPI ChangeCustomer requestIn API 2.37/3.57 introduction of the field
source_cve_duplicateto indicate whether a duplicate CVE has been assigned to an entry.
Version 16.16.4 (11/05/2023)
- Commit 0fa94BugfixFixed a minor view issue with Indicator of Compromise (IOC) tables that list IP ranges.
Version 16.16.3 (10/05/2023)
- Commit 8f483BugfixFixed an issue where sync of researcher data with the CVE stream did not happen properly under certain circumstances.
Version 16.16.2 (05/05/2023)
- Commit ba5c5Optimization
Version 16.16.1 (03/05/2023)
- Commit bf769OptimizationImproved intelligent matching of vendor and product definitions in all search queries, especially in multi-line fields.
Version 16.16.0 (29/04/2023)
- Commit eaaf4Feature
Version 16.15.1 (22/04/2023)
- Commit e45eaOptimizationThe discussion possibility for vulnerabilities mentions that they are intended for public exchange and not fort support queries. Use the contact form instead to approach our support team.
Version 16.15.0 (21/04/2023)
- Commit f33dfFeature
Version 16.14.1 (18/04/2023)
- Commit f5a6cOptimizationImprovement of the field
advisory_typeto indicate where a vulnerability disclosure is originating from.
- Commit 9cf62BugfixAPI ChangeFixed an issue where under certain circumstances the field
advisory_typewas not shown in an API response.
Version 16.14.0 (17/04/2023)
- Commit a040aFeatureAdded the setting to enable count information for certain views in the site title. This helps to determine how many items are listed on a page.
- Commit 2ef13BugfixFixed an issue in the overview of personal posts which did not show the name of a vulnerability entry properly.
Version 16.13.2 (16/04/2023)
- Commit 9a6a2OptimizationChanged the HTML title of vulnerability entries to use a colon instead of a pipe symbol as delimiter. Please update your parsers if you are relying on this data structure.
Version 16.13.1 (15/04/2023)
- Commit 22190OptimizationPerformance optimization for all views that list our entries as a CVE Numbering Authority.
- Commit 853b1OptimizationAccess to all entries that are maintained by us as the responsible CVE Numbering Authority are accessible without any restrictions for all users.
Version 16.13.0 (09/04/2023)
- Commit 792c6FeatureAccess to our activities as a CVE Numbering Authority possible by year. This has become mandatory due to the enormous amount of CVEs that we are handling.
- Commit a1d8bOptimizationRecent CNA entries do now redirect to the current year.
Version 16.12.1 (02/04/2023)
- Commit 2085fOptimizationImproved the speed and accuracy of the display of recent vulnerabilities on the front page.
Version 16.12.0 (01/04/2023)
- Commit 67624FeatureAPI ChangeIn API 3.56 sources that are not available anymore are shown with the
unavailabletag which contains the reason. This helps to determine defunct companies and dead links.
- Commit b5b18FeatureVulnerability entries indicate broken external links to help determine defunct companies and dead links.
Version 16.11.1 (31/03/2023)
Version 16.11.0 (23/03/2023)
- Commit 7a109FeatureAPI ChangeIn API 2.36/3.55 introduction of the field
source_cve_duplicateofto indicate CVE assignments which are potential duplicates of existing CVE assignments.
Version 16.10.3 (17/03/2023)
- Commit 05831OptimizationOptimized the speed to update community points earned by users for submissions of new vulnerability entries.
Version 16.10.2 (16/03/2023)
- Commit 7b3a5OptimizationImproved accuracy of indicators for vulnerability entries of managed serviced that cannot get a CVE according to current CAN rules.
Version 16.10.1 (13/03/2023)
- Commit ab8a8OptimizationCustomer requestHandling of CPE values of vulnerabilities was optimized to provide better accuracy of data.
Version 16.10.0 (11/03/2023)
- Commit c639dFeatureCustomer requestComments of vulnerability entries will show official replies by our community team to help visitors to understand details and inner workings of our processes.
- Commit 13ff7FeatureHovering over the time indicator of comments will show the exact time of the submission.
Version 16.9.3 (09/03/2023)
- Commit f3d56OptimizationPerformance improvement of EPSS (Exploit Prediction Scoring System) value handling.
Version 16.9.2 (19/02/2023)
- Commit 72d23OptimizationReferences lists use the general naming convention for VulDB entries as well.
Version 16.9.1 (16/02/2023)
- Commit 636ccOptimizationMuch better performance of the service by optimizing the partitioning of data. Especially if there are many tasks handled at the same time.
Version 16.9.0 (15/02/2023)
- Commit dc811FeatureSwitches VulDB CVSSv3 scores from 3.0 to 3.1 to adopt latest version of the industry standard.
Version 16.8.0 (13/02/2023)
- Commit 8a926FeatureAPI ChangeCustomer requestIn API 3.54 the field
software_managedserviceis introduced to indicate products that are managed services and therefore not maintained by users.
Version 16.7.0 (11/02/2023)
- Commit 0ceebFeatureAPI ChangeCustomer requestIn API 1.17/2.35/3.53 the field
software_rollingreleaseis introduced to indicate whether the product is not using version numbering but establishing a rolling release instead.
- Commit 27319FeatureAPI ChangeThe changelog does now flag changes to the API as such. This helps customers to identify changes that might require their attention regarding automated processing of data.
Version 16.6.12 (03/02/2023)
- Commit 1c4caOptimizationAPI ChangeCustomer requestInvalid URL requests to the API are not always redirected to prevent inefficient usage of the API.
Version 16.6.11 (28/01/2023)
- Commit 9e571BugfixAPI ChangeCustomer requestFixed an issue in the API where request for
entry_timstampe_changefor older entries did not return the desired amount of items.
Version 16.6.10 (23/01/2023)
Version 16.6.9 (22/01/2023)
- Commit 05f5cOptimizationImprovement of the Google Hacking view which provides a wide variety of Google Dorks.
- Commit 32026OptimizationFaster and smarter processing of cache data which improves the overall performance of the service drastically.
Version 16.6.8 (21/01/2023)
- Commit 830d3OptimizationInvalid URL requests to the service are usually redirected, to point the user to the correct URL. This is now approached more consistantly.
Version 16.6.7 (20/01/2023)
- Commit e6e23OptimizationPerformance optimization to increase responsibility for a wide variety of views.
Version 16.6.6 (12/01/2023)
- Commit 6c542OptimizationImprovement of search by purl statements. Better matching of products and versions possible.
Version 16.6.5 (11/01/2023)
- Commit 7c9bdOptimizationBetter indicator for disputed vulnerability entries that are handled by our CNA team.
Version 16.6.4 (10/01/2023)
- Commit c8bc3Bugfix
Version 16.6.3 (09/01/2023)
- Commit 9b662OptimizationBetter handling of user sessions, especially if there is a lot of activities on the service.
Version 16.6.2 (07/01/2023)
- Commit 5e9a7Optimization
- Commit cfb9aOptimizationMuch better performance for moderators to import new vulnerabilities.
Version 16.6.1 (04/01/2023)
- Commit cd64fOptimization
Version 16.6.0 (03/01/2023)
- Commit 02196Feature
Version 16.5.4 (02/01/2023)
- Commit 9a5e1OptimizationExtended display of multiline quotes of vulnerabilities for software, advisories, vulnerabilities, exploits, and countermeasures.
Version 16.5.3 (21/12/2022)
- Commit 89dfeBugfixIn very rare cases the derivative identification of vulnerability classes was not working.
Version 16.5.2 (18/12/2022)
- Commit 6924dOptimization
Version 16.5.1 (17/12/2022)
Version 16.5.0 (16/12/2022)
- Commit 91e21FeatureAPI ChangeCustomer request
Version 16.4.6 (12/12/2022)
- Commit 1b860Optimization
Version 16.4.5 (10/12/2022)
- Commit 47588OptimizationAPI ChangeMore performance improvement of the API for timeranges like
Version 16.4.4 (08/12/2022)
- Commit fc381OptimizationAPI ChangeCustomer requestIn API 3.52 performance optimization of certain queries requesting timeranges like
Version 16.4.3 (07/12/2022)
- Commit dba58OptimizationImproved handling of duplicate vulnerability entries. These are processed much faster, flagged as duplicates or even hidden under certain circumstances.
Version 16.4.2 (05/12/2022)
- Commit 67c94Optimization
Version 16.4.1 (04/12/2022)
- Commit 8dc47OptimizationAccess to cyber threat intelligence information which is not unlocked yet will show a proper amount of demo data to help to understand features, coverage, and possibilities.
Version 16.4.0 (03/12/2022)
- Commit 12800FeatureCustomer request
Version 16.3.4 (26/11/2022)
- Commit dae79OptimizationImproved extended CPE dictionary generation. By dropping attributes that are not necessary the file generation becomes faster and the file becomes smaller.
Version 16.3.3 (25/11/2022)
- Commit 726b4OptimizationHardware upgrade for better memory and processing handling.
Version 16.3.2 (22/11/2022)
- Commit 21d9bOptimizationImproved coverage and flagging of software products known to be end-of-life.
Version 16.3.1 (21/11/2022)
- Commit 23f71OptimizationBetter handling of vulnerability entries flagges as false-positives or revoked data parts. Summaries reflect the status better and overviews tag them more prominent.
Version 16.3.0 (18/11/2022)
- Commit 085b7FeatureAdditional links to the internal knowledge base and external sources available in vulnerability summaries and descriptions. This makes research a lot faster, easier, and more comfortable.
Version 16.2.0 (08/11/2022)
- Commit ba2e4FeatureAPI ChangeCustomer request
Version 16.1.1 (07/11/2022)
- Commit 21a87BugfixCustomer requestFixed a bug where some searches for CPE strings were not working properly.
Version 16.1.0 (31/10/2022)
- Commit 62218FeatureAPI ChangeCustomer request
Version 16.0.3 (20/10/2022)
- Commit 698a4BugfixFixed an issue on the front page where under certain circumstances the exploit price overview was not refreshed properly.
Version 16.0.2 (19/10/2022)
- Commit df7bfBugfixVulnerability entries without the definition of
software_versionbut with a definition of
countermeasure_upgrade_versionwill show this information properly in the document title.
Version 16.0.1 (18/10/2022)
- Commit f18eeOptimizationVulnerability entries list associated changesets with date and count of changes. This makes it easier to understand the lifecycle of an entry.
Version 16.0.0 (15/10/2022)
- Commit 30f76FeatureCustomer requestThe vulnerability data team is taking advantage of the new source monitoring modules. An advanced artificial intelligence enumerates different sources to determine new vulnerabilities or additional details. If such are found, they are added to the submission queue and will be reviewed by the moderation team. This will increase coverage, processing speed, and data quality of vulnerability entries drastically.
Version 15.5.6 (10/10/2022)
- Commit 6ab11Optimization
Version 15.5.5 (07/10/2022)
- Commit fb472OptimizationOptimization of the user menu as shown on devices with smaller screens.
Version 15.5.4 (06/10/2022)
- Commit 78b19OptimizationSites showing search results with a new search form will set the focus on the form field for faster processing of new search queries.
