Running cvemap - ProjectDiscovery Documentation

For all of the flags and options available for cvemap be sure to check out the Usage page. On this page we’ll share examples running cvemap with specific flags and goals and the output you can expect from each.

If you have questions, reach out to us through Help.

Prerequisites for cvemap

Before using cvemap, you’ll need to get a ProjectDiscovery Cloud Platform (PDCP) account and API key so that you can access the cvemap API data.

Navigate to https://cloud.projectdiscovery.io/ and click “Sign Up” (or “Sign In” if you already have a PDCP account).

Get your PDCP API Key

Once signed into ProjectDiscovery Cloud Platform, you can navigate to https://cloud.projectdiscovery.io/?ref=api_key to find your API Key.

Use the copy button to copy your API Key - we nee dthis to authenticate your install

Authorize cvemap with PDCP

To authenticate your install of cvemap, run

cvemap -auth

When prompted, paste the key you obtained above.

Basic Examples

By default, cvemap lists all the known exploited vulnerabilities based CVEs published by cisa.

List top known exploited vulnerabilities

$ cvemap -limit 10


   ______   _____  ____ ___  ____  ____
  / ___/ | / / _ \/ __ \__ \/ __ \/ __ \
 / /__ | |/ /  __/ / / / / / /_/ / /_/ /
 \___/ |___/\___/_/ /_/ /_/\__,_/ .___/ 
                               /_/
                 
      projectdiscovery.io

| ID            | CVSS | SEVERITY | EPSS    | PRODUCT               | TEMPLATE | AGE |
|---------------|------|----------|---------|-----------------------|----------|-----|
| CVE-2023-5631 | 5.4  | MEDIUM   | 0.00986 | webmail               | ❌       | 18  |
| CVE-2023-5217 | 8.8  | HIGH     | 0.26047 | libvpx                | ❌       | 38  |
| CVE-2023-4966 | 7.5  | HIGH     | 0.92267 | netscaler_application | ✅       | 26  |
| CVE-2023-4863 | 8.8  | HIGH     | 0.4101  | chrome                | ❌       | 54  |
| CVE-2023-46748| 8.8  | HIGH     | 0.00607 |                       | ❌       | 10  |
| CVE-2023-46747| 9.8  | CRITICAL | 0.95304 |                       | ✅       | 10  |
| CVE-2023-46604| 10   | CRITICAL | 0.01596 |                       | ✅       | 9   |
| CVE-2023-44487| 7.5  | HIGH     | 0.52748 | http                  | ❌       | 26  |
| CVE-2023-42824| 7.8  | HIGH     | 0.00062 | ipados                | ❌       | 32  |
| CVE-2023-42793| 9.8  | CRITICAL | 0.97264 | teamcity              | ✅       | 47  |

List top CVEs on HackerOne

List top CVEs being reported on hackerone platform using -h1 or -hackerone option.

$ cvemap -h1

| CVE            | CVSS | SEVERITY | RANK | REPORTS | PRODUCT              | TEMPLATE | AGE  |
|----------------|------|----------|------|---------|----------------------|----------|------|
| CVE-2020-35946 | 5.4  | MEDIUM   | 1    | 304     | all_in_one_seo_pack  | ❌       | 1038 |
| CVE-2023-4966  | 7.5  | HIGH     | 2    | 54      | netscaler_application| ✅       | 26   |
| CVE-2023-22518 | 9.1  | CRITICAL | 3    | 27      |                      | ✅       | 5    |
| CVE-2017-15277 | 6.5  | MEDIUM   | 4    | 1139    | graphicsmagick       | ❌       | 2215 |
| CVE-2023-35813 | 9.8  | CRITICAL | 5    | 54      | experience_commerce  | ✅       | 141  |
| CVE-2022-38463 | 6.1  | MEDIUM   | 6    | 342     | servicenow           | ✅       | 439  |
| CVE-2020-11022 | 6.1  | MEDIUM   | 7    | 209     | jquery               | ❌       | 1285 |
| CVE-2020-11023 | 6.1  | MEDIUM   | 8    | 208     | jquery               | ❌       | 1285 |
| CVE-2023-38205 | 7.5  | HIGH     | 9    | 162     | coldfusion           | ✅       | 52   |
| CVE-2019-11358 | 6.1  | MEDIUM   | 10   | 214     | jquery               | ❌       | 1660 |

cvemap provide multiple ways to query cve data i.e by product, vendor, severity, cpe, assignee, cvss-score, epss-score, age etc, for example:

