Recent Initial Access activity
CrushFTP Arbitrary File Read via SSTI was added on Apr, 25 and is found in 1 product.
View more detail on CVE-2024-4040
PAN-OS GlobalProtect Path Traversal and Command Injection was added on Apr, 18 and is found in 1 product.
View more detail on CVE-2024-3400
Fortra FileCatalyst Workflow Path Traversal was added on Mar, 25 and is found in 1 product.
View more detail on CVE-2024-25153
Jenkins Arbitrary File Read was added on Apr, 24 and is found in 1 product.
View more detail on CVE-2024-23897
Progress Kemp Flowmon RCE was added on Apr, 9 and is found in 1 product.
View more detail on CVE-2024-2389
Artica Proxy PHP Deserialization was added on Apr, 7 and is found in 1 product.
View more detail on CVE-2024-2054
Fortinet FortiClient EMS SQL Injection was added on Mar, 31 and is found in 1 product.
View more detail on CVE-2023-48788
CrushFTP File Move to Password Leak was added on Apr, 1 and is found in 1 product.
View more detail on CVE-2023-43177
Home Assistant Supervisor Authentication Bypass was added on Apr, 21 and is found in 1 product.
View more detail on CVE-2023-27482
PHPUnit eval-stdin.php was added on Apr, 3 and is found in 1 product.
View more detail on CVE-2017-9841
Huawei EchoLife HG532 UPNP Command Injection was added on Apr, 7 and is found in 1 product.
View more detail on CVE-2017-17215
13 New Indices
VulnCheck Advisories
VulnCheck advisories contain curated/generated advisory references for a given cve.
Atlassian Vulnerabilities
Atlassian vulnerabilities are official notifications released by Atlassian to address security vulnerabilities and updates in their software products. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems. Security advisories for Atlassian server products are released every Wednesday.
Browse the atlassian-vulns index
Ivanti Security Advisories
Ivanti security advisories are official notifications released by Ivanti to address security vulnerabilities and updates in their software products. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
VulnCheck Configurations
VulnCheck configurations contain curated/generated cpe criteria matches for a given cve based off of the Mitre CVE dataset and NVD dictionary and VulnCheck CPE dictionary.
Browse the vulncheck-config index
Github Security Advisories
Github Security Advisories are official notifications released by Github to address security vulnerabilities and updates. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure security.
Browse the github-security-advisories index
Anchore NVD Data Overrides
Anchore NVD Data Overrides is an index of data overrides for the NVD dataset curated by Anchore that provides additional data that might be missing from NVD.
Browse the anchore-nvd-override index
Atredis Partners Security Advisories
Atredis Partners security advisories are official notifications released by Atredis Partners to address security vulnerabilities and updates in third party products. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
The Exploit Database
The Exploit Database (ExploitDB) is an archive of public exploits curated by OffSec.
Node.js Security Working Group Advisories
Node.js security working group advisories are official notifications released by the Node.js Security Working Group to address security vulnerabilities and updates in the node and npm software ecosystems. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Browse the node-security index
Japan Vulnerability Notes
Japan vulnerability notes are official notifications released by the Japan CERT (JPCERT) to address security vulnerabilities and updates. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure security.
Trane Technology Product Security Advisories
Trane Technology product security advisories are official notifications released by Trane Technology to address security vulnerabilities and updates in their software products. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Browse the trane-technology index
Elspec Security Advisories
Elspec security advisories are official notifications released by Elspec to address security vulnerabilities and updates in their software products. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
Container OS Release Notes
Container OS security advisories are official notifications released by Google to address security vulnerabilities and updates in the container optimized operating system. These security advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.
- 18 new initial-access advisories
- 7 new indices
- 32 new initial-access advisories
- 6 new indices
- 29 new Initial Access advisories
- 16 New indices
- 4 New Features
- 13 new Initial Access advisories
- 15 New indices
- 13 New indices
- 11 new Initial Access entries
- New Initial Access features
- 3 New indices including Microsoft KB list by CVE
- 5 new Initial Access entries
- Upgraded dashboard, and the VulnCheck KEV Browser
- 6 New indices including OpenCloud Vulnerability & Security Issue Database
- 5 New Initial Access artifacts
- New Features
- 3 New Advisories
- 10 New Indices
- CVE Browser
- 4 new Initial Access advisories
- New query parameters for the ipintel-* IP Intelligence indexes and more
- 33 new indices including Microsoft Security Updates
- Introducing VulnCheck IP Intelligence
- 5 new Initial Access advisories
- 17 new indices
- Recent IA activity including Apache Druid Log4Shell and ownCloud graphapi
- 17 new Indices including LG security, and several Apache projects
- 20 new Indices including mitre-attack-cve, botnets, and ransomware
- 5 new Indices including osv and cbl-mariner
- New Changelog Initial Access Details
- 20 new indices including nokia, blackberry, and iava
- Search for aliases in all indices
- 30 new indices including checkpoint, jetbrains, and bitdefender
- New indices: epss, vulnerability-aliases, and threat-actors
- More Indices: kubernetes, rustsec-advisories, hashicorp, wolfssl, zoom, and salesforce
- New Documentation Portal
- 64 New Indices
- New Index: vulncheck-nvd2 - NIST NVD V2.0 data supplemented with VulnCheck Data
- New Indices: twcert, vde, watchguard, vyaire, and ubiquiti
- New Indices: usom, zimba, zyxel, yokogawa, nodejs, and hkcert
- We have a booth at BlackHat. Come say hi!
- New Indices: schneider-electric, dell, arch, debian, rocky, and wolfi
- Fixes to the github-exploits backup
- New Indexes: vulncheck-nvd, eol and many more
- New Indexes: nist-nvd and many more
- Multi-region support for backups
- Portal Feature: Employee Invitations
- New package managers for PURL queries
- 13 New Indexes
- OPAM, Wolfi and Swift support for PURL queries
- New V3 Exploits Index
- About 25+ more Indices
- We are now a CVE Numbering Authority
- Postman collection support
- New package managers added to our PURL support
- Providing Fixed Version in OS package manager support
- New package types support for PURL: Maven, PHP, Ruby, and Rust
- 5 New Indices: ABB, AlmaLinux, Alpine Linux, AWS and Apple
- New Endpoint: Request vulns related to a PURL
- Snort Rule added to initial-access index
- New Endpoint: Request vulns related to a CPE
- New Index: Debian Security Tracker
- Welcome to the VulnCheck Changelog
- New Indices: CNVD Flaws and CNVD Bulletins