Version 15.5.3 (30/09/2022)
- Commit 53399BugfixAPI ChangeCustomer requestIn API 3.48 fixed an issue for the
fieldparameter where only old notations of
vulnerability_cvss3_tempvector_vuldbinstead also of
- Commit 4995fOptimizationAPI ChangeIn API 1.16/2.34/3.49 a more graceful handling of too many definitions in the
fieldsparameter got established. If there are too many fields defined, only the first ones will be used and the others silently ignored.
Version 15.5.2 (28/09/2022)
- Commit aaebcOptimizationBetter handling of data uncertainty while generating stats and charts to improve result accuracy.
Version 15.5.1 (25/09/2022)
- Commit 3985dOptimizationAPI Change
- Commit abeb0OptimizationAdditional data analysis is also able to provide derivative Google Hacking strings in vulnerability summaries, descriptions, and detail listings.
Version 15.5.0 (23/09/2022)
- Commit 7fe8bFeatureCustomer requestWe have introduced a Google Hacking Database containing exclusive dorks.
Version 15.4.1 (20/09/2022)
- Commit c9710OptimizationImproved the declaration of impacts within description and summaries of vulnerabilities.
Version 15.4.0 (19/09/2022)
- Commit fdc84FeatureCustomer request
Version 15.3.11 (18/09/2022)
Version 15.3.10 (15/09/2022)
- Commit 8028cOptimizationBetter memory handling of the service to improve responsiveness of queries and views.
Version 15.3.9 (14/09/2022)
- Commit 0e2c2OptimizationImprovement of countermeasure handling of vulnerabilities to save space, gain better performance, and faster processing of entries.
Version 15.3.8 (11/09/2022)
- Commit b4aecBugfixFixed an issue where empty CWE data was shown in vulnerability entries. This was just an interface error on the web frontend.
Version 15.3.7 (08/09/2022)
- Commit e5ba5BugfixCustomer requestFixed an issue with the RSS feeds where certain special characters in the title element lead to XML validation errors. Reported by Calvin Mende.
Version 15.3.6 (07/09/2022)
- Commit 3c399BugfixCustomer request
Version 15.3.5 (06/09/2022)
- Commit 144c0BugfixAPI ChangeCustomer requestFixed an issue where certain search requests via web and API were not executed at all. Reported by user showmax
Version 15.3.4 (05/09/2022)
- Commit 61068OptimizationAnother performance improvement of search queries. Lookups for functions and arguments are now multiple times faster as well.
Version 15.3.3 (02/09/2022)
- Commit 6ae56OptimizationCustomer requestPerformance improvement of search queries. Especially queries for URLs are now multiple times faster.
Version 15.3.2 (30/08/2022)
- Commit 0acc3OptimizationBetter performance and accuracy of parsing of vulnerability data during moderation process.
Version 15.3.1 (29/08/2022)
Version 15.3.0 (27/08/2022)
- Commit 13bc6FeatureCustomer requestVulnerability entries show multiple CWE if available. In this case they are listed in descending order of accuracy.
Version 15.2.3 (19/08/2022)
- Commit 87315OptimizationVulnerability entries flagged as false-positive are shown with this tag in lists (e.g. overview, search).
Version 15.2.2 (17/08/2022)
- Commit 4bf82OptimizationAnother improvement of entropy of the CSRF token generation for critical forms.
Version 15.2.1 (14/08/2022)
- Commit 6d5faOptimizationAPI ChangeIn API 3.46 he virtual fields
countermeasure_remediationlevelprovide better data accurary to improve data quality.
Version 15.2.0 (11/08/2022)
- Commit c5cd8FeatureAPI ChangeCustomer requestIn API 3.45 the Vulnerability API is able to show additional CTI information by enabling
cti=1within requests. This is possible for free accounts, commercial accounts and enterprise accounts with the CTI option enabled. The real-time availability of the data introduces some increased round trip times for such queries.
Version 15.1.2 (09/08/2022)
- Commit 0d06aOptimizationBetter matching of natural search when it comes to short words which causes less false-negatives.
Version 15.1.1 (12/07/2022)
- Commit b168aOptimizationFixed an issue where vulnerabilities with product versions ending with
.xwildcards were handled inapprorpiately.
Version 15.1.0 (08/07/2022)
- Commit 5134eFeatureCustomer requestCertain views contain a column listing the latest EPSS (Exploit Prediction Scoring System) values for vulnerabilities.
Version 15.0.0 (05/07/2022)
- Commit c13baFeatureAPI ChangeCustomer request
Version 14.27.1 (29/06/2022)
- Commit 093a3OptimizationListing of important identifiers of vulnerabilities were optimized to provide better searchability.
Version 14.27.0 (24/06/2022)
- Commit ab1f7FeatureEnglish vulnerability descriptions explain the vulnerability classes according to the CWE definitions.
Version 14.26.6 (23/06/2022)
- Commit 0761dOptimizationImproved the support for less popular CWE classes to provide better identification capabilities of exotic vulnerabilities.
Version 14.26.5 (16/06/2022)
- Commit 4a400OptimizationFaster synchronization of EPSS (Exploit Prediction Scoring System) data to increase confidence of predictions.
Version 14.26.4 (11/06/2022)
- Commit e54dfOptimizationImproved version listing for releases using letters in version numbering (e.g. OpenSSL).
Version 14.26.3 (10/06/2022)
- Commit 986a8OptimizationBetter accuracy of product requests in the Monoblock.
Version 14.26.2 (07/06/2022)
- Commit 7045aOptimizationOptimized the purchase and upgrade experience for users with better guidance and accessibility.
Version 14.26.1 (02/06/2022)
- Commit af297Optimization
Version 14.26.0 (01/06/2022)
- Commit 6b2ffFeatureCustomer requestIntroduction of the Exploit Prediction Scoring System which is able to predict chances of successful exploitation of vulnerabilities. Official EPSS data is kept in sync and shown in the vulnerability details.
- Commit 51aabFeatureAPI ChangeCustomer request
Version 14.25.10 (31/05/2022)
- Commit 6436aBugfixFixed an issue where certain links were not correctly used in the vulnerability summaries for authenticated users. Reported by Andrea Hauser
Version 14.25.9 (25/05/2022)
- Commit 57b2aOptimizationCustomer requestBetter integration of search possibilities in the site header on mobile phones.
Version 14.25.8 (23/05/2022)
- Commit 01046BugfixAPI ChangeCustomer requestIn API 3.41 accessing the field
software_cpe23is possible again. Other major releases of the API were not affected. Reported by Stefan Sander.
Version 14.25.7 (15/05/2022)
- Commit ed7b9BugfixSending certain host requests introduced the possibility for unexpected redirects. Reported by Pankaj lakshkar
Version 14.25.6 (12/05/2022)
- Commit b8eb9OptimizationImproved search intelligence to match CWE and CVE faster and with more accuracy.
Version 14.25.5 (11/05/2022)
- Commit 84bd4OptimizationAll CTI activities are available in a dedicated section. Existing links redirect to the new location.
Version 14.25.4 (10/05/2022)
- Commit 0098aBugfixCustomer requestFixed an error message which was shown under certain circumstances for recent entries.
Version 14.25.3 (06/05/2022)
- Commit e8a31OptimizationThe latest videos shown on the frontpage are updated faster to provide access to the latest entries.
- Commit dfe4eBugfixAPI ChangeCustomer request
Version 14.25.2 (04/05/2022)
- Commit 52eb6OptimizationThe personal view of My Alert shows matching entries ranging back 90 days.
Version 14.25.1 (03/05/2022)
Version 14.25.0 (02/05/2022)
- Commit 6b388FeatureAvailability of a dedicated RSS feed for changelog entries to monitor changes easily.
Version 14.24.1 (29/04/2022)
- Commit c0290OptimizationAligned icons and sidemenu in the CNA section to provide better accessibility.
Version 14.24.0 (27/04/2022)
- Commit 91fceFeatureAPI ChangeCustomer requestIn API 3.40 using the parameter
format=csvmakes it possible to output vulnerability data as CSV. Not all request types are supported, not all fields are included, and API header information is not part of the output.
Version 14.23.1 (25/04/2022)
- Commit c49ecOptimizationImproved the actor and compaign association of the CTI module. Interlinking data is better and provides results with increased accuracy.
- Commit 30e2cOptimizationCTI indicators shown are either verified or predictive and shown with the associated tag.
Version 14.23.0 (24/04/2022)
- Commit 71333FeatureThe country overview shows additional details like covered languages, TTP, IOA, and activities.
Version 14.22.0 (21/04/2022)
- Commit c3eaeFeature
- Commit 3cc50OptimizationAligned the text color of lists in databoxes to the overall style.
Version 14.21.2 (20/04/2022)
- Commit 1ca57OptimizationCustomer requestAlerts sent via email use asterisks to prevent Microsoft Outlook from deleting newlines.
- Commit 1ca57OptimizationAlerts sent via email refer to entries with the new format VDB-1234 instead of the old format ID 1234.
- Commit 00701OptimizationSwitched symbols used in the community activity stream from emoji to a dedicated font to provide better reliability on different platforms.
Version 14.21.1 (19/04/2022)
- Commit 90187OptimizationCertain elements on the frontpage use additional icons to visualize data sources.
Version 14.21.0 (16/04/2022)
- Commit 0063cFeatureAPI ChangeIn API 3.39 enabled auto-complete feature for
software_typeeven if the field is not yet defined in the monoblock.
Version 14.20.9 (14/04/2022)
- Commit 38c8fBugfix
Version 14.20.8 (13/04/2022)
- Commit 13b46Bugfix
Version 14.20.7 (11/04/2022)
- Commit 766deOptimizationPerformance optimization of certain filtered views used by the CNA team.
- Commit 45617BugfixCustomer requestThe autocomplete feature for versioning of certain products was not able to finalize the output. Reported by user lywand
Version 14.20.6 (09/04/2022)
Version 14.20.5 (08/04/2022)
- Commit 14036OptimizationCustomer requestRegistration does allow mail addresses with rather long top-level-domains.
Version 14.20.4 (01/04/2022)
- Commit 8e9e6OptimizationThe overview of monitored actors displays the number of collected IOC (Indicators of Compromise), TTP (Tactics, Techniques, Procedures), IOA (Indicators of Attack), campaigns and external references.
Version 14.20.3 (29/03/2022)
- Commit 45456OptimizationNew overview of actors shows the amount of available indicators and used sources. The list is also sortable for better viewing.
Version 14.20.2 (28/03/2022)
- Commit fdbebOptimizationUpdate of icons used in menus and on other parts of the service.
Version 14.20.1 (26/03/2022)
- Commit 30ff5OptimizationCustomer request
- Commit 30ff5OptimizationSubmissions of new vulnerabilities will request an external advisory url for further validation of the issue.
Version 14.20.0 (21/03/2022)
Version 14.19.0 (20/03/2022)
- Commit d86a3Feature
- Commit 85b71FeatureRSS feeds always show the CVE or another important identifier in the title for better searching capabilities.