List all CVEs for Confluence

List all the cves published for Atlassian Confluence:

cvemap -product confluence -l 5

| ID            | CVSS | SEVERITY | EPSS    | PRODUCT    | TEMPLATE |
|---------------|------|----------|---------|------------|----------|
| CVE-2020-4027 | 4.7  | MEDIUM   | 0.00105 | confluence | ❌       |
| CVE-2019-3398 | 8.8  | HIGH     | 0.97342 | confluence | ✅       |
| CVE-2019-3396 | 9.8  | CRITICAL | 0.97504 | confluence | ✅       |
| CVE-2019-3395 | 9.8  | CRITICAL | 0.07038 | confluence | ❌       |
| CVE-2019-3394 | 8.8  | HIGH     | 0.1885  | confluence | ❌       |

As default, cvemap display default / limit fields which can be custizmed and controoled using -field/ -f option, for example:

$ cvemap -severity critical -field assignee,vstatus,poc -l 5

| ID            | CVSS | SEVERITY | EPSS    | PRODUCT          | TEMPLATE | ASSIGNEE               | VSTATUS     | POC   |
|---------------|------|----------|---------|------------------|----------|------------------------|-------------|-------|
| CVE-2023-5843 | 9    | CRITICAL | 0.00053 |                  | ❌       | security@wordfence.com | UNCONFIRMED | FALSE |
| CVE-2023-5832 | 9.1  | CRITICAL | 0.00043 |                  | ❌       | security@huntr.dev     | UNCONFIRMED | FALSE |
| CVE-2023-5824 | 9.6  | CRITICAL | 0.00045 |                  | ❌       | secalert@redhat.com    | UNCONFIRMED | FALSE |
| CVE-2023-5820 | 9.6  | CRITICAL | 0.00047 |                  | ❌       | security@wordfence.com | UNCONFIRMED | FALSE |
| CVE-2023-5807 | 9.8  | CRITICAL | 0.00076 | education_portal | ❌       | cve@usom.gov.tr        | CONFIRMED   | FALSE |

To list cves with matching threshold like, CVSS score or EPSS Score / Percentile, below options can be used:

$ cvemap -silent -cs '> 7' -es '> 0.00053' -l 5

| ID            | CVSS | SEVERITY | EPSS    | PRODUCT                               | TEMPLATE |
|---------------|------|----------|---------|---------------------------------------|----------|
| CVE-2023-5860 | 7.2  | HIGH     | 0.00132 |                                       | ❌       |
| CVE-2023-5843 | 9    | CRITICAL | 0.00053 |                                       | ❌       |
| CVE-2023-5807 | 9.8  | CRITICAL | 0.00076 | education_portal                      | ❌       |
| CVE-2023-5804 | 9.8  | CRITICAL | 0.00063 | nipah_virus_testing_management_system | ❌       |
| CVE-2023-5802 | 8.8  | HIGH     | 0.00058 | wp_knowledgebase                      | ❌       |

To filter cves to match with specifc conditions like, cves has public poc or template and in the list of kev, belows options can beused:

$ cvemap -silent -template=false -poc=true -kev=true -l 5 -f poc,kev

| ID             | CVSS | SEVERITY | EPSS    | PRODUCT | TEMPLATE | POC  | KEV  |
|----------------|------|----------|---------|---------|----------|------|------|
| CVE-2023-5631  | 5.4  | MEDIUM   | 0.00986 | webmail | ❌       | TRUE | TRUE |
| CVE-2023-5217  | 8.8  | HIGH     | 0.26047 | libvpx  | ❌       | TRUE | TRUE |
| CVE-2023-4863  | 8.8  | HIGH     | 0.4101  | chrome  | ❌       | TRUE | TRUE |
| CVE-2023-44487 | 7.5  | HIGH     | 0.52748 | http    | ❌       | TRUE | TRUE |
| CVE-2023-41993 | 9.8  | CRITICAL | 0.00617 | safari  | ❌       | TRUE | TRUE |

Return CVE IDs only

To return only CVE IDs, -lsi or -list-id flag can be used along with existing filter or search of cvemap.

