Welcome to Vulners

Vulners.com is a security database containing descriptions for a large amount of software vulnerabilities in a machine-readable format. Cross-references between bulletins and continuously updating database keep you abreast of the latest security threats. These documentation pages will answer any questions you may have.

Lucene-based queries

Vulners database is based on search engine with Lucene queries which you can use in your queries:

• AND "apache" AND "vulnerabilities"
• OR "apache" OR "Lucene"
• NOT NOT type:"robot"
• Boolean Operators
• Grouping (Lucene OR apache) AND website
• Special characters + - && || ! ( ) { } [ ] ^ " ~ * ? : \
• Range Searches status:[400 TO 499]

Below are some basic examples that will make it clearer.

Examples and search snippets

• Your website unpatched vulnerabilities at the Openbugbounty:

  type:openbugbounty AND title:"your-domain-here.com" AND openbugbounty.patchStatus:unpatched

• Software vulnerabilities, Firefox as example:

  type:openbugbounty AND title:"your-domain-here.com" AND openbugbounty.patchStatus:unpatched

• Software vulnerabilities, for exact version. Nginx 1.11.0 vulnerabilities:

  affectedSoftware.name:nginx AND affectedSoftware.version:"1.11.0"

• Software vulnerabilities, wildcard version, CVSS score range. Nginx 1.9* and CVSS score between 7 to 10:

  affectedSoftware.name:nginx AND affectedSoftware.version:1.9* AND cvss.score:[7 TO 10]

• Package vulnerabilities in some OS. Installed packages vulnerabilities for any PHP in SUSE:

  affectedPackage.packageName:php* AND type:suse order:published

• Search for php4 vulnerabilities in SUSE and CentOS or php4 exploits excluding OpenVAS and Nessus plugins:

  (affectedPackage.packageName:php4* AND (type:suse OR type:centos)) OR (title:php4 AND bulletinFamily:exploit) -type:openvas -type:nessus order:published

• Looking for affected CVE number in collection. OpenWRT vulnerabilities for CVE-2016-0799:

  type:openwrt AND cvelist:CVE-2016-0799

• Extension vulnerabilities in TYPO3. Vulnerable div2007 extension for TYPO3:

  affectedSoftware.name:div2007 AND type:typo3

• AWS Credentials leakage in Android Google Play repository:

  type:hackapp AWS credentials

• Nmap NSE scripts updates:

  type:nmap order:published

• Most expensive public disclosed Yahoo vulnerabilities:

  h1team.handle:yahoo order:bounty

• Exploits with “Selinux” in source code sorted by CVSS score:

  type:exploitdb sourceData:SELinux order:cvss.score

• Microsoft vulnerabilities with CVSS score in range 6 to 10 in CVE catalog sorted by date:

  (type:cve AND cvss.score:[6 TO 10] AND description:"Microsoft") order:published

• Search CentOS vulnerabilities with title, strating with “Critical” or “Important” and NETWORK in CVSS vector:

  (type:centos AND (title:"Critical" OR title:"Important") AND cvss.vector:"AV:NETWORK") order:published

• Use * if you want to find an existing and - missing field.

  bulletinFamily:ioc AND tags:* AND -iocType:ip