- Commit 95b49OptimizationThe
languageelement of RSS feeds reflects the used content language.
Version 14.18.4 (19/03/2022)
- Commit 6bc0cOptimizationOptimized performance by using specific features and configuration settings in PHP8.
- Commit 3ce86BugfixAPI Change
Version 14.18.3 (15/03/2022)
- Commit c2804OptimizationScrollbars of elements provide better styling to improve user experience, especially on smaller screens.
Version 14.18.2 (14/03/2022)
- Commit 0893aOptimizationImproved intelligent matching of vendor and product definitions in simple searches.
Version 14.18.1 (10/03/2022)
- Commit 25badOptimizationImproved layout of the changelog items to provide better visibility.
- Commit ed2beOptimizationTimelines in vulnerability entries do always link to countermeasures if patch or upgrade URLs are known.
- Commit 91b01BugfixSome links to countermeasures were clickable but still threw a 404 even though the requested resources were available. Reported by user mael
Version 14.18.0 (09/03/2022)
- Commit 72d69FeatureItems listed in legends of charts are clickable to allow quick drilldowns.
- Commit a7e66BugfixCertain pie charts did not reflect the correct number of known matches.
Version 14.17.5 (07/03/2022)
- Commit c162cOptimizationA better layout helps vulnerability moderators to identify priority entries in the submission queue.
Version 14.17.4 (01/03/2022)
- Commit 23a47BugfixIn certain views the generation of timeline graphs was not possible if the advisory_date of an entry has been changed to another year.
Version 14.17.3 (28/02/2022)
Version 14.17.2 (27/02/2022)
- Commit c8b23OptimizationPerformance optimization of list views which contain CVSSv3 Meta Scores.
- Commit 48019BugfixUnder certain circumstances an existing remediation level based on the field
countermeasure_remediationlevelwas not shown correctly.
Version 14.17.1 (25/02/2022)
- Commit 4882dOptimizationIcon text in the submenu allows hyphenation to optimize the view on narrow screens.
- Commit 60d49OptimizationCharts for timespans are optimized to zoom into the timeframe whenever possible and useful.
Version 14.17.0 (23/02/2022)
- Commit f8d99FeatureThe applicable copyright license is shown in the footer of the page.
Version 14.16.1 (22/02/2022)
- Commit c6483OptimizationTable listings with narrow columns provide better spacing to fit the content.
Version 14.16.0 (21/02/2022)
- Commit 93389FeatureCustomer requestThe CTI views do allow for drilldown of IP addresses as IoC (Indicator of Compromise).
- Commit 9e1e2BugfixCustomer requestListing of version numbers ranging back to 0.x might have contained version 0.0. This is usually wrong and got fixed. Thanks to Cheek Yang of xFusion Digital Technologies for making us aware of this issue.
Version 14.15.1 (20/02/2022)
- Commit 24c78OptimizationCertain CTI views which have complex hostnames as IoC (Indicator of Compromise) allow much faster analysis.
Version 14.15.0 (18/02/2022)
- Commit 4da51FeatureCustomer requestCustom CTI analysis contains IOC (Indicator of Compromise), TTP (Tactics, Techniques, Procedures) and IOA (Indicator of Attack) as well.
Version 14.14.0 (17/02/2022)
- Commit 52552FeatureCustomer requestThe CTI view for countries lists popular TTP (Tactics, Techniques, Procedures) and IOA (Indicator of Attack) as well.
Version 14.13.4 (09/02/2022)
- Commit 291bfOptimizationSearch requests for CVE identifiers detects mismatching dashes (e.g. en and em) and corrects them automatically.
Version 14.13.3 (08/02/2022)
- Commit f7d1bOptimizationPerformance optimization of data analysis of APT actors.
- Commit 7c6d0OptimizationImprovement of CTI actor report generator for GitHub repository.
Version 14.13.2 (31/01/2022)
- Commit b0bffOptimizationActivity charts provide data with better accuracy.
- Commit b0bffOptimizationActivity charts have a better performance during generation.
Version 14.13.1 (30/01/2022)
- Commit f1aa5OptimizationPerformance optimization of APT actor association charts during generation.
Version 14.13.0 (28/01/2022)
- Commit 6defcFeatureAPI Change
Version 14.12.1 (27/01/2022)
- Commit 37a7cOptimizationAPI ChangeIn API 1.13/2.29/3.37 provoking
405 Unknown request typeerrors again is only possible after a few minutes. This prevents flooding the API access log and prevents misconfigured clients from exhausting the API credits quickly.
Version 14.12.0 (24/01/2022)
- Commit 78570FeatureAPT actor analysis view adds associated campaign details for IOC.
- Commit 78570FeatureAPT actor analysis view adds associated CWE details for TTP.
- Commit 26292OptimizationGeneral performance optimization for all APT actor analysis views.
- Commit 1e67cOptimizationData shown in APT actor analysis view for non-authenticated users is based on real-time data.
Version 14.11.8 (21/01/2022)
- Commit b1aa4OptimizationImprovement of URL validation during moderation to prevent incorrect values.
Version 14.11.7 (15/01/2022)
- Commit 9fa88OptimizationImproved security of SPF and DMARC. Recommendations were submitted by Nikhil Rane.
- Commit 9fa88OptimizationImproved security and usability of signup procedure and passwort recovery procedure. Recommendations were submitted by Nikhil Rane.
Version 14.11.6 (14/01/2022)
- Commit 68c68OptimizationLayout optimization of certain forms using additional information or CAPTCHA elements.
Version 14.11.5 (13/01/2022)
- Commit ac2a6OptimizationPerformance tweaks of certain views.
Version 14.11.4 (12/01/2022)
- Commit 28f48OptimizationHighly improved performance of APT actor analysis. Especially such with many known indicators of compromise.
Version 14.11.3 (11/01/2022)
- Commit b59d0OptimizationPerformance and memory optimization of certain queries which do not need CTI data to be shown.
Version 14.11.2 (07/01/2022)
- Commit 9ade9OptimizationMulti-threading has been optimized to decrease resource consumption and to increase performance.
- Commit 509bbOptimizationExternal links in the table of contents of the Knowledge Base open a new window.
Version 14.11.1 (05/01/2022)
Version 14.11.0 (04/01/2022)
- Commit bfdcdFeatureCustomer request
Version 14.10.2 (28/12/2021)
- Commit f43ddBugfixUsers hiding their profile were not able to show their own profile. This has been fixed.
Version 14.10.1 (24/12/2021)
- Commit 8b772OptimizationCustomer requestScrollbars on Mozilla browsers are styled or even hidden whenever useful to provide a better user experience on smaller screens.
Version 14.10.0 (23/12/2021)
- Commit ac413FeatureThe new status page shows the status, load and utilization of service components.
Version 14.9.0 (22/12/2021)
- Commit a0614Feature
- Commit e8c35OptimizationCyber threat intelligence activity scores on the front page are shown as bars to indicate heat faster.
Version 14.8.1 (18/12/2021)
Version 14.8.0 (17/12/2021)
- Commit bb5aeFeatureCustomer requestLanguage support for Russian (ru). This includes basic parts of the web site and vulnerability details.
Version 14.7.0 (14/12/2021)
Version 14.6.0 (12/12/2021)
Version 14.5.0 (11/12/2021)
- Commit 5e850FeatureEntires in the Knowledge Base are linked to the table of contents to provide better accessibility of information.
- Commit d184fOptimizationSlightly improved confirmation email messages for moderated submissions.
Version 14.4.1 (10/12/2021)
- Commit 5213bOptimizationCommit details show more information and link to additional resources.
- Commit 03ef5OptimizationPerformance optimization of the front page which loads the vulnerability of the day much faster.
Version 14.4.0 (09/12/2021)
- Commit 53394FeatureCustomer requestAll documentation files are moved into the new Knowledge Base. Old links to the documentation remain valid.
- Commit e75bdOptimizationOptimized padding of breadcrumb items provides better usability.
Version 14.3.1 (08/12/2021)
- Commit 9f087OptimizationNew multi-threading handling of expensive database queries increases the performance of many requests and views.
Version 14.3.0 (07/12/2021)
- Commit 0328bFeatureAdded a breadcrumb navigation item to access higher level sections easier.
- Commit 20adeFeatureRelease versions in the changelog might be accessed via ID.
- Commit ebad6BugfixThe user data in the side menu are shown properly even if there are very long strings used.
Version 14.2.0 (06/12/2021)
- Commit 3deaeFeature
- Commit 06fc8OptimizationCommits listed in the changelog have type badges for better identification.
Version 14.1.3 (05/12/2021)
- Commit 6ba63OptimizationDatabox with vulnerability of the day uses better search box for increased accessibility.
Version 14.1.2 (04/12/2021)
- Commit ab33bOptimizationResponsive app elements behave better on smaller rectangular screens.
- Commit 07841BugfixAll risk views show data properly under any circumstances for authenticated users.
Version 14.1.1 (03/12/2021)
- Commit e5209OptimizationCustomer requestThe layout for printing views is optimized for better user experience.
- Commit d0822Optimization
- Commit fa317OptimizationThe user menu layout has been optimized for better readability. Especially VulDB moderators and administrators get easier access to relevant data.
Version 14.1.0 (02/12/2021)
- Commit e68e7FeatureSome chart types, especially pie charts and doughnut charts, show an additional legend to provide better visibility of data.
- Commit 2fa71OptimizationCustomer requestThe responsiveness of the user menu on the side behaves better on smaller screens.
- Commit ee455OptimizationExternal URLs to MITRE CVE link to the new cve.org domain.
Version 14.0.1 (01/12/2021)
- Commit 786ddOptimizationMinor optimizations of layout elements of new app layout.
- Commit 61570OptimizationCustomer request
Version 14.0.0 (30/11/2021)
- Commit bb919FeatureCustomer requestRelaunch of the service with a new layout and extended app capabilities.
Version 13.41.1 (11/11/2021)
- Commit a667cOptimizationVulnerability entries without user comments show the requested languages, even if English was the only language selected.
- Commit 1ff69OptimizationLayout of the login recommendation to comment on vulnerability entries was optimized.
Version 13.41.0 (10/11/2021)
- Commit 0c2aeFeatureCustomer request
Version 13.40.1 (09/11/2021)
- Commit dbc8aBugfixAPI ChangeIn API 2.28/3.36 the field
vulnerability_bugbounty_priceis only shown if there is a bug bounty price defined.
- Commit 5fe48OptimizationPerformance improvement (CPU and memory consumption) of long list views.
Version 13.40.0 (08/11/2021)
- Commit 505beFeatureAPI ChangeCustomer requestin API 2.27/3.35 it is now possible to use URL encoding in advanced search queries to make them much easier to handle.
Version 13.39.1 (06/11/2021)
- Commit 1c057BugfixCustomer requestUnder rare circumstances a timeframe request did contain entries outside the defined timeframe. Additional validation has been introduced to prevent this effect. Reported by user guliang
Version 13.39.0 (03/11/2021)
- Commit 02e0bFeatureCustomer requestLanguage support for Portuguese (pt). This includes basic parts of the web site and vulnerability details.