cvemap -kev -limit 10 -list-id

CVE-2024-21887
CVE-2024-0519
CVE-2023-7101
CVE-2023-7024
CVE-2023-6549
CVE-2023-6548
CVE-2023-6448
CVE-2023-6345
CVE-2023-5631
CVE-2023-5217

JSON Output

$ echo CVE-2024-21887 | cvemap -json

[
  {
    "cve_id": "CVE-2024-21887",
    "cve_description": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x)  allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.",
    "severity": "critical",
    "cvss_score": 9.1,
    "cvss_metrics": {
      "cvss30": {
        "score": 9.1,
        "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "severity": "critical"
      },
      "cvss31": {
        "score": 9.1,
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "severity": "critical"
      }
    },
    "weaknesses": [
      {
        "cwe_id": "CWE-77",
        "cwe_name": "Improper Neutralization of Special Elements used in a Command ('Command Injection')"
      }
    ],
    "epss": {
      "epss_score": 0.95688,
      "epss_percentile": 0.99289
    },
    "cpe": {
      "cpe": "cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:*",
      "vendor": "ivanti",
      "product": "connect_secure"
    },
    "reference": [
      "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
    ],
    "poc": [
      {
        "url": "https://github.com/tucommenceapousser/CVE-2024-21887",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-20T19:15:23Z"
      },
      {
        "url": "https://github.com/mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-19T08:11:31Z"
      },
      {
        "url": "https://github.com/seajaysec/Ivanti-Connect-Around-Scan",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-19T02:12:11Z"
      },
      {
        "url": "https://github.com/raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-18T13:25:46Z"
      },
      {
        "url": "https://github.com/TheRedDevil1/Check-Vulns-Script",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-17T10:29:02Z"
      },
      {
        "url": "https://github.com/Chocapikk/CVE-2024-21887",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-16T20:59:38Z"
      },
      {
        "url": "https://github.com/duy-31/CVE-2023-46805_CVE-2024-21887",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-16T19:40:59Z"
      },
      {
        "url": "https://github.com/rxwx/pulse-meter",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-16T19:19:52Z"
      },
      {
        "url": "https://github.com/oways/ivanti-CVE-2024-21887",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-14T09:25:56Z"
      }
    ],
    "vendor_advisory": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US",
    "is_template": true,
    "nuclei_templates": {
      "template_path": "http/cves/2024/CVE-2024-21887.yaml",
      "template_url": "https://cloud.projectdiscovery.io/public/CVE-2024-21887",
      "created_at": "2024-01-17T02:23:45+05:30",
      "updated_at": "2024-01-16T21:14:22Z"
    },
    "is_exploited": true,
    "kev": {
      "added_date": "2024-01-10",
      "due_date": "2024-01-22"
    },
    "assignee": "support@hackerone.com",
    "published_at": "2024-01-12T17:15:10.017",
    "updated_at": "2024-01-22T17:15:09.523",
    "hackerone": {
      "rank": 6345,
      "count": 0
    },
    "age_in_days": 10,
    "vuln_status": "modified",
    "is_poc": true,
    "is_remote": false,
    "is_oss": false,
    "vulnerable_cpe": [
      "cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.5:r2.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.5:r2.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*"
    ]
  }
]

Advanced Filters

You can combine filters with a -q query to match multiple filters. For example:

cvemap -q '"remote code execution" 2023 is_remote:true is_poc:true sort_asc:age_in_days'

| ID            | CVSS | SEVERITY | EPSS    | PRODUCT | TEMPLATE | POC  | KEV  |
|---------------|------|----------|---------|---------|----------|------|------|
| CVE-2023-5631 | 5.4  | MEDIUM   | 0.00986 | webmail | ❌       | TRUE | TRUE |
| CVE-2023-5217 | 8.8  | HIGH     | 0.26047 | libvpx  | ❌       | TRUE | TRUE |
| CVE-2023-4863 | 8.8  | HIGH     | 0.4101  | chrome  | ❌       | TRUE | TRUE |
| CVE-2023-44487| 7.5  | HIGH     | 0.52748 | http    | ❌       | TRUE | TRUE |
| CVE-2023-41993| 9.8  | CRITICAL | 0.00617 | safari  | ❌       | TRUE | TRUE |

You can see the documentation for all available filters below:

Metadata

age_in_days

number

Age of the CVE

assignee

string

The assignee for this CVE.

