In this concise blog post, we’re delving into a crucial aspect of cybersecurity: databases housing software vulnerabilities. These databases, exemplified by platforms like vulners.com, exploit-db.com, and CVE Details, serve as comprehensive repositories cataloging an array of software weaknesses. Their purpose is monumental, providing a treasure trove of information for cybersecurity professionals, researchers, and organizations. By aggregating data on vulnerabilities, exploits, and remediation strategies, these databases empower proactive identification and mitigation of potential threats, bolstering system defenses and fortifying cybersecurity measures.
Note that these DBs are not equal, for example search for CVE-2019-10232 does not produce anything on PacketStormSecurity and on other platforms it returns a link to
a patch which fixes the vulnerability. So no ready exploit is provided. Also, search in github produces zero exploits.
Vulnerability search
Most of the DBs do not bring anything new. Why do they exist in such numbers? No answer…
CVE Details
Contains references to exploits if they exist, for example:
https://www.cvedetails.com/google-search-results.php?q=RCE#gsc.tab=0&gsc.q=RCE&gsc.sort=
Exploit-DB
Constains exploit codes which can be downloaded from the site itself.
Rapid7
Rapid7 is a developer of Metasploit Framework.
Packet Storm Security
The exploits are directly hosted by the site.
Sploitus
The exploits are directly hosted by the site.
Vulners
Pretty hard-to-understand platform.
Circle CVE search
VulDB
VulMon
VulMon |
|
CVE-2019-10232: 4 repos with working exploits |
ExploitAlert
Synaps Int
GitHub Advisories
SeeBug
SeeBug |
|
CVE-2019-10232: No results |
CloudVulnDB
National Vulnerability Database (NVD)
NVD |
|
CVE-2021-22205: Links to exploits |
Snyk Security
NVD |
|
CVE-2021-22205: Links to exploits |
OSVDEV
NVD |
|
CVE-2021-22205: Links to exploits |
SecList Org
AquaSec
SecList |
|
CVE-2021-22205: Links to exploits |
CVE MITRE
cvemitre |
|
CVE-2021-22205: Links to exploits |
CVE ORG
cvemitre |
|
CVE-2021-22205: Links to exploits |
OpenCVE IO
cvemitre |
|
CVE-2021-22205: Links to exploits |
Blogs
Buy / Sell exploits
Scums
See also