VulnCheck Exploit Intelligence helps organizations track all of the world’s exploit proof-of-concept code, exploited in-the-wild information, and exploit metadata including timelines, to focus remediation resources on the right vulnerabilities.
Some changes in v3 to note:
- Consistent date formats
- The separation of 'exploits' from 'reports of exploitation'
Adobe Security Bulletins are official notifications released by Adobe Systems to address security vulnerabilities and updates in their software products. These bulletins provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
AusCERT Bulletins are periodic publications issued by AusCERT to inform their members about the latest cybersecurity threats, vulnerabilities, and incidents. These bulletins provide concise summaries, technical details, and recommended actions to mitigate risks and protect systems and networks. They serve as valuable resources for organizations seeking up-to-date information and guidance to enhance their security defenses.
B&R Security Bulletins are regular notifications released by B&R Industrial Automation, a leading provider of automation solutions. These bulletins aim to address security vulnerabilities and provide updates related to B&R's products and software. They offer important information on potential risks, recommended patches or updates, and best practices to enhance the security of B&R automation systems deployed in various industries.
Baxter Security Advisories are official notifications issued by Baxter International, a global healthcare company, to address security vulnerabilities and updates in their medical devices and software. These advisories inform healthcare professionals and users about potential risks, recommended actions, and available patches or updates to ensure the security and integrity of Baxter's products. They play a crucial role in promoting patient safety and guiding healthcare organizations in implementing necessary security measures.
Beckhoff Advisories are security notifications issued by Beckhoff Automation, a prominent provider of automation technology. These advisories inform customers and users about potential vulnerabilities, patches, and mitigations related to Beckhoff's hardware, software, and industrial control systems. They provide essential information and guidance to help organizations protect their automation infrastructure and ensure the secure operation of their Beckhoff-based systems.
Belden Security Bulletins are regular notifications issued by Belden Inc., a global leader in signal transmission solutions. These bulletins provide updates, advisories, and recommendations related to the security of Belden's products and systems, including network infrastructure, industrial control systems, and data centers. They serve as a valuable resource for Belden customers and users to stay informed about potential vulnerabilities, best practices, and available patches or updates to ensure the security and reliability of their communication networks.
Bosch Security Advisories are official notifications released by Bosch, a renowned technology company, to address security vulnerabilities and updates in their security products and solutions. These advisories provide detailed information on identified vulnerabilities, potential risks, and recommended actions to mitigate security threats. By promptly informing customers and users about vulnerabilities and offering guidance, Bosch Security Advisories help maintain the integrity and resilience of their security systems and protect against potential cyberattacks.
Boston Scientific Advisories are official notifications released by Boston Scientific Corporation, a global medical technology company. These advisories inform healthcare professionals and users about important updates, safety concerns, and recommended actions related to Boston Scientific medical devices and therapies. They play a critical role in ensuring patient safety and guiding healthcare providers in implementing necessary measures to address potential risks and maintain the proper functioning of Boston Scientific products.
Canvas Exploit Packs developed by Gleg are powerful tools used in penetration testing and vulnerability assessment. These exploit packs provide a comprehensive range of exploits and attack vectors to assess the security of computer systems and applications. With their extensive collection of exploits, Canvas Exploit Packs enable security professionals to simulate real-world attacks and identify vulnerabilities, ultimately helping organizations strengthen their defenses against potential threats.
Carestream Product Security Advisories are official notifications released by Carestream Health, a leading provider of medical imaging and healthcare IT solutions. These advisories address security vulnerabilities and updates related to Carestream's products and software in the healthcare industry. They provide essential information, including the nature of the vulnerability, potential risks, recommended actions, and available patches or updates to mitigate security risks and ensure the confidentiality, integrity, and availability of patient data and healthcare systems. Carestream Product Security Advisories are crucial in helping healthcare organizations maintain a secure and protected environment for patient care.
CentOS Security Advisories are official notifications issued by the CentOS project, a popular open-source Linux distribution. These advisories provide information on security vulnerabilities, patches, and updates relevant to CentOS operating systems. They help CentOS users stay informed about potential risks, recommended actions, and available fixes to maintain the security and stability of their CentOS-based systems. CentOS Security Advisories play a vital role in assisting system administrators and users in effectively managing and securing their CentOS deployments.
CISA (Cybersecurity and Infrastructure Security Agency) Alerts are official notifications issued by the United States' primary federal agency responsible for cybersecurity. These alerts provide timely and actionable information on emerging cyber threats, vulnerabilities, and incidents affecting critical infrastructure sectors. CISA Alerts offer guidance, recommended mitigation measures, and best practices to enhance the security and resilience of organizations, promoting a proactive approach to protecting critical systems and networks from cyber threats.