Typically this is an email address such as security@apache.org or cve@mitre.org

cve_description

string

The description of the CVE from the NVD

cve_id

string

The CVE ID for a specific CVE such as CVE-2019-7070

cvss_score

number

The CVSS v3.0 score for this CloseEvent. Example: 8.8

is_exploited

boolean

Is the CVE marked as a Known Exploited Vulnerability (KEV)

is_oss

boolean

Is this CVE in open source software with OSS data available?

is_poc

boolean

Is there a Proof of Concept (POC) available for this CVE?

.is_remote

boolean

Is this CVE remotely exploitable?

is_template

boolean

Is there a Nuclei Template available for this CVE?

patch_url

string

The URL for the patch for this CVE.

Example: https://helpx.adobe.com/security/products/acrobat/apsb19-07.html

published_at

datetime

The published date and time for this CVE. Example: 2019-05-24T19:29:02.080

reference

string

The URL reference for this CVE.

Example: https://www.zerodayinitiative.com/advisories/ZDI-19-210/

severity

string

The CVSS 3.0 severity for this CVE. Example: severity

updated_at

datetime

The last date and time that this CVE was updated. Example: 2019-08-21T16:20:31.353

vendor_advisory

string

The URL for the vendor advisory for this CVE.

Example: vendor_advisory

vuln_status

string

The vulnerability status this CVE. Example: confirmed

vulnerable_cpe

string

The CPE string for this CVE. Example: cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*

CPE Data

Common Platform Enumeration (CPE) Data

cpe

Common Platform Enumeration Object

Show properties

cpe

string

The full Common Platform Enumeration String. Example:

cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*

framework

string

Common Platform Enumeration framework. Example: wordpress

product

string

Common Platform Enumeration product. Example: acrobat_dc

vendor

string

Common Platform Enumeration vendor. Example: adobe

CVSS Data

Common Vulnerability Scoring System (CVSS) Data

cvss_metrics

CVSS Object

Show properties

cvss2

CVSS v2 Object

Show properties

score

number

CVSS v2 Score. Example: 9.3

severity

string

CVSS v2 severity. Example: critical

vector

string

CVSS v2 vector. Example: CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

cvss30

CVSS v2 Object

Show properties

score

number

CVSS v3.0 Score. Example: 8.8

severity

string

CVSS v3.0 severity. Example: high

vector

string

CVSS v3.0 vector. Example: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

cvss31

CVSS v2 Object

Show properties

score

number

CVSS v3.1 Score. Example: 7

severity

string

CVSS v3.1 severity. Example: high

vector

string

CVSS v3.1 vector. Example: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Data

Use After FreeExploit Prediction Scoring System (EPSS) Data

epss

EPSS Object

Show properties

epss_percentile

number

The EPSS percentile. Example: 0.80053

epss_score

number

The EPSS score. Example: 0.00826

HackerOne Data

hackerone

hackerone Object

Show properties

count

number

Number of hackerone reports for this CVE. Example: 0

rank

number

The hackerone rank for this CVE. Example: 6279

KVE Data

Known Exploited Vulnerability (KEV) Data

kev

KVE Object

Show properties

added_date

date

Date added to the KEV. Example 2022-04-15

due_date

date

The KEV due Date. Example 2022-05-06

Nuclei Template Data

nuclei_templates

Nuclei Template Object

Show properties

created_at

datetime

Date and time that the Nuclei Template was created. Example 2020-04-05T23:31:09+05:30

template_issue

string

The GitHub issue for this template. Example https://github.com/projectdiscovery/nuclei-templates/issues/7549

template_issue_type

string

The GitHub issue type this template - has it been mentioned or is there a template created? Example mention or template

template_path

string

The full path for this template. Example http/cves/2019/CVE-2019-12314.yaml

template_pr

string

The GitHub pull request for this template. Example https://github.com/projectdiscovery/nuclei-templates/pull/3200

template_url

string

The public ProjectDiscovery Cloud Platform URL for this template. Example https://cloud.projectdiscovery.io/public/CVE-2019-12314

updated_at

datetime

Date and time that the Nuclei Template was last updated. Example 2023-12-29T09:30:44Z