Version 13.38.0 (01/11/2021)
- Commit 49840FeatureCustomer requestEnterprise customers are able to create a custom dashboard with individual charts and lists to maintain their professional vulnerability management.
Version 13.37.0 (29/10/2021)
- Commit ecf36FeatureExternal links in vulnerability entries known to be not working anymore are flagged as 404 Not Found.
- Commit 00f47OptimizationIn the commit view the column Moderated is renamed to Accepted to indicate the moment a change was approved.
Version 13.36.2 (27/10/2021)
- Commit 6ba60OptimizationMost recent entries on the frontpage are listed faster and with more details right after the creation of a new entry.
Version 13.36.1 (26/10/2021)
- Commit fe47aOptimizationCustomer requestOverview pages with an huge number of entries are not limited anymore.
Version 13.36.0 (25/10/2021)
- Commit 9d96dFeatureCustomer requestThe section exploits shows entries only if an exploit is available for download.
- Commit 7b0b6FeatureCustomer request
Version 13.35.1 (19/10/2021)
- Commit fab04OptimizationOptimization of summaries and descriptions in certain languages to better consider the expected vulnerability class of an entry.
Version 13.35.0 (09/10/2021)
- Commit e2c39FeatureAPI ChangeCustomer request
Version 13.34.0 (15/09/2021)
- Commit 153c8FeatureAPI ChangeIn API 2.26/3.34 information about bug bounty organization
vulnerability_bugbounty_price, and payout date
Version 13.33.1 (13/09/2021)
- Commit 4280aOptimization
Version 13.33.0 (10/09/2021)
- Commit 951ceFeatureAPI ChangeCustomer request
Version 13.32.4 (07/09/2021)
- Commit 759f3OptimizationBetter handling of long strings of commit values shown in commit histories.
Version 13.32.3 (06/09/2021)
- Commit 3c9baOptimizationRanges between versions and up to versions are shown with even higher level of accuracy. This includes titles and summaries as well.
Version 13.32.2 (02/09/2021)
- Commit d29bbOptimizationImprovement of reliability and performance handling of internal submit queue processing.
Version 13.32.1 (31/08/2021)
- Commit 7ad33OptimizationHardware upgrade for better memory and processing handling.
Version 13.32.0 (27/08/2021)
- Commit 90877FeatureCustomer requestActor analysis lists determined TTP (Tactics, Techniques, Procedures)
- Commit 90877FeatureCustomer requestActor analysis lists determined IOA (Indicator of Attack)
Version 13.31.0 (26/08/2021)
- Commit af5a0FeatureOverview of APT actors highlights new actors and added indicators of compromise
Version 13.30.1 (25/08/2021)
- Commit a0f19Optimization
Version 13.30.0 (24/08/2021)
- Commit 758aeFeatureCTI Analysis provides a wide variety of statistical data regarding actors and activities.
Version 13.29.3 (23/08/2021)
- Commit 2d4faOptimizationVulnerability comments in a specific language are only shown if the site is loaded in that language.
Version 13.29.2 (22/08/2021)
- Commit 12bbeOptimizationFinalized data migration to provide much better performance.
- Commit 363e0Optimization
Version 13.29.1 (21/08/2021)
- Commit b2396OptimizationEliminated all links to SecurityFocus vulnerability database as they discontinued the service. Thank you for all your contributions to the cyber security industry!
- Commit adec0OptimizationRe-ordered the listing of external resourced within the reference tables.
- Commit 9b464OptimizationNew color scheme for yearly comparison of CVSS base and temp vectors.
Version 13.29.0 (19/08/2021)
- Commit c2a84Feature
- Commit 52c88OptimizationRanges between versions and up to versions are shown with higher level of accuracy. This includes titles and summaries as well.
Version 13.28.11 (18/08/2021)
- Commit 2f6c2OptimizationAnnouncement banner is shown only if necessary to provide the maximum of space.
- Commit abbeaOptimizationTime-only statements are now always shown depending on the selected request language.
Version 13.28.10 (17/08/2021)
- Commit 8ae38OptimizationVulnerability entries hide header tooltip icons as soon as the screen is too small to read them.
Version 13.28.9 (16/08/2021)
- Commit 51f56OptimizationFaster calculation and loading of Threat Intelligence activity index chart on the frontpage.
Version 13.28.8 (15/08/2021)
- Commit 2b166OptimizationBetter performance thanks to optimized database index for several different tables.
Version 13.28.7 (08/08/2021)
- Commit 0fc46BugfixFixed a rare bug on the frontpage where very recent entries are not shown with all available technical details in the title.
Version 13.28.6 (07/08/2021)
- Commit b4035OptimizationCorrected the right-to-left writing of HTML titles in the Arabic language version of the service.
Version 13.28.5 (05/08/2021)
- Commit 98081OptimizationOptimized the capabilities of searching with CPE strings. Such searches are now much faster and more accurate.
Version 13.28.4 (04/08/2021)
- Commit b697eOptimizationCustomer requestAligned the listing of
entry_changelogto show the field name of
vulnerabilitycenter_lastupdatedatecorrectly. This issue was reported by Fergus Nelson.
- Commit 006fcBugfixCustomer requestUnder certain circumstances the calculation of exploit prices was not happening. This has been fixed. This bug was reported by Fergus Nelson.
Version 13.28.3 (02/08/2021)
- Commit 9864dOptimizationExternal redirects first tested for malicious code are using HTTP status code 301 Moved Permanently instead of 302 Found.
Version 13.28.2 (28/07/2021)
Version 13.28.1 (27/07/2021)
- Commit 293f1Bugfix
Version 13.28.0 (26/07/2021)
- Commit 5f4e7FeatureCustomer requestLanguage support for Arabic (ar). This includes basic parts of the web site and vulnerability details. Right-to-left is implemented whenever required.
Version 13.27.4 (24/07/2021)
- Commit 7430fOptimizationCurrent CTI scores in overviews are loaded and shown much faster which improves speed of site generation.
- Commit 7430fBugfixCurrent CTI scores are shown in overviews in any case even if the servers are under heavy load.
- Commit 7430fBugfixCurrent CTI scores in overviews show the correct timestamp of the last update for the most recent entries in the tooltip of the field.
Version 13.27.3 (17/07/2021)
- Commit 6861bOptimizationBetter import and validation handling for APT actor IoC moderation to improve processing and quality.
Version 13.27.2 (16/07/2021)
- Commit 363b6OptimizationClarification of titles of privilege escalation vulnerabilities. Remote issues that require some form of authentication are shown as Privilege Escalation without mentioning of Remote. Only remote issues without authentication are shown as true Remote Privilege Escalation.
- Commit 61142BugfixAPI ChangeCustomer requestFixed a rare bug in API 1.11/2.24/3.31 that created an associative array for
software_versionif the list of versions numbers contained the value
0. Thanks to Fergus Nelson for reporting this issue.
Version 13.27.1 (15/07/2021)
- Commit 6e469BugfixFixed a bug in the web entry view that undefined CVSSv2 vectors were shown with the value X instead of ND.
- Commit 6e469BugfixAPI Change
- Commit 6e469BugfixFixed a bug in overviews to show tooltips for different CVSS sources of CVSSv3 Meta Temp Scores.
Version 13.27.0 (14/07/2021)
- Commit cc0e3FeatureCustomer requestCyber threat intelligence events display emerging, current, and upcoming activities by actors.
- Commit dacc3BugfixFixed a bug that temp scores of CVSS vectors are not properly stored during initial entry create. This did not affect updated entries.
Version 13.26.4 (07/07/2021)
- Commit 84a8bOptimizationNew layout for changelog for better readability.
- Commit ae57eOptimizationEvery commit shown in the changelog contains the commit ID for better reference.
- Commit 2e4f6OptimizationCommits in changelog provide permalink for easier access.
Version 13.26.3 (30/06/2021)
- Commit ea669OptimizationReinstated linking to CVEdetails.com as they resumed adding and updating new CVEs.
Version 13.26.2 (25/06/2021)
- Commit 28728OptimizationAPI ChangeCustomer requestThe
Content-Typeof all API responses is changed to
application/json; charset=utf-8. This is not a change in the API itself which is why the version number of the API endpoints is not incremented.
Version 13.26.1 (24/06/2021)
- Commit 0d89bOptimizationAPI ChangeCustomer requestThe official vulnerability API endpoint is located at
/?apiand will redirect faulty URLs and GET parameters. Microsoft Power Apps did not respect this URL structure and changed the query string to a parameter tuple with an empty value. Our API endpoint redirected to the correct URL but Power Apps is not capable of following such HTTP redirects. This issue got fixed as Power Apps is now allowed to access the API endpoint even though the request URL format is not entirely correct.
Version 13.26.0 (18/06/2021)
- Commit e9063FeatureAPI ChangeCustomer request
Version 13.25.3 (16/06/2021)
- Commit 0494bOptimizationPerformance optimization during stress (e.g. many users, DDoS attacks).
- Commit 9660eOptimizationChanged the algorithm to generate the category values
remotein the RSS feeds. Also added the value
localif the attack vector is physical.
Version 13.25.2 (15/06/2021)
- Commit 55449OptimizationDedicated approval and handling of permissions to use extended CTI features.
- Commit 00931OptimizationThe user profile shows details about the purchased CTI license.
- Commit 0552fOptimizationBetter performance of generation of user menu for authenticated users.
Version 13.25.1 (14/06/2021)
- Commit fd133OptimizationMore accurate timing information about new IoC (Indicator of Compromise) assigned to an APT actor.
Version 13.25.0 (11/06/2021)
- Commit ed936Feature
Version 13.24.1 (09/06/2021)
Version 13.24.0 (08/06/2021)
- Commit efc17Feature
Version 13.23.0 (07/06/2021)
- Commit 94a1eFeature
- Commit fc8b2FeatureCustomer requestAccess to APT actor information to show activities, interest distribution, indicators of compromise, and external references. The analysis is based on unique activity data ranging back to 2016.
- Commit fc8b2FeatureAccess to country-specific information to show activities and interest distribution.
Version 13.22.1 (04/06/2021)
- Commit 03370OptimizationTimelines indicating activities show the so called activity index instead of the generic entries label.
- Commit 03359OptimizationBar charts showing exploit prives use exploit instead of the generic entries label.
Version 13.22.0 (31/05/2021)
- Commit 7dc24FeatureCustomer request
- Commit 5ada2FeatureTitles of charts link to drilldown sites whenever possible.
Version 13.21.0 (26/05/2021)
- Commit edf52FeatureCustomer requestLanguage support for Japanese (jp). This includes basic parts of the web site and vulnerability details.
Version 13.20.4 (18/05/2021)
- Commit 02cd6OptimizationThe event of web code improvement shown in the community stream links to the changelog.
- Commit e9923OptimizationAPI Change
Version 13.20.3 (12/05/2021)
- Commit b4953OptimizationStreamlined entry identifier wording on community activity stream on the frontpage.
Version 13.20.2 (04/05/2021)
- Commit 8d247OptimizationThe changelog does contain the version number of the service.
