New Features
- Added Microsoft threat actor names, where possible, to all of our tracked threat actors. Previously, VulnCheck supported CrowdStrike & Dragos naming schemes, but with this addition, adds Microsoft’s naming scheme as well.
- Added explicit country of origin associations with threat actor groups where possible. Previously, VulnCheck included country of origin designations for threat actor groups tracked by MISP, but with this addition, adds our own country of origin designations where possible.
Recent Initial Access activity
Confluence Template Injection (text-inline.vm) was added on Jan, 21 and is found in 2 products.
View more detail on CVE-2023-22527
Fortra GoAnywhere MFT Authentication Bypass was added on Jan, 22 and is found in 1 product.
View more detail on CVE-2024-0204
Grandstream UCM PBX Parameter Injection was added on Jan, 24 and is found in 4 products.
View more detail on CVE-2024-0840
11 new indices
MISP Threat Actors
MISP Threat Actors is an open source list of known threat actors for the MISP (Malware Information Sharing Program) Open Source Threat Intelligence Sharing Platform.
Browse the misp-threat-actors index
Libre Office Security Advisories
Libre Office security advisories are official notifications released by the open source Libre Office project to address security vulnerabilities and updates in the open source Libre Office project. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Wibu Systems Security Advisories
Wibu Systems security advisories are official notifications released by Wibu Systems to address security vulnerabilities and updates in their software products. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
HarmonyOS Security Updates
HarmonyOS security updates are official notifications released by the HarmonyOS security team to address security vulnerabilities and updates in their software products. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Mindray Cybersecurity Advisories
Mindray cybersecurity advisories are official notifications released by Mindray to address security vulnerabilities and updates in their software products. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Abbott Product Advisories
Abbott product advisories are official notifications released by Abbott to address security vulnerabilities and updates in their software products. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Axis OS Security Advisories
Axis OS security advisories are official notifications released by Axis to address security vulnerabilities and updates in their software products. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
AWS Security Bulletins
AWS security bulletins are official notifications released by Amazon Web Services to address security vulnerabilities and updates in their software products. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Appgate SDP Security Advisories
Appgate SDP security advisories sare official notifications released by Appgate to address security vulnerabilities and updates in their software products. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
GCP Security Bulletins
GCP security bulletins are official notifications released by Google Cloud to address security vulnerabilities and updates in their software products. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
- 18 new initial-access advisories
- 7 new indices
- 32 new initial-access advisories
- 6 new indices
- 29 new Initial Access advisories
- 16 New indices
- 4 New Features
- 13 new Initial Access advisories
- 15 New indices
- 13 New indices
- 11 new Initial Access entries
- New Initial Access features
- 3 New indices including Microsoft KB list by CVE
- 5 new Initial Access entries
- Upgraded dashboard, and the VulnCheck KEV Browser
- 6 New indices including OpenCloud Vulnerability & Security Issue Database
- 5 New Initial Access artifacts
- New Features
- 3 New Advisories
- 10 New Indices
- CVE Browser
- 4 new Initial Access advisories
- New query parameters for the ipintel-* IP Intelligence indexes and more
- 33 new indices including Microsoft Security Updates
- Introducing VulnCheck IP Intelligence
- 5 new Initial Access advisories
- 17 new indices
- Recent IA activity including Apache Druid Log4Shell and ownCloud graphapi
- 17 new Indices including LG security, and several Apache projects
- 20 new Indices including mitre-attack-cve, botnets, and ransomware
- 5 new Indices including osv and cbl-mariner
- New Changelog Initial Access Details
- 20 new indices including nokia, blackberry, and iava
- Search for aliases in all indices
- 30 new indices including checkpoint, jetbrains, and bitdefender
- New indices: epss, vulnerability-aliases, and threat-actors
- More Indices: kubernetes, rustsec-advisories, hashicorp, wolfssl, zoom, and salesforce
- New Documentation Portal
- 64 New Indices
- New Index: vulncheck-nvd2 - NIST NVD V2.0 data supplemented with VulnCheck Data
- New Indices: twcert, vde, watchguard, vyaire, and ubiquiti
- New Indices: usom, zimba, zyxel, yokogawa, nodejs, and hkcert
- We have a booth at BlackHat. Come say hi!
- New Indices: schneider-electric, dell, arch, debian, rocky, and wolfi
- Fixes to the github-exploits backup
- New Indexes: vulncheck-nvd, eol and many more
- New Indexes: nist-nvd and many more
- Multi-region support for backups
- Portal Feature: Employee Invitations
- New package managers for PURL queries
- 13 New Indexes
- OPAM, Wolfi and Swift support for PURL queries
- New V3 Exploits Index
- About 25+ more Indices
- We are now a CVE Numbering Authority
- Postman collection support
- New package managers added to our PURL support
- Providing Fixed Version in OS package manager support
- New package types support for PURL: Maven, PHP, Ruby, and Rust
- 5 New Indices: ABB, AlmaLinux, Alpine Linux, AWS and Apple
- New Endpoint: Request vulns related to a PURL
- Snort Rule added to initial-access index
- New Endpoint: Request vulns related to a CPE
- New Index: Debian Security Tracker
- Welcome to the VulnCheck Changelog
- New Indices: CNVD Flaws and CNVD Bulletins