Open Source Software (OSS) Data

oss

OSS Object

Show properties

created_at

datetime

Date and time that the OSS repository was created. Example 2009-05-21 01:33:45 +0000 UTC

description

string

Description for this software. Example Mirror of Apache ActiveMQ

forks

number

The number of forks for this project. Example 1407

language

string

The primary programming language of this software. Example Java

pushed_at

datetime

Date and time of the most recent push to this repository. Example 2023-12-12 17:51:19 +0000 UTC

stars

number

The number of stars for this project. Example 2221

subscribers

number

The number of subscribers for this repository. Example 200

topics

array

The topics for this project. Example php

updated_at

datetime

Date and time that the project was last updated. Example 2023-12-29 09:29:55 +0000 UTC

url

string

The public repository URL. Example "https://github.com/apache/activemq

Proof of Concept (POC) Data

poc

POC Object

Show properties

added_at

datetime

Date and time that the POC was added. Example 2019-04-02T12:50:46Z

source

string

The source of the POC. Example trickest

url

string

The URL of the POC. Example https://medium.com/@alt3kx/a-reflected-xss-in-print-archive-system-v2015-release-2-6-cve-2019-10685-b60763b7768b

Shodan Data

shodan

Shodan Object

Show properties

count

number

Number of Shodan results relative to this CVE. Example cpe:\"cpe:2.3:a:adobe:coldfusion\"

query

string

The Shodan query for this CVE. Example trickest

CWE Data

Common Weakness Enumeration (CWE) Data

weaknesses

CWE Object

Show properties

cwe_id

string

The CWE ID for this CVE. Example CWE-416

cwe_name

string

The CWE name for this CVE. Example Use After Free

On this page

Prerequisites for cvemap
Basic Examples
List top known exploited vulnerabilities
List top CVEs on HackerOne
List all CVEs for Confluence
Return CVE IDs only
JSON Output
Advanced Filters
Metadata
CPE Data
CVSS Data
EPSS Data
HackerOne Data
KVE Data
Nuclei Template Data
Open Source Software (OSS) Data
Proof of Concept (POC) Data
Shodan Data
CWE Data

If you have questions, reach out to us through Help.

Prerequisites for cvemap

Before using cvemap, you’ll need to get a ProjectDiscovery Cloud Platform (PDCP) account and API key so that you can access the cvemap API data.

Navigate to https://cloud.projectdiscovery.io/ and click “Sign Up” (or “Sign In” if you already have a PDCP account).

Get your PDCP API Key

Once signed into ProjectDiscovery Cloud Platform, you can navigate to https://cloud.projectdiscovery.io/?ref=api_key to find your API Key.

Use the copy button to copy your API Key - we nee dthis to authenticate your install

Authorize cvemap with PDCP

To authenticate your install of cvemap, run

cvemap -auth

When prompted, paste the key you obtained above.

Basic Examples

By default, cvemap lists all the known exploited vulnerabilities based CVEs published by cisa.

List top known exploited vulnerabilities

$ cvemap -limit 10


   ______   _____  ____ ___  ____  ____
  / ___/ | / / _ \/ __ \__ \/ __ \/ __ \
 / /__ | |/ /  __/ / / / / / /_/ / /_/ /
 \___/ |___/\___/_/ /_/ /_/\__,_/ .___/ 
                               /_/
                 
      projectdiscovery.io

| ID            | CVSS | SEVERITY | EPSS    | PRODUCT               | TEMPLATE | AGE |
|---------------|------|----------|---------|-----------------------|----------|-----|
| CVE-2023-5631 | 5.4  | MEDIUM   | 0.00986 | webmail               | ❌       | 18  |
| CVE-2023-5217 | 8.8  | HIGH     | 0.26047 | libvpx                | ❌       | 38  |
| CVE-2023-4966 | 7.5  | HIGH     | 0.92267 | netscaler_application | ✅       | 26  |
| CVE-2023-4863 | 8.8  | HIGH     | 0.4101  | chrome                | ❌       | 54  |
| CVE-2023-46748| 8.8  | HIGH     | 0.00607 |                       | ❌       | 10  |
| CVE-2023-46747| 9.8  | CRITICAL | 0.95304 |                       | ✅       | 10  |
| CVE-2023-46604| 10   | CRITICAL | 0.01596 |                       | ✅       | 9   |
| CVE-2023-44487| 7.5  | HIGH     | 0.52748 | http                  | ❌       | 26  |
| CVE-2023-42824| 7.8  | HIGH     | 0.00062 | ipados                | ❌       | 32  |
| CVE-2023-42793| 9.8  | CRITICAL | 0.97264 | teamcity              | ✅       | 47  |

List top CVEs on HackerOne

List top CVEs being reported on hackerone platform using -h1 or -hackerone option.