- Commit 5421dOptimizationAll major releases are shown in the changelog with a star.
Version 13.20.1 (02/05/2021)
- Commit b0e75OptimizationCommunity activities shown on the frontpage do refer to entries with their corresponding VDB ID to increase readability.
Version 13.20.0 (29/04/2021)
- Commit 0d72fFeatureFrontpage does now show the latest changelog entries of the current day.
- Commit d6b22OptimizationCustomer requestVulnerability entries do now always contain links to available upgrades and patches in the Countermeasure section.
Version 13.19.3 (28/04/2021)
- Commit 6df70OptimizationPerformance optimization of the Threat Intelligence chart on the frontpage.
- Commit d1eb6BugfixCustomer request
Version 13.19.2 (26/04/2021)
- Commit a9542OptimizationHardware upgrade for better memory and processing handling.
- Commit 8dd8cOptimizationAPI ChangeIn API 3.27 the values of numeric request types is verified and if not acceptable, a
400 Bad requesterror message is shown.
Version 13.19.1 (24/04/2021)
- Commit 3855bOptimizationOptimized load balancing, limiter, and DDoS mitigation to provide more stability for legitimate users.
Version 13.19.0 (22/04/2021)
- Commit a85dcFeatureCustomer requestSubmitted items are reviewed by an automated pre-parser to define a priority for processing by the moderation team. This increases priority for most important items and therefore improves processing speed.
Version 13.18.0 (20/04/2021)
- Commit 612a5FeatureCustomer requestLanguage support for Chinese simplified (zh-Hans). This includes basic parts of the web site and vulnerability details.
Version 13.17.1 (16/04/2021)
- Commit b93edOptimizationCode optimization of CTI map generation for faster processing with less memory requirements.
Version 13.17.0 (15/04/2021)
- Commit 1ffb5FeatureCustomer requestDescription of CTI trigger possibilities and threshold handling to create events and reports.
- Commit 881a3OptimizationFooter does now refer to your specific copyright and license depending whether there is a commercial, enterprise, or reseller license established.
Version 13.16.0 (12/04/2021)
- Commit f7832FeatureCustomer requestSome users mistake their mail address as legitimate username to login. In this case a warning message informs the user about the mistake.
Version 13.15.3 (08/04/2021)
- Commit 265e0OptimizationPerformance optimization for CTI country analysis (closed beta invite only at the moment). Time range analysis is now incremental which makes report generation much faster (especially for larger ranges).
Version 13.15.2 (31/03/2021)
- Commit 05005OptimizationAll listings in the personal profile do contain timestamps to make identification of single items much easier.
- Commit cddb4OptimizationCompleted some of the missing translations for French, Italian, Spanish, Polish, and Swedish.
- Commit 6dc4aOptimizationImproved the handling of time format regarding country-specific definitions. The language en will show A.M. and P.M. only if the browser is also set to en-us. Otherwise the 24 hour format is used. If the language is set to fr and the browser announces fr-fr there will be the French format 12h34. The 24 hour format is also used as default for all languages without a specific definition.
Version 13.15.1 (30/03/2021)
- Commit d71beBugfixFixed a bug where some long product names, product listings and titles did not show the product name in its entirety.
- Commit 44ee5OptimizationAPI ChangeIn API 3.26 fixed an issue where queries for
entry_timestamp_all_startdid not work properly if the request value had a trailing whitespace.
Version 13.15.0 (29/03/2021)
- Commit 15c50FeatureAPI ChangeThe personal API history does show the execution time for a request to help optimize queries. The column is shown as seconds and sortable.
- Commit c4d04FeatureCustomer requestAdded planned features in a roadmap to announce upcoming functionality. The items shown are just suggestions and might change regarding implementation and deployment.
Version 13.14.3 (28/03/2021)
- Commit 1ec36OptimizationCustomer requestBetter description of update handling, especially prioritization of new data for existing entries and update requests by customers.
- Commit ae8c3OptimizationOptimized the description of different commit moderation approaches. The actions for handling spam and profanity are explained in detail.
Version 13.14.2 (26/03/2021)
- Commit 206dfBugfixAPI ChangeIn API 2.20/3.25 the list of multiple items in
software_notaffectedlistdo trim trailing whitespaces correctly.
Version 13.14.1 (25/03/2021)
- Commit a8cdfOptimizationAdded a new community rank Guru which requires 5000 points to be reached. Therefore, Grand Master is not the highest rank anymore.
Version 13.14.0 (24/03/2021)
- Commit 434e3FeatureAPI ChangeCustomer requestIntroduced API 3.24 with the new request type
entry_timestamp_all_startwhich combines new items from
entry_timestamp_create_startand updated items from
entry_timestamp_change_startin a single stream.
Version 13.13.1 (20/03/2021)
- Commit 26de8OptimizationOptimized speed and memory consumption of queries based on LIKE statements in search queries.
Version 13.13.0 (17/03/2021)
- Commit 1daf9FeatureCustomer requestDocumentation of the different levels used in the field exploit_exploitability shown on multiple listings on the web site.
Version 13.12.0 (10/03/2021)
- Commit 699d0FeatureCustomer requestMade internal changelog public to provide full transparency for our customers. Entries earlier than 2020 just show milestones and not detailed changes.
- Commit 43dfeFeatureAdded link to changelog under support in main menu and in the footer of the page.
- Commit c0ba0OptimizationUpdated internal quality guidance for CVSS fields during creation of new entries based on official Microsoft disclosures.
Version 13.11.3 (08/03/2021)
- Commit 1faf6OptimizationUpdated internal quality requirements for
advisory_person_nicknamefields to prevent inaccurate information during daily update procedure.
Version 13.11.2 (04/03/2021)
- Commit ecf32OptimizationOptimized limiter to prohibit crawling of view elements by non-commercial users.
- Commit fa612OptimizationLimiter uses better geolocation data to prevent malicious users from changing IP addresses to slow down detection of abuse.
Version 13.11.1 (03/03/2021)
- Commit 09cefBugfixFixed a rare German translation issue in a specific sentence of some vulnerability summaries.
Version 13.11.0 (01/03/2021)
- Commit 17052FeaturePrepared language database for upcoming translations.
- Commit b3dfcOptimizationOptimized language database for better performance.
Version 13.10.0 (28/02/2021)
- Commit 021d4FeatureCTI Analysis (closed-beta only) supports search strings for technology-specific research.
Version 13.9.0 (22/02/2021)
- Commit e7965FeatureAdded user element under search in main menu.
- Commit 7ed21OptimizationOptimized internal CTI event analysis module.
Version 13.8.0 (04/02/2021)
- Commit 5626bFeatureAdded load balancing features to handle performance peaks much better.
- Commit 2efadFeatureEnabled priority module to provide high-availability for enterprise customers.
Version 13.7.1 (03/02/2021)
- Commit 167acOptimizationOptimized normalize module to improve quality assurance of vulnerability data management.
Version 13.7.0 (01/02/2021)
- Commit 14106FeatureInitiated preparation for port of web services to PHP8. First polyfill functions tested.
Version 13.6.1 (17/01/2021)
- Commit bdc13Bugfix
Version 13.6.0 (16/01/2021)
- Commit 960f5FeatureStart of internal testing for CTI attribution module to identify APT group activities as such. Used by CTI team to create CTI alerts and infos for paying customers.
Version 13.5.4 (09/01/2021)
- Commit d53a8OptimizationAPI ChangeCustomer requestChanged
120to keep commit grouping much smaller. Entries updated within a short period of time will pushed into the update stream to provide the most actual data to API users.
Version 13.5.3 (04/01/2021)
- Commit 96326OptimizationPerformance improvement of search engine. Early dissection will speed up some specific search requests.
- Commit 96326OptimizationPerformance improvement of monoblock engine. Compilation of entries is a bit faster under certain circumstances.
Version 13.5.2 (23/12/2020)
- Commit db3d5OptimizationUnordered lists in regular content to not a a maximum heigh and auto scrollbars anymore.
Version 13.5.1 (15/12/2020)
- Commit c227fOptimizationPerformance optimization of monoblock data processing.
Version 13.5.0 (09/12/2020)
- Commit 93707FeatureAdded a stylesheet to display "time ago" for stream items.
Version 13.4.0 (08/12/2020)
- Commit dcd32FeatureAPI ChangeIn API 3.23 added request type
cursorinitto determine ideal initial cursor position for ongoing vulnerability stream (e.g. Splunk).
Version 13.3.0 (04/12/2020)
- Commit 3abdfFeatureIntroduced information regarding ATT&CK. The fields are currently auto-generated and not part of the monoblock.
- Commit dbcd2FeatureAPI ChangeIn API 2.19/3.22 added field
source_cve_cnawhich contains a string of the CVE Numbering Authority that assigned the CVE.
- Commit 118c6BugfixCorrected a display bug for tooltips of CVSS fields on certain overview pages.
Version 13.2.1 (03/12/2020)
- Commit 6c403OptimizationOptimized signup flood protection to prevent malicious users from auto-generating community accounts.
Version 13.2.0 (26/11/2020)
- Commit 0cd93FeatureAdded new import feature for vulnerability moderators to handle custom entries and large batches of submissions.
- Commit a4571FeatureThe differences in a diff view are highlighted by color to provide better visibility.
Version 13.1.2 (13/11/2020)
- Commit 7983dOptimizationPerformance optimization of monoblock data processing.
Version 13.1.1 (06/11/2020)
- Commit c87a7OptimizationMigration to new hardware.
Version 13.1.0 (02/11/2020)
- Commit f6cc6FeaturePaying customers do now see a summary on top of every vulnerability entry to identify the most important aspects of the vulnerability.
Version 13.0.1 (16/10/2020)
- Commit 68339OptimizationOptimized some indexes within the database to improve performance.
Version 13.0.0 (09/10/2020)
- Commit 8b201FeatureIntroduced new monoblock structure to provide more possibilities like commits, commit histories, etc.
Version 12.26.1 (26/09/2020)
Version 12.26.0 (10/09/2020)
- Commit b015cFeatureThe live symbol is pulsating.
- Commit 2d270OptimizationThe CSS code for the custom worldmap is deleted to stramline the CSS file.
Version 12.25.1 (10/08/2020)
- Commit b3264OptimizationOptimization of browser rendering speed by adding
font-display: swapto the CSS style sheet.
Version 12.25.0 (16/05/2020)
- Commit f6e38FeatureAdded an optimization banner to inform users about upcoming changes and features.
Version 12.24.0 (13/05/2020)
- Commit 58be3FeatureNew horizontal table style to make some upcoming views better readable.
Version 12.23.5 (01/05/2020)
- Commit e655cOptimizationUpgrading to an extended server cluster for better performance.
Version 12.23.4 (17/04/2020)
- Commit ee0ccBugfixAPI Change
Version 12.23.3 (04/03/2020)
- Commit 328c8OptimizationCVEdetails.com stopped updating their database. We keep linking old CVEs to their sites but do not do so for newer entries.
