VulnCheck advisories contain curated/generated advisory references for a given cve.
AWS Relational Database Bulletins are official notifications released by Amazon Web Services to address security vulnerabilities and updates in their cloud services and infrastructure. These bulletins provide important information about the vulnerabilities and version configurations for users to apply necessary patches or configuration changes to ensure the security of their systems.
The VulnCheck Botnets index contains data related to various botnets. The index contains listings of botnets and citations for the CVE they have been known to use.
This index contains unrolled VulnCheck generated CPEs.
Browse the cpe-vulnerable index
This index serves as a unified cross-reference between CVE IDs and their equivalent identifiers in other vulnerability databases. It is a growing cross-reference that maps CVE IDs to their equivalent identifiers across the broader vulnerability ecosystem — from regional and governmental databases (JVNDB, EUVD) to platform-specific advisory systems (GHSA) and beyond. As more sources are onboarded, the index expands to cover an increasingly complete picture of how a single vulnerability is tracked across the world.
Browse the cves_identity_mappings index
Draeger Security Advisories are official notifications released by Draeger to address security vulnerabilities and updates in their cloud services and infrastructure. These bulletins provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or configuration changes to ensure the security of their systems.
The VulnCheck EOL index contains a set of operating systems with associated end-of-life and long term support information.
Exploit chains advisories are a type of security advisory that focus on the combination of multiple exploits or vulnerabilities that together create a more significant security risk. These advisories typically describe how an attacker could use multiple vulnerabilities in sequence to achieve a desired outcome, such as gaining unauthorized access to a system or stealing sensitive information.
Browse the exploit-chains index
VulnCheck Exploit Intelligence helps organizations track all of the world’s exploit proof-of-concept code, exploited in-the-wild information, and exploit metadata including timelines, to focus remediation resources on the right vulnerabilities.
Provides a history of the changes made to an exploits record.
Browse the exploits-changelog index
The initial-access index contains data on Initial Access exploits. These exploits are typically the most high impact exploit published. These vulnerabilities, also sometimes referred to as Remote Code Execution (RCE) vulnerabilities, are remote in nature, and typically do not require credentials to exploit.
Browse the initial-access index
This is a backup-only index for Initial Access detection artifacts hosted on git.vulncheck.com. This backup is only available to licensed subscribers of Initial Access Intelligence.
Browse the initial-access-git index
The VulnCheck IOC Botnets index contains curated indicators of compromise associated with known botnet families. A botnet is a network of compromised devices under the control of a threat actor, commonly used to conduct distributed denial-of-service attacks, deliver malware, exfiltrate data, or perform large-scale fraud.
The VulnCheck IOC Threat Actors index contains curated indicators of compromise associated with known advanced persistent threat (APT) groups and known threat actors. Threat actors are individuals or organized groups who deliberately conduct malicious cyber operations — often with geopolitical, financial, or espionage motivations — targeting governments, critical infrastructure, and enterprises.
Browse the ioc-threat-actors index
The VulnCheck IOC Ransomware index contains curated indicators of compromise associated with named ransomware groups and their campaigns. Ransomware is a category of malware used by criminal organizations to encrypt victim data or systems and extort payment in exchange for restoration of access.
Browse the ioc-ransomware index
The 10-Day IP Intelligence index contains the IP address and geolocation of potentially vulnerable systems that may be targeted by initial access exploits as well as command and control (C2) attacker infrastructure.
The 30-Day IP Intelligence index contains the IP address and geolocation of potentially vulnerable systems that may be targeted by initial access exploits as well as command and control (C2) attacker infrastructure.
The 3-Day IP Intelligence index contains the IP address and geolocation of potentially vulnerable systems that may be targeted by initial access exploits as well as command and control (C2) attacker infrastructure.
The 90-Day IP Intelligence index contains the IP address and geolocation of potentially vulnerable systems that may be targeted by initial access exploits as well as command and control (C2) attacker infrastructure.
This index contains information related to malicious extensions for Microsoft's Visual Studio Code.
Browse the malicious-vscode-exts index
Provides a map between certain MITRE ATT&CK technique IDs and applicable CVEs.
Browse the mitre-attack-cve index
NIST NVD (National Institute of Standards and Technology National Vulnerability Database) version 1.0 is an early release of a comprehensive repository of vulnerability information and security-related data. It serves as a valuable resource for cybersecurity professionals, researchers, and organizations by providing detailed information on known software vulnerabilities, including their severity, impact, and associated references. NVD version 1.0 offers a structured format for accessing and analyzing vulnerability data, aiding in the identification and mitigation of security risks across various software and hardware products.
NIST NVD 2.0 CPE Match Advisories are a type of security advisory that provides information about Common Platform Enumeration (CPE) matches associated with vulnerabilities in the National Vulnerability Database (NVD) 2.0. CPEs are standardized identifiers for software applications, operating systems, and other IT systems, and are used to help organizations identify and track vulnerabilities and other security issues. NIST NVD 2.0 CPE Match Advisories provide information about the CPEs associated with specific vulnerabilities listed in the NVD 2.0. This information can help organizations better understand the scope and potential impact of a given vulnerability, and to take appropriate action to mitigate the associated risks. NIST NVD 2.0 CPE Match Advisories may also include information about known exploits or other factors that may increase the severity of a given vulnerability. By leveraging the information provided by NIST NVD 2.0 CPE Match Advisories, organizations can gain a deeper understanding of potential security risks and vulnerabilities, and develop more effective strategies for mitigating those risks. The advisories can also help organizations to prioritize their response to potential security incidents, and to ensure that critical systems and applications are appropriately secured and protected against advanced and persistent threats. Overall, NIST NVD 2.0 CPE Match Advisories are an important tool for organizations looking to maintain the security and integrity of their networks and systems.
Browse the nist-nvd2-cpematch index
This Index contains information about CNAs, such as email addresses, official names, UUIDs used in NVD records. This allows us to lookup the UUIDs in NVD records and retrieve CNA names.
Browse the nist-nvd2-sources index
NVD's CPE dictionary
Browse the nvd-cpe-dictionary index
The VulnCheck Ransomware index contains data related to various ransomware. The index contains listings of ransomware groups and citations for the CVE they have been known to use.
VulnCheck Target Intel
The VulnCheck Threat Actors index contains data related to various threat actors.
Browse the threat-actors index
A dictionary of CPEs used in the construction of VCConfigurations.
Browse the vc-cpe-dictionary index
VulnCheck Security Advisories are official advisories released by VulnCheck to address security vulnerabilities and updates. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure security.
VulnCheck Canaries provides direct evidence of real-world exploitation attempts observed by VulnCheck’s own global network of canaries. Each event links attacks back to specific CVEs, exploit signatures, and source IPs, giving defenders high-confidence intelligence that a vulnerability is actively being targeted in the wild.
Browse the vulncheck-canaries index
VulnCheck Canaries provides direct evidence of real-world exploitation attempts observed by VulnCheck's own global network of canaries. Each event links attacks back to specific CVEs, exploit signatures, and source IPs, giving defenders high-confidence intelligence that a vulnerability is actively being targeted in the wild.
Browse the vulncheck-canaries-10d index
VulnCheck Canaries provides direct evidence of real-world exploitation attempts observed by VulnCheck's own global network of canaries. Each event links attacks back to specific CVEs, exploit signatures, and source IPs, giving defenders high-confidence intelligence that a vulnerability is actively being targeted in the wild.
Browse the vulncheck-canaries-30d index
VulnCheck Canaries provides direct evidence of real-world exploitation attempts observed by VulnCheck's own global network of canaries. Each event links attacks back to specific CVEs, exploit signatures, and source IPs, giving defenders high-confidence intelligence that a vulnerability is actively being targeted in the wild.
Browse the vulncheck-canaries-3d index
VulnCheck Canaries provides direct evidence of real-world exploitation attempts observed by VulnCheck's own global network of canaries. Each event links attacks back to specific CVEs, exploit signatures, and source IPs, giving defenders high-confidence intelligence that a vulnerability is actively being targeted in the wild.
Browse the vulncheck-canaries-90d index
VulnCheck configurations contain curated/generated cpe configurations for a given cve based off of data from multiple sources (e.g. MITRE, MS-CVRF, etc.).
Browse the vulncheck-config index
VulnCheck CVEList-V5 is a collection of publicly disclosed cybersecurity vulnerabilities by NIST that aims to identify, define and catalog publicly disclosed cybersecurity vulnerabilities. VulnCheck has curated and enhanced the data present in the NIST vulnerabilities.
Browse the vulncheck-cvelist-v5 index
The VulnCheck Known Exploit Vulnerabilities catalog contains a list of exploited vulnerabilities known to VulnCheck
Browse the vulncheck-kev index
NVD 2.0 CVE data formatted according to the NVD 1.0 CVE schema augmented with VulnCheck data.
Browse the vulncheck-nvd index
NIST NVD CVE 2.0 API data supplemented with VulnCheck Data
Browse the vulncheck-nvd2 index
The Vulnerability Aliases index contains the names or aliases associated with a particular vulnerability. Examples: Log4Shell, LogJam, HeatBleed, etc.