Citrix Security Advisories are official notifications released by Citrix Systems, a leading provider of digital workspace and networking solutions. These advisories address security vulnerabilities and updates in Citrix products, such as Citrix ADC, Citrix Gateway, and Citrix Virtual Apps and Desktops. They provide detailed information about the vulnerabilities, potential impact, and recommended actions, including patches or workarounds, to mitigate the risks. Citrix Security Advisories play a crucial role in helping organizations maintain the security and integrity of their Citrix deployments and protect against potential cyber threats.
CloudVulnDB is a comprehensive and continuously updated database that focuses on cataloging security vulnerabilities specific to cloud services and environments. It provides detailed information about vulnerabilities, including their impact, severity, affected platforms, and recommended mitigation strategies. CloudVulnDB serves as a valuable resource for security professionals and organizations seeking to proactively identify and address vulnerabilities in their cloud infrastructure, enabling them to enhance their overall security posture.
CODESYS Advisories are official notifications issued by CODESYS, a widely used development environment for programming industrial control systems. These advisories highlight security vulnerabilities, patches, and updates related to the CODESYS software. They provide important information on potential risks, recommended actions, and available fixes to address vulnerabilities and protect industrial automation systems from potential cyber threats. CODESYS Advisories help ensure the secure operation of control systems and assist system integrators and operators in maintaining the integrity and reliability of their industrial processes.
The MITRE Common Weakness Enumeration (CWE) is a community-developed list of common software security weaknesses. The CWE is maintained by the MITRE Corporation, a not-for-profit organization that operates federally funded research and development centers (FFRDCs) sponsored by the U.S. government. The CWE is a valuable resource for software developers, security professionals, and other stakeholders in the software industry. It provides a standardized way to identify and describe common software security weaknesses, which helps to improve the security of software systems and applications.
Emerson Cyber Security Notifications are official alerts and notifications provided by Emerson, a global technology and engineering company. These notifications highlight emerging cyber threats, vulnerabilities, and security updates related to Emerson's automation and control systems. They provide critical information, recommendations, and patches to enhance the cybersecurity posture of industrial environments and protect critical infrastructure from potential cyberattacks. Emerson Cyber Security Notifications play a crucial role in keeping users and operators informed about evolving cyber threats and helping them implement proactive measures to safeguard their systems and assets.
FortiGuard, by Fortinet, is a comprehensive and integrated security platform that offers threat intelligence, research, and protection against a wide range of cyber threats. It provides real-time updates on the latest threats and vulnerabilities, including malware, exploits, and botnets, enabling organizations to proactively defend their networks and systems. FortiGuard's threat intelligence and security services are a key component of Fortinet's security solutions, delivering advanced protection and continuous monitoring to safeguard against evolving cyber threats.
Hillrom Advisories are official notifications released by Hillrom, a leading global medical technology company. These advisories address security vulnerabilities and updates in Hillrom's medical devices and healthcare IT solutions. They provide critical information about potential risks, recommended actions, and available patches or updates to ensure the security and privacy of patient data and the proper functioning of Hillrom products. Hillrom Advisories play a crucial role in helping healthcare providers maintain a secure and reliable environment for patient care while mitigating potential cybersecurity risks.
Hitachi Software Vulnerability Information provides updates and notifications about security vulnerabilities and related software updates in Hitachi's software products. These notifications highlight potential risks, impacts, and recommended actions to mitigate vulnerabilities and protect systems from cyber threats. Hitachi Software Vulnerability Information serves as a valuable resource for organizations using Hitachi software, enabling them to stay informed and take proactive measures to maintain the security and integrity of their software deployments.
Gov.il Security Alerts are official notifications issued by the Israeli government to provide timely information and updates on cybersecurity threats, vulnerabilities, and incidents. These alerts aim to raise awareness among government entities, critical infrastructure sectors, and the public about emerging cyber threats and provide recommended actions to mitigate risks. Gov.il Security Alerts play a crucial role in promoting cybersecurity readiness, fostering collaboration, and ensuring the resilience of Israel's digital infrastructure in the face of evolving cyber threats.
Gov.il CVE Security Advisories are official notifications released by the Israeli government to address security vulnerabilities identified through the Common Vulnerabilities and Exposures (CVE) system. These advisories provide detailed information about specific vulnerabilities, their potential impact, and recommended actions to mitigate the risks. Gov.il CVE Security Advisories serve as a valuable resource for government entities and organizations in Israel, offering guidance on necessary patches, updates, or mitigations to maintain the security and integrity of their systems and infrastructure.