Version 12.23.2 (10/01/2020)
- Commit ce27fOptimizationAdded validation styles for numbers, dates, emails, and urls for forms. These detect missing or wrong data before submitting a form.
Version 12.23.1 (19/11/2019)
- Commit 7d12fOptimizationDecreased the font-size of labes from 90% to 75% for better readability.
- Commit c8999OptimizationImproved style and layout of tooltips for better readability.
Version 12.23.0 (15/11/2019)
- Commit 5c4b5FeatureLoad new pages with extended loading time show progress bar spinner at top of the site.
Version 12.22.0 (09/11/2019)
- Commit c4f43FeatureAdded logos of vendors/products in entries if available.
- Commit 46f6eOptimizationStramlined CSS style sheet regarding mini buttons.
Version 12.21.0 (08/11/2019)
- Commit 4f1afFeatureAdded tooltips for easier access to more information.
- Commit 63433OptimizationAdded fade effect for mini buttons for a better user experience.
Version 12.20.1 (06/11/2019)
- Commit 01634OptimizationStramlined box elements and columns.
Version 12.20.0 (31/10/2019)
- Commit 032a9FeatureAPI ChangeCustomer requestIn API 3.20 added field
vulnerability_namewhich contains a string or array a popular names of the vulnerability (e.g. Shellshock, Poodle).
Version 12.19.0 (13/09/2019)
- Commit eaf94FeatureAPI ChangeCustomer requestIn API 3.19 added field family
Version 12.18.0 (31/08/2019)
- Commit 34a45FeatureAPI ChangeIn API 3.18 added field
entry_replacesto display duplicates which have been replaced by this entry.
Version 12.17.0 (26/08/2019)
- Commit 3974bFeatureAPI Change
Version 12.16.0 (22/08/2019)
- Commit 3ef93FeatureAdded experimental world map to highlight CTI activities.
- Commit 5054eOptimizationImproved the layout of checkboxes on web forms.
Version 12.15.0 (06/07/2019)
- Commit e5808FeatureCustomer requestVulDB administrators are able to provide DB dumps for faster onboarding of enterprise customers.
Version 12.14.0 (01/07/2019)
- Commit 2fcc6FeatureCustomer requestIntroduction of software type categories available in the field
Version 12.13.3 (04/06/2019)
- Commit dd112BugfixAPI ChangeIn API 3.16 fixed value of field
advisory_identifier, disabled safeguard mechanism to prevent inconsistency in result count.
Version 12.13.2 (01/06/2019)
- Commit 26f6bOptimizationUpdated the Data Privacy Notice to clarifying wording and added details about payment processing.
Version 12.13.1 (27/05/2019)
- Commit 6e92eOptimizationAdded loading bar on top of the page to indicate the loading of large pages.
Version 12.13.0 (24/05/2019)
- Commit bcb85FeatureSubmitting forms locks input fields and shows progress indicator.
Version 12.12.0 (17/05/2019)
- Commit c9222FeatureAPI ChangeIn API 3.15 added fields
software_website_productto the output.
Version 12.11.0 (08/05/2019)
- Commit 0fb91FeatureAPI ChangeIn API 3.14 requesting dedicated CVSS fields supports the official response format (e.g.
vulnerability_cvss3_vuldb_basescore) and the legacy format (e.g.
vulnerability_cvss3_basescore_vuldb). The legacy format will be dropped in a future major release of the API.
Version 12.10.1 (24/04/2019)
- Commit 1dc8aOptimizationImproved the layout of the search menu item for better accessibility.
- Commit bb0d0OptimizationThe status boxes of live views are now pulsating if there is currently some activity.
Version 12.10.0 (17/04/2019)
- Commit d1042FeatureAPI ChangeCustomer requestIn API 1.8/2.18/3.13 added field
software_cpe23which introduces full CPE 2.3 support whereas
software_cpeis still providing CPE 2.2 data.
Version 12.9.0 (15/04/2019)
- Commit 3bfedFeatureAdded a detailed clendar view for years an months.
- Commit faa07OptimizationStreamlined the row behavior.
Version 12.8.2 (10/04/2019)
- Commit 35519OptimizationHovering a clickable symbol in an overview will now be indicated by the cursor as pointer.
- Commit cdf7bOptimizationImproved the layout of buttons inside text boxes (e.g. searches).
Version 12.8.1 (01/04/2019)
- Commit 27ca6OptimizationCentered the purchase table for better accessibility.
Version 12.8.0 (29/03/2019)
Version 12.7.0 (21/03/2019)
Version 12.6.0 (15/03/2019)
- Commit d3ac7FeatureCustomer requestAdded multiple levels to the main menu to provide better accessibility to the variety of features.
- Commit 35f3eFeatureAdded the possibility for buttons within textboxes (e.g. searches).
Version 12.5.0 (08/03/2019)
- Commit 1ae53FeatureVulnerability entries do now show the exploit prices with a graphical element.
- Commit 74f44OptimizationImproved the display of symbols in overviews.
Version 12.4.0 (04/03/2019)
- Commit 55a0eFeatureAPI ChangeIn API 1.7/2.17/3.12 added fields
entry_locked_reasonto inform about entries undergoing update and review processes (they might change soon).
Version 12.3.0 (01/03/2019)
- Commit 81d15FeatureIntroduction of the C3BM Index (CVSSv3 Base Meta Index) based on CVSS data of multiple sources.
Version 12.2.0 (28/02/2019)
- Commit 231a4FeatureLarge tables might be shown with a striped layout to improve readability.
- Commit 16d23OptimizationImproved the layout of buttons in the user submenu.
Version 12.1.0 (25/02/2019)
- Commit 9c6deFeatureCustomer requestSymbols in overviews are clickable to provide a drilldown feature. This is true for CVSS, exploit prices, exploitability, and countermeasures.
- Commit 92aacOptimizationHeader text is now a graphical element.
Version 12.0.4 (23/02/2019)
- Commit 82de5OptimizationSlightly changed the colorization of remedation and exploitability levels.
Version 12.0.3 (22/02/2019)
- Commit 55aa5OptimizationChanged the pointer behavior of certain table headers from grab to regular pointer.
Version 12.0.2 (21/02/2019)
- Commit 81d16OptimizationStreamlined user menu buttons.
- Commit 81d16OptimizationStreamlined exploitability fields.
Version 12.0.1 (20/02/2019)
- Commit 2d300OptimizationAPI ChangeIn API 1.6/2.16/3.11 improved speed, reliability and accuracy of
- Commit d6d17OptimizationImproved the width behavior of user menu buttons.
- Commit a25daOptimizationLinks in overviews are clickable within the whole cell and not just on the text itself.
Version 12.0.0 (18/02/2019)
- Commit b9184FeatureCustomer requestNew overviews introduced with a lot of information items.
- Commit 65679FeatureAdded support for dynamic behavior for long tables with more than six columns.
- Streamlined the behavior of content and article.
- Streamlined the behavior of tables.
- Streamlined the behavior of buttons.
Version 11.27.0 (15/02/2019)
- Commit c278eFeatureAdded the posibility to fade-in some elements for a better user experience.
- Commit 07fdcOptimizationImproved the width behavior of user menu buttons.
Version 11.26.0 (08/02/2019)
- Commit 7324eFeatureAdded buzzboxes to show statistical data about the project.
- Commit 3b784OptimizationOptimized the margin behavior of columns.
Version 11.25.0 (06/02/2019)
- Commit 250b0FeatureAPI ChangeCustomer requestIn API 3.10 added request parameter
offsetto set a starting point for results (pagination).
Version 11.24.1 (01/02/2019)
- Commit 5d94fOptimizationReached the 10.000th community user. Congratulations!
Version 11.24.0 (18/01/2019)
Version 11.23.0 (11/01/2019)
- Commit dfb03FeatureAPI ChangeCustomer request
Version 11.22.1 (08/01/2019)
- Commit 608e1BugfixAPI ChangeIn API 1.5/2.15/3.7 field
software_componentis not returning multiple fields anymore to prevent parsing errors.
Version 11.22.0 (01/01/2019)
- Commit 772cfFeature
Version 11.21.0 (13/12/2018)
- Commit 1deb7FeatureAPI ChangeCustomer requestIn API 1.4/2.14/3.6 requesting details without unlocked archive access will warn in field
Version 11.20.0 (28/10/2018)
- Commit d4c8eFeatureLarge quantities of statistical views are created by Cronjobs to improve performance.
Version 11.19.0 (01/10/2018)
- Commit 3b088FeatureCustomer requestLaunch of Video Tutorial Series on YouTube to introduce new users to the capabilities of the service.
Version 11.18.1 (20/09/2018)
- Commit c4d5cOptimizationChanged the cursor behavior for votes from copy to default.
- Commit c4d5cOptimizationChanged the cursor behavior of ribbons to default.
Version 11.18.0 (18/09/2018)
- Commit afb23FeatureAdded custom ribbons to popup with interesting details if needed.
- Commit 8ee7cOptimizationImproved the behavior of items which have a fade-in effect.
Version 11.17.0 (01/09/2018)
- Commit 8dfe7FeatureCustomer request
Version 11.16.0 (31/08/2018)
- Commit c00a7FeatureCustomer requestIntroduction of CPE lists in entry views to indicate the affected products.
Version 11.15.0 (06/08/2018)
- Commit 9e978FeatureAPI ChangeIn API 3.5 support for the queries
- Commit 576a2OptimizationCustomer requestDisabled the gradients in symbols.
Version 11.14.4 (04/08/2018)
- Commit 48a03OptimizationFixed an issue with the visibility of long date symbols.
Version 11.14.3 (03/08/2018)
- Commit 7d763OptimizationImprovement of gradient in symbols.
- Commit 856afOptimizationAdding support for other font families in symbols.
Version 11.14.2 (02/08/2018)
- Commit b0000OptimizationIntroduction of gradients in symbols.
Version 11.14.1 (01/08/2018)
- Commit 7ef2dOptimizationIntroduction of antialiasing of fonts for better readability on high-resolution displays.
Version 11.14.0 (31/07/2018)
- Commit dc2aeFeatureAdded support for stream symbols shown on overviews.
Version 11.13.1 (22/07/2018)
- Commit b675bOptimizationImproved the layout of mini buttons.
Version 11.13.0 (12/07/2018)
- Commit b1af8FeatureCustomer requestAdded dynamic layouts for tables to hide certain columns under specific conditions. This improves the mobile view a lot.
Version 11.12.1 (10/07/2018)
- Commit d5a10OptimizationOptimized the margin of header elements.
Version 11.12.0 (06/07/2018)
- Commit bc316FeatureIntroduction of the user menu for authenticated users. This menu shows additional details and provides access to more features.
Version 11.11.3 (05/07/2018)
- Commit be3b7OptimizationA new table wrapper optimizes how tables are shown on different screen sizes.
Version 11.11.2 (04/07/2018)
- Commit c4570OptimizationStreamlining of cvss lists.
Version 11.11.1 (29/06/2018)
- Commit 7409eOptimizationStreamlining of mini button for unlock announcements.