$ cvemap -h1

| CVE            | CVSS | SEVERITY | RANK | REPORTS | PRODUCT              | TEMPLATE | AGE  |
|----------------|------|----------|------|---------|----------------------|----------|------|
| CVE-2020-35946 | 5.4  | MEDIUM   | 1    | 304     | all_in_one_seo_pack  | ❌       | 1038 |
| CVE-2023-4966  | 7.5  | HIGH     | 2    | 54      | netscaler_application| ✅       | 26   |
| CVE-2023-22518 | 9.1  | CRITICAL | 3    | 27      |                      | ✅       | 5    |
| CVE-2017-15277 | 6.5  | MEDIUM   | 4    | 1139    | graphicsmagick       | ❌       | 2215 |
| CVE-2023-35813 | 9.8  | CRITICAL | 5    | 54      | experience_commerce  | ✅       | 141  |
| CVE-2022-38463 | 6.1  | MEDIUM   | 6    | 342     | servicenow           | ✅       | 439  |
| CVE-2020-11022 | 6.1  | MEDIUM   | 7    | 209     | jquery               | ❌       | 1285 |
| CVE-2020-11023 | 6.1  | MEDIUM   | 8    | 208     | jquery               | ❌       | 1285 |
| CVE-2023-38205 | 7.5  | HIGH     | 9    | 162     | coldfusion           | ✅       | 52   |
| CVE-2019-11358 | 6.1  | MEDIUM   | 10   | 214     | jquery               | ❌       | 1660 |

cvemap provide multiple ways to query cve data i.e by product, vendor, severity, cpe, assignee, cvss-score, epss-score, age etc, for example:

List all CVEs for Confluence

List all the cves published for Atlassian Confluence:

cvemap -product confluence -l 5

| ID            | CVSS | SEVERITY | EPSS    | PRODUCT    | TEMPLATE |
|---------------|------|----------|---------|------------|----------|
| CVE-2020-4027 | 4.7  | MEDIUM   | 0.00105 | confluence | ❌       |
| CVE-2019-3398 | 8.8  | HIGH     | 0.97342 | confluence | ✅       |
| CVE-2019-3396 | 9.8  | CRITICAL | 0.97504 | confluence | ✅       |
| CVE-2019-3395 | 9.8  | CRITICAL | 0.07038 | confluence | ❌       |
| CVE-2019-3394 | 8.8  | HIGH     | 0.1885  | confluence | ❌       |

As default, cvemap display default / limit fields which can be custizmed and controoled using -field/ -f option, for example:

$ cvemap -severity critical -field assignee,vstatus,poc -l 5

| ID            | CVSS | SEVERITY | EPSS    | PRODUCT          | TEMPLATE | ASSIGNEE               | VSTATUS     | POC   |
|---------------|------|----------|---------|------------------|----------|------------------------|-------------|-------|
| CVE-2023-5843 | 9    | CRITICAL | 0.00053 |                  | ❌       | security@wordfence.com | UNCONFIRMED | FALSE |
| CVE-2023-5832 | 9.1  | CRITICAL | 0.00043 |                  | ❌       | security@huntr.dev     | UNCONFIRMED | FALSE |
| CVE-2023-5824 | 9.6  | CRITICAL | 0.00045 |                  | ❌       | secalert@redhat.com    | UNCONFIRMED | FALSE |
| CVE-2023-5820 | 9.6  | CRITICAL | 0.00047 |                  | ❌       | security@wordfence.com | UNCONFIRMED | FALSE |
| CVE-2023-5807 | 9.8  | CRITICAL | 0.00076 | education_portal | ❌       | cve@usom.gov.tr        | CONFIRMED   | FALSE |

To list cves with matching threshold like, CVSS score