Providing Fixed Version in OS package manager support
We’ve added a fixed_version field to all of the open source library package manager backups. This field is the version of the package that fixes the vulnerability. This is useful for determining if a package is vulnerable to a specific vulnerability. Here is an example
{
"vulnerabilities": [
{
"detection": "CVE-2019-1000007",
"fixed_version": "0.10.3"
}
]
}
New package types support for PURL
We now support the following package types for PURLs:
- Java Maven
- PHP Composer
- Ruby Gems
- Rust Cargo
New Index: ABB Vulnerability Database
ABB vulnerabilities refer to security flaws that can be exploited in products and systems developed by ABB, a multinational technology company. These vulnerabilities can potentially lead to unauthorized access, manipulation of data, and disruption of critical infrastructure.
New Index: AlmaLinux Errata Vulnerabilities
AlmaLinux is a popular community-driven Linux distribution that is built as a replacement for CentOS, which was recently discontinued by Red Hat. Like any other operating system, AlmaLinux is not immune to vulnerabilities and security flaws. Errata vulnerabilities refer to security issues that have been identified in a software system and require a patch or update to fix them. AlmaLinux has a dedicated team that constantly monitors for errata vulnerabilities and releases patches and updates to ensure that the system remains secure.
Browse the alma-linux-errata index
New Index: Alpine Linux Security Database
The Alpine Linux Security Database is a public repository that maintains a comprehensive list of security vulnerabilities that have been identified in the Alpine Linux distribution. This database is an essential resource for Alpine Linux users who want to stay informed about potential security threats and vulnerabilities. The database provides detailed information about each security issue, including its severity level, affected components, and recommended fixes. Additionally, the Alpine Linux Security Team regularly updates the database with new vulnerabilities and patches, ensuring that users have access to the latest information and recommendations for securing their systems. The Alpine Linux Security Database is a critical component of the distribution's security infrastructure, and its transparency and accessibility reflect the project's commitment to ensuring the safety and reliability of its users' systems.
Browse the alpine-linux-secdb index
New Index: Amazon Linux Security Center
The Amazon Linux Security Center is a dedicated portal that provides users of Amazon Linux with a central location for information related to security on the platform. The security center includes access to documentation, guidance, and best practices to help users configure and secure their Amazon Linux environments. The center also provides access to the Amazon Linux AMI vulnerability database, which lists all known security vulnerabilities affecting the operating system, as well as information on how to mitigate each vulnerability.
New Index: Apple Security Updates
Apple regularly releases security updates to address vulnerabilities in its operating systems, software applications, and devices. These updates are critical for maintaining the security of Apple products and protecting users from potential cyber threats. Apple encourages users to promptly install security updates to ensure that their devices are protected against known vulnerabilities and to stay vigilant against potential new threats.
- 18 new initial-access advisories
- 7 new indices
- 32 new initial-access advisories
- 6 new indices
- 29 new Initial Access advisories
- 16 New indices
- 4 New Features
- 13 new Initial Access advisories
- 15 New indices
- 13 New indices
- 11 new Initial Access entries
- New Initial Access features
- 3 New indices including Microsoft KB list by CVE
- 5 new Initial Access entries
- Upgraded dashboard, and the VulnCheck KEV Browser
- 6 New indices including OpenCloud Vulnerability & Security Issue Database
- 5 New Initial Access artifacts
- New Features
- 3 New Advisories
- 10 New Indices
- CVE Browser
- 4 new Initial Access advisories
- New query parameters for the ipintel-* IP Intelligence indexes and more
- 33 new indices including Microsoft Security Updates
- Introducing VulnCheck IP Intelligence
- 5 new Initial Access advisories
- 17 new indices
- Recent IA activity including Apache Druid Log4Shell and ownCloud graphapi
- 17 new Indices including LG security, and several Apache projects
- 20 new Indices including mitre-attack-cve, botnets, and ransomware
- 5 new Indices including osv and cbl-mariner
- New Changelog Initial Access Details
- 20 new indices including nokia, blackberry, and iava
- Search for aliases in all indices
- 30 new indices including checkpoint, jetbrains, and bitdefender
- New indices: epss, vulnerability-aliases, and threat-actors
- More Indices: kubernetes, rustsec-advisories, hashicorp, wolfssl, zoom, and salesforce
- New Documentation Portal
- 64 New Indices
- New Index: vulncheck-nvd2 - NIST NVD V2.0 data supplemented with VulnCheck Data
- New Indices: twcert, vde, watchguard, vyaire, and ubiquiti
- New Indices: usom, zimba, zyxel, yokogawa, nodejs, and hkcert
- We have a booth at BlackHat. Come say hi!
- New Indices: schneider-electric, dell, arch, debian, rocky, and wolfi
- Fixes to the github-exploits backup
- New Indexes: vulncheck-nvd, eol and many more
- New Indexes: nist-nvd and many more
- Multi-region support for backups
- Portal Feature: Employee Invitations
- New package managers for PURL queries
- 13 New Indexes
- OPAM, Wolfi and Swift support for PURL queries
- New V3 Exploits Index
- About 25+ more Indices
- We are now a CVE Numbering Authority
- Postman collection support
- New package managers added to our PURL support
- Providing Fixed Version in OS package manager support
- New package types support for PURL: Maven, PHP, Ruby, and Rust
- 5 New Indices: ABB, AlmaLinux, Alpine Linux, AWS and Apple
- New Endpoint: Request vulns related to a PURL
- Snort Rule added to initial-access index
- New Endpoint: Request vulns related to a CPE
- New Index: Debian Security Tracker
- Welcome to the VulnCheck Changelog
- New Indices: CNVD Flaws and CNVD Bulletins