Johnson & Johnson's Vulnerability Disclosure Reporting is a process through which individuals or security researchers can responsibly report potential vulnerabilities in Johnson & Johnson's products, services, or systems. By providing a clear and accessible mechanism for vulnerability disclosure, Johnson & Johnson encourages collaboration and responsible reporting, allowing them to address identified vulnerabilities promptly. This proactive approach helps ensure the security and safety of Johnson & Johnson's products and enhances their commitment to protecting customer data and maintaining the trust of their stakeholders.
Kaspersky ICS CERT (Industrial Control Systems Computer Emergency Response Team) is a specialized unit within Kaspersky that focuses on cybersecurity for industrial control systems. It provides dedicated services, expertise, and resources to help organizations secure their critical infrastructure and operational technology environments. Kaspersky ICS CERT offers threat intelligence, incident response, vulnerability assessment, and advisory services tailored to the unique challenges of industrial control systems security.
KR-CERT (Korea Internet & Security Agency Computer Emergency Response Team) Security Notices are official notifications issued by KR-CERT, the national computer emergency response team of South Korea. These notices provide information about emerging cyber threats, vulnerabilities, and incidents that affect the South Korean cyberspace. KR-CERT Security Notices offer guidance, recommended actions, and mitigation strategies to assist organizations and individuals in improving their cybersecurity defenses and responding effectively to cyber threats. They play a vital role in enhancing the overall cybersecurity posture of South Korea and fostering a safer digital environment.
KR-CERT (Korea Internet & Security Agency Computer Emergency Response Team) provides valuable information on vulnerabilities that affect the South Korean cyberspace. Through vulnerability advisories, KR-CERT highlights specific vulnerabilities, their impact, affected systems or software, and recommendations for remediation or mitigation. These vulnerability reports help organizations and individuals in South Korea stay informed and take necessary actions to address vulnerabilities, thus reducing the risk of cyberattacks and enhancing the overall security posture of the country's digital landscape.
MaCERT (Morocco Computer Emergency Response Team) advisories are official notifications released by MaCERT, the national computer emergency response team of Morocco. These advisories provide information and guidance on emerging cyber threats, vulnerabilities, and incidents affecting the Moroccan cyberspace. MaCERT advisories aim to raise awareness, provide actionable recommendations, and foster a proactive approach to cybersecurity within the country. By disseminating important information and best practices, MaCERT advisories help organizations and individuals in Morocco enhance their cybersecurity defenses and protect against evolving cyber threats.
- 20 new Indices including mitre-attack-cve, botnets, and ransomware
- 5 new Indices including osv and cbl-mariner
- New Changelog Initial Access Details
- 20 new indices including nokia, blackberry, and iava
- Search for aliases in all indices
- 30 new indices including checkpoint, jetbrains, and bitdefender
- New indices: epss, vulnerability-aliases, and threat-actors
- More Indices: kubernetes, rustsec-advisories, hashicorp, wolfssl, zoom, and salesforce
- New Documentation Portal
- 64 New Indices
- New Index: vulncheck-nvd2 - NIST NVD V2.0 data supplemented with VulnCheck Data
- New Indices: twcert, vde, watchguard, vyaire, and ubiquiti
- New Indices: usom, zimba, zyxel, yokogawa, nodejs, and hkcert
- We have a booth at BlackHat. Come say hi!
- New Indices: schneider-electric, dell, arch, debian, rocky, and wolfi
- Fixes to the github-exploits backup
- New Indexes: vulncheck-nvd, eol and many more
- New Indexes: nist-nvd and many more
- Multi-region support for backups
- Portal Feature: Employee Invitations
- New package managers for PURL queries
- 13 New Indexes
- OPAM, Wolfi and Swift support for PURL queries
- New V3 Exploits Index
- About 25+ more Indices
- We are now a CVE Numbering Authority
- Postman collection support
- New package managers added to our PURL support
- Providing Fixed Version in OS package manager support
- New package types support for PURL: Maven, PHP, Ruby, and Rust
- 5 New Indices: ABB, AlmaLinux, Alpine Linux, AWS and Apple
- New Endpoint: Request vulns related to a PURL
- Snort Rule added to initial-access index
- New Endpoint: Request vulns related to a CPE
- New Index: Debian Security Tracker
- Welcome to the VulnCheck Changelog
- New Indices: CNVD Flaws and CNVD Bulletins