Version 11.11.0 (28/06/2018)
- Commit b09c3FeatureIntroduction of column views, as used in the documentation section of the service.
Version 11.10.1 (12/06/2018)
- Commit 76199BugfixAPI ChangeCustomer request
Version 11.10.0 (11/06/2018)
- Commit 361d1FeatureAPI Change
Version 11.9.4 (10/06/2018)
- Commit 2ed12OptimizationStreamlining of mini buttons.
Version 11.9.3 (08/06/2018)
- Commit 88f01OptimizationMini buttons do now animate on hover.
Version 11.9.2 (06/06/2018)
- Commit 216dfBugfixAPI ChangeCustomer request
Version 11.9.1 (04/06/2018)
- Commit 6d6d9BugfixAPI ChangeIn API 1.2/2.11/3.1 fixed default sort order of
Version 11.9.0 (18/05/2018)
- Commit ab9a7FeatureAPI ChangeCustomer requestIntroduced API 3.0, which moved
Version 11.8.0 (15/05/2018)
- Commit 38be8FeatureAPI ChangeIn API 2.10 added
- Commit 38be8FeatureAPI ChangeIn API 2.10 added
vulnerability_risk(also shown in non-detail responses).
Version 11.7.1 (14/05/2018)
- Commit 1d0c8OptimizationAPI ChangeCustomer requestIn API 2.9 added detailed error messages regarding API key problems (
- Commit 1d0c8OptimizationAPI ChangeIn API 2.9 enterprise customers have performance priority over free users.
Version 11.7.0 (08/05/2018)
- Commit a20dbFeatureAPI ChangeIn API 2.8 the field
entry_titledoes not show CVE anymore.
- Commit a20dbFeatureAPI ChangeIn API 2.8 added fields
Version 11.6.0 (07/05/2018)
- Commit 7e839FeatureAPI ChangeCustomer requestIn API 2.7 added support for request type
Version 11.5.0 (01/05/2018)
Version 11.4.0 (01/04/2018)
- Commit 3bdb9Feature
Version 11.3.0 (22/03/2018)
- Commit b90e6FeatureCustomer requestWorking on a proof-of-concept to use Alexa as a gateway to work with vulnerability data.
Version 11.2.3 (17/02/2018)
- Commit f3590OptimizationIntroduction of a container element to have more flexibility with layout positioning on the web frontend.
Version 11.2.2 (01/02/2018)
- Commit 51a81OptimizationIntroduction of a sub-title on the site title to better describe the service.
Version 11.2.1 (29/01/2018)
- Commit 2638bOptimizationOfficial approval of VulDB by Norton Site Checker. The service is rated as safe.
Version 11.2.0 (22/01/2018)
- Commit 49bb7FeatureAPI ChangeUpgrade to API 2.0. Response contains three elements (request, response, result) instead just the results.
Version 11.1.1 (23/09/2017)
- Commit aebb3OptimizationImprovement of the container margins to have a better layout.
Version 11.1.0 (16/09/2017)
- Commit 05eb4Feature
Version 11.0.1 (02/06/2017)
- Commit 45634OptimizationOptimization of automated exploit price calculation to gain more accuracy.
Version 11.0.0 (01/06/2017)
- Commit a862dFeatureIntroduction of dynamic graphs shown in different views.
Version 10.12.2 (19/05/2017)
Version 10.12.1 (16/05/2017)
- Commit 93c6eBugfixFixed a display issue on the frontpage. Under certain circumstances new items were not shown as bold.
Version 10.12.0 (28/04/2017)
Version 10.11.0 (21/04/2017)
- Commit e7f52FeatureAdded dynamic charts of all kind of overview pages.
Version 10.10.0 (10/04/2017)
Version 10.9.0 (01/04/2017)
- Commit 3d204Feature
Version 10.8.0 (22/03/2017)
- Commit 1f1f6FeatureCustomer requestVulnerability entries flagged as false-positive do now highlight this fact on their pages (title and introduction).
Version 10.7.0 (21/03/2017)
- Commit 2eb19FeatureIntroduced data for OVAL and IAVM. Completed all existing entries with appropriate data.
Version 10.6.0 (23/02/2017)
- Commit f7af4FeatureCustomer requestSupporting CVSS scores from multiple sources (VulDB, vendor, researcher, NVD).
Version 10.5.1 (13/02/2017)
- Commit 915e2OptimizationOptimized the indexing of the database to improve search performance.
Version 10.5.0 (01/02/2017)
Version 10.4.1 (20/01/2017)
- Commit ed89aOptimizationOptimized performance by using specific features and configuration settings in PHP7.
Version 10.4.0 (18/01/2017)
- Commit 2eb99FeatureAdded an advanced search on the web site to improve specific search capabilities.
Version 10.3.0 (01/01/2017)
- Commit 766b4FeatureStart open beta of community edition.
Version 10.2.0 (20/12/2016)
- Commit afa9dFeatureIntroduced Bug of the Day on the front page. One of the more serious or interesting issues of the recent days is shown every day.
Version 10.1.1 (19/12/2016)
- Commit e0724OptimizationRedesign of the frontpage with a slick layout and better data accessibility.
Version 10.1.0 (16/12/2016)
- Commit 17b00FeatureImplemented a module to detect loss of data integrity on the service.
Version 10.0.0 (01/12/2016)
- Commit 88cceFeatureAPI ChangeCustomer requestIntroduction of public API to provide vulnerability for automated processing.
Version 9.19.1 (08/11/2016)
- Commit 1bf65OptimizationOptimization of database table structures to gain more flexibility and performance.
Version 9.19.0 (07/11/2016)
- Commit 41c1aFeatureImplementation of Content Security Policy (CSP) to improve web security of the service.
Version 9.18.0 (02/11/2016)
- Commit 2c835FeatureIt is now possible to upvote comments for vulnerability entries. Upvoted comments are shown on top of the list.
Version 9.17.0 (01/11/2016)
- Commit 01762FeatureStart closed beta of community edition.
Version 9.16.0 (26/10/2016)
- Commit 464dcFeatureEditing a section of a vulnerability will automatically jump to the correct section of the edit form.
Version 9.15.0 (25/10/2016)
- Commit cbba3FeatureExisting vulnerability entries can now be edited immediately by members of the moderation team.
Version 9.14.0 (14/10/2016)
- Commit 83203FeatureEnhanced the existing cache module to allow caching of database queries and results.
Version 9.13.0 (11/10/2016)
- Commit 786cbFeatureEvery user account has now a profile.
- Commit 7868eFeatureRegistered users are able to tweak their own configuration of the service.
Version 9.12.0 (10/10/2016)
- Commit b9c2dFeatureRegistered users are able to see history of vulnerability entries they have been viewing earlier.
Version 9.11.0 (07/10/2016)
- Commit 7da47FeatureRegistered users are able to gain community points with activities to get a higher ranking on the site.
Version 9.10.0 (06/10/2016)
- Commit f618bFeature
Version 9.9.0 (05/10/2016)
- Commit da14aFeatureUsers accessing resources which require an authentication receive a proper error message.
Version 9.8.0 (04/10/2016)
- Commit 2f00fFeatureUsers are able to reset their password via email (password recovery).
Version 9.7.0 (03/10/2016)
- Commit 5a1b1FeatureCustomer requestLogins with a new device or from an unknown source will inform the account holder about the potentially suspicious login. New devices are stored and shown in the personal device management overview.
Version 9.6.0 (24/06/2016)
- Commit 688a5FeatureAdded a limiter to prevent malicious users from scraping our data without authorization.
Version 9.5.0 (22/06/2016)
Version 9.4.0 (01/10/2016)
- Commit 0aa68FeatureIntroduction of exploit price calculations to provide a better tool to prioritize exposed vulnerabilies.
Version 9.3.1 (05/07/2016)
- Commit 4aa37OptimizationPerformance optimization for all web views.
Version 9.3.0 (30/06/2016)
- Commit 4aecfFeatureSome statistical data is now stored in a centralized table which allows them to be shown on multiple places without new calculations every time.
Version 9.2.0 (02/05/2016)
- Commit 3fee0FeatureSupport for data fields of Tenable Nessus.
Version 9.1.1 (29/04/2016)
Version 9.1.0 (27/04/2016)
- Commit 8ab5bFeatureSome data points are now shown in bubbles.
- Commit 939cfOptimizationIntroduced a new site footer.
Version 9.0.0 (14/04/2016)
- Commit b3559OptimizationComplete rewrite of the search engine to provide better matches and optimized performance.
Version 8.1.2 (06/04/2016)
- Commit 3ce21OptimizationOptimization of HTML code to make pages smaller and faster to download and render.
Version 8.1.1 (04/04/2016)
- Commit 3b609BugfixFixed a bug or slow indexes which improved the performance of vulnerability display a lot.
Version 8.1.0 (01/04/2016)
- Commit 7bc0aFeatureIntroduction of new summaries and descriptions with more data enrichment.
- Commit 56864OptimizationPerformance optimization.
Version 8.0.0 (14/03/2016)
- Commit 5e4e5FeatureIntroducing Chart.js to generate dynamic charts.
Version 7.1.3 (11/03/2016)
- Commit a0b92OptimizationEstablish VulDB as independent service to gain more flexibility.
Version 7.1.2 (23/02/2016)
- Commit 76b37OptimizationMigration to new hardware.
Version 7.1.1 (17/02/2016)
- Commit 07bfbOptimizationRenaming the Twitter handle from scipvulbot to "vuldb"https://twitter.com/vuldb.
Version 7.1.0 (19/01/2016)
- Commit 55bf1FeatureEnhancing statistical overview to provide previews and forecasts based in historical data.
- Commit 72424FeatureCreating new text for different pages and sub-pages.
Version 7.0.5 (01/12/2015)
- Commit ea951OptimizationCustomer requestAdding caching modules to improve site performance. Caching is possible per site and file.
Version 7.0.4 (20/11/2015)
- Commit 58defOptimizationCustomer requestIncreasing update frequency of existing entries.
Version 7.0.3 (19/08/2015)
- Commit 2ddb7BugfixCorrected the listing of multiple authors of a vulnerability.
Version 7.0.2 (07/08/2015)
- Commit 3b6e7OptimizationMore performance optimization of database queries.
Version 7.0.1 (03/08/2015)
- Commit b1554OptimizationPerformance optimization of database queries.
Version 7.0.0 (10/07/2015)
- Commit 243a7FeatureRedesign of modular frontpage with the introduction of Top 5 lists.
Version 6.31.0 (07/07/2015)
- Commit 44e99FeatureAdding Qualys data to vulnerability entries.
- Commit fe3d0FeatureAdding SecurityCenter data to vulnerability entries.
Version 6.30.0 (09/03/2015)
- Commit e19c1FeatureIntroduction of new queue for vulnerability processing by mod team.
Version 6.29.3 (25/02/2015)
- Commit 8695fOptimizationOptimization of all X-Force data import and display.
Version 6.29.2 (03/02/2015)
- Commit 3453eOptimizationOptimizaton of summaries and descriptions of vulnerability entries.
Version 6.29.1 (08/01/2015)
- Commit 7ac76OptimizationOptimization of version descriptions of vulnerability entries.
Version 6.29.0 (24/06/2014)
- Commit 0b232FeatureCustomer requestApproaching backlog of old entries before 2003 with vulnerabilities ranging back to 1988. More information.
Version 6.28.0 (26/05/2014)
- Commit 0f72aFeatureIntroduction of the "see also" hint which lists entries with are connected or similar.
Version 6.27.0 (17/04/2014)
- Commit 35f6fFeatureAdding a field to declare the date of the introduction of a vulnerability.
Version 6.26.1 (27/03/2014)
- Commit 3efc3OptimizationOptimization of queuing of new vulnerabilities to better prioritize processing.
Version 6.26.0 (20/03/2014)
Version 6.25.12 (14/03/2014)
- Commit bc799OptimizationDatabase index optimization.
Version 6.25.11 (07/03/2014)
- Commit d0ddaOptimizationOptimizing collision detection during the processing of new entries.
Version 6.25.10 (10/02/2014)
- Commit ce076OptimizationOptimizing summaries regarding sources of vulnerability entries.
Version 6.25.9 (29/01/2014)
- Commit 03d37OptimizationAdded helper for vulnerability moderation team to determine arguments of attacks faster and more reliable.
Version 6.25.8 (28/01/2014)
- Commit 53a64OptimizationOptimizing summaries regarding code samples.
Version 6.25.7 (23/01/2014)
- Commit 61b0dOptimizationOptimizing helper for vulnerability moderation team to complete new and existing entries with additional data. This increases data quality drastically.
Version 6.25.6 (14/01/2014)
- Commit a17f4BugfixFixed a bug where sometimes summaries and descriptions did contain spaces twice instead of once. This was just a problem in the HTML source code and not on the rendered web site.
Version 6.25.5 (09/01/2014)
- Commit 1cd31OptimizationAdded helper for vulnerability moderation team to determine keywords which shall be used within the title of a vulnerability entry.
Version 6.25.4 (19/12/2013)
- Commit 12a4fOptimizationOptimizing the autocomplete feature to update new entries with historical data.
Version 6.25.3 (06/11/2013)
- Commit 1434cOptimizationOptimizing the pre-parser to handle import of new vulnerability entries.
Version 6.25.2 (22/10/2013)
- Commit a52cfOptimizationChanging the algorithm to calculate the current threat level.
Version 6.25.1 (21/10/2013)
- Commit 921d7OptimizationChanging the algorithm to calculate the risk rating of vulnerability entries.
Version 6.25.0 (18/10/2013)
- Commit b4283FeatureAdding the support for OpenVAS data.
Version 6.24.0 (17/10/2013)
- Commit 01303FeatureIntroducing the threat level to show an indicator for the current vulnerability landscape.
Version 6.23.0 (03/10/2013)
- Commit e8e8fFeatureAdding the possibility to add a custom word to the title to provide more details on first sight.
Version 6.22.0 (01/10/2013)
- Commit f8c1eFeatureEstablishing a background updater which handles entries which need to be updated without interfering with the manual work of the moderation team.
- Commit 5abb3OptimizationEnhancement of the review procedure of CVE entries pushed by MITRE to improve processing and quality.
Version 6.21.0 (13/09/2013)
- Commit 9f09fFeatureCollaboration with vFeed to exchange and enrich vulnerability data. More information.
Version 6.20.1 (12/09/2013)
- Commit 088acOptimizationCompleting all existing entries with Secunia data.
Version 6.20.0 (11/09/2013)
- Commit 2b409FeatureIntroducing risk maps to provide easy comparability between risk ratings of different sources.
Version 6.19.0 (10/09/2013)
- Commit 8966cFeatureIntroducing support for Secunia data as a source.
- Commit 8966cFeatureIntroducing support for IBM X-Force data as a source.
Version 6.18.0 (23/08/2013)
- Commit 3881dFeature
Version 6.17.0 (12/08/2013)
- Commit d8b39FeatureCustomer request
Version 6.16.0 (09/08/2013)
Version 6.15.2 (05/07/2013)
- Commit 4dffeOptimizationEnhancement of the review procedure of Nessus entries.
Version 6.15.1 (28/06/2013)
- Commit 4b14bOptimizationOptimizing the plausability checks during vulnerability moderation to prevent contradicting and wrong data.
Version 6.15.0 (19/06/2013)
Version 6.14.1 (11/06/2013)
- Commit 0b61cOptimizationUpdating large quantities of vulnerabilities is now improved thanks to incremental updates.
Version 6.14.0 (03/06/2013)
- Commit 207dbFeatureAdded support for screenshots per entries to illustrate attacks and countermeasures. More information.
- Commit 207dbFeatureAdded support to embed external videos per entries to illustrate attacks and countermeasures. Videos can be hosted at YouTube and Vimeo. More information.
Version 6.13.0 (31/05/2013)
- Commit 22b2bFeatureAdded the capability to add quotes from advisories to enrich entries.
- Commit 22b2bFeatureAdded the capability to add links to videos for a vulnerability.
Version 6.12.0 (29/04/2013)
- Commit 57d8eFeature
Version 6.11.0 (11/04/2013)
- Commit 6a9d2FeatureAdded the capability to list multiple different products in an affected list. This is done additionally to the main product that is affected by a vulnerability.
Version 6.10.2 (04/04/2013)
- Commit 239acOptimizationEnhanced input validation mechanism during vulnerability management to prevent mistakes regarding vendor/product definitions.
Version 6.10.1 (28/03/2013)
- Commit 497c0OptimizationOptimization of logging and tracking of queued items processed by the moderation team.
Version 6.10.0 (19/03/2013)
- Commit c46f6FeatureAdded input validation mechanisms during vulnerability management.
- Commit bc987OptimizationOptimized input validation mechanisms during vulnerability management.
Version 6.9.1 (09/01/2013)
- Commit b0410BugfixFixed an issue in the database. This did only affect moderation of vulnerabilities and was not reflected on the user-side of the service.
Version 6.9.0 (21/12/2012)
- Commit 79a9bFeatureAdded a feature to normalize terms between different vulnerability entries.
Version 6.8.1 (26/11/2012)
- Commit d0a20OptimizationPrepared the support for Milw0rm data for entries with an ID up to 50000.
Version 6.8.0 (31/10/2012)
- Commit d83e7FeatureCustomer request
Version 6.7.0 (15/10/2012)
- Commit 5a191FeatureCustomer request
Version 6.6.0 (01/10/2012)
- Commit 61e91FeatureCustomer request
- Commit 58566BugfixFixed an upload problem of new entries into the database.
Version 6.5.0 (24/09/2012)
- Commit a75e7FeatureCustomer request
Version 6.4.0 (04/07/2012)
- Commit a681eFeatureMigrating all available data from NASLDB.
Version 6.3.0 (18/06/2012)
- Commit 98ea9FeatureCustomer request
- Commit 7b83dBugfixFixed a problem in the German module responsible to handle umlauts.
Version 6.2.2 (05/06/2012)
- Commit 895eaOptimizationOptimizing the autocomplete feature to update new entries with historical data.
Version 6.2.1 (10/04/2012)
Version 6.2.0 (13/03/2012)
- Commit e00e9FeatureAdded support for better linking to external sources.
Version 6.1.1 (09/03/2012)
Version 6.1.0 (08/03/2012)
- Commit c17b6FeatureAdded the calculation of the exposure time which measures the time of the disclosure and the mitigation possibilities of a vulnerability.
- Commit 23aa8OptimizationReviewed all available data of OSVDB.
Version 6.0.0 (06/03/2012)
- Commit 934a4OptimizationOptimization of summaries and descriptions.
- Commit 3484cFeatureAdded support to show images of vendors/products.
- Commit 3484cFeatureAdded support for Google dorks to find issues very quickly.
Version 5.2.2 (05/03/2012)
- Commit 90cf5OptimizationPerformance optimization.
Version 5.2.1 (02/03/2012)
- Commit e27acOptimizationPerformance optimization.
Version 5.2.0 (15/02/2012)
- Commit d6183FeatureAdded web import feature for vulnerability moderators to handle new entries based on web resources.
Version 5.1.0 (06/01/2012)
- Commit 2e4edFeatureAdded single import feature for vulnerability moderators to handle single entries outside the regular queueing.
Version 5.0.0 (22/02/2011)
- Commit 04086FeatureEstablishing new database backend with much more possibilities.
Version 4.10.2 (01/12/2010)
- Commit 8b4dfOptimizationMove to more powerful hardware due to increase in access.
Version 4.10.1 (30/07/2010)
Version 4.10.0 (10/06/2010)
- Commit 57677FeatureAdding Alert Info on web site to inform visitors about latest critical issue.
- Commit 80bfaFeatureDelivering ads for non-paying and unauthenticated users.
- Commit acc6fOptimizationOptimizing database structure for more flexibility and performance.
Version 4.9.0 (08/03/2010)
- Commit dbea0Feature
Version 4.8.1 (10/02/2010)
Version 4.8.0 (08/02/2010)
- Commit 47351FeatureAdding the alert info on top of the site to show the most recent vulnerability with the highest emergency rating.
Version 4.7.2 (05/02/2020)
- Commit 1a52bOptimizationImprovement of VulDB alert system.
Version 4.7.1 (02/02/2010)
- Commit aa53eOptimizationImproved summary details per entries. More information.
- Commit bd3fdOptimization
Version 4.7.0 (11/01/2011)
- Commit 90de3FeatureCustomer requestAdded VulDB Alert to inform customers about issues applicable for them.
Version 4.6.0 (16/12/2009)
Version 4.5.0 (27/10/2009)
Version 4.4.0 (03/09/2009)
- Commit 399e8Feature
Version 4.3.0 (25/08/2009)
- Commit 61ad7FeatureCompleting existing entries with most actual data. This includes but is not limited to CVE, Secunia, SecurityTracker, vendor, and confirmation details. More information.
Version 4.2.0 (20/08/2009)
Version 4.1.0 (01/08/2009)
Version 4.0.1 (26/06/2009)
- Commit b47f5Optimization
Version 4.0.0 (23/06/2009)
Version 3.5.0 (01/07/2006)
- Commit 42fffFeature
Version 3.4.0 (19/05/2004)
- Commit a1c50Feature
Version 3.3.0 (01/01/2004)
- Commit a2ec5FeatureIntroduction of Emergency-SMS notification service.
Version 3.2.0 (19/12/2003)
- Commit 37bc3Feature
Version 3.1.0 (18/11/2003)
- Commit 8a989Feature
Version 3.0.0 (01/03/2003)
- Commit d28caFeatureService is completely re-written in Perl and uses a dedicated backend for vulnerability moderation to gain more flexibility.
- Commit 94f12OptimizationBugbase is re-branded as scip VulnDB and hosted on www.scip.ch.
Version 2.0.0 (01/09/2002)
- Commit 51e87OptimizationChanged from static web site to dynamic database (with the kind support of DukeCS).
Version 1.0.0 (01/01/1997)
Interested in the pricing of exploits?
See the underground prices here!