Welcome to Vulners

Vulners.com is the most complete and the only fully correlated security intelligence database, which goes through constant updates and links 200+ data sources in a unified machine-readable format. It contains 8 mln+ entries, including CVEs, advisories, exploits, and IoCs — everything you need to stay abreast on the latest security threats.

The following documentation will answer any questions you may have.

Lucene-based queries

The Vulners database is based on a search engine with Lucene queries, which you can use in your requests:

• AND "apache" AND "vulnerabilities"
• OR "apache" OR "Lucene"
• NOT NOT type:"robot"
• Boolean Operators
• Grouping (Lucene OR apache) AND website
• Special characters + - && || ! ( ) { } [ ] ^ " ~ * ? : \
• Range Searches status:[400 TO 499]

Below are some basic examples for clarity.

Examples and search snippets

• Your website unpatched vulnerabilities at the Openbugbounty:

  type:openbugbounty AND title:"your-domain-here.com" AND openbugbounty.patchStatus:unpatched

• Software vulnerabilities, e.g., Firefox:

  affectedSoftware.name:"firefox" OR affectedPackage.packageName:"firefox" OR cpe:*firefox* order:published

• Software vulnerabilities for exact version. Nginx 1.11.0 vulnerabilities:

  affectedSoftware.name:nginx AND affectedSoftware.version:"1.11.0"

• Software vulnerabilities, wildcard version, CVSS score range. Nginx 1.9* and CVSS score between 7 to 10:

  affectedSoftware.name:nginx AND affectedSoftware.version:1.9* AND cvss.score:[7 TO 10]

• Package vulnerabilities in some OS. Installed packages vulnerabilities for any PHP in SUSE:

  affectedPackage.packageName:php* AND type:suse order:published

• Search for php4 vulnerabilities in SUSE and CentOS or php4 exploits, excluding OpenVAS and Nessus plugins:

  (affectedPackage.packageName:php4* AND (type:suse OR type:centos)) OR (title:php4 AND bulletinFamily:exploit) -type:openvas -type:nessus order:published

• Looking for affected CVE number in collection. OpenWRT vulnerabilities for CVE-2016-0799:

  type:openwrt AND cvelist:CVE-2016-0799

• Extension vulnerabilities in TYPO3. Vulnerable div2007 extension for TYPO3:

  affectedSoftware.name:div2007 AND type:typo3

• AWS сredentials leakage in Android Google Play repository:

  type:hackapp AWS credentials

• Nmap NSE scripts updates:

  type:nmap order:published

• Most expensive publicly disclosed Yahoo vulnerabilities:

  h1team.handle:yahoo order:bounty

• Exploits with "Selinux" in source code sorted by CVSS score:

  type:exploitdb sourceData:SELinux order:cvss.score

• Microsoft vulnerabilities with CVSS score in range 6 to 10 in CVE catalog sorted by date:

  (type:cve AND cvss.score:[6 TO 10] AND description:"Microsoft") order:published

• Search CentOS vulnerabilities with title, starting with "Critical" or "Important" and NETWORK in CVSS vector:

  (type:centos AND (title:"Critical" OR title:"Important") AND cvss.vector:"AV:NETWORK") order:published

• Use * to find an existing field and - to find a missing field:

  bulletinFamily:ioc AND tags:* AND -iocType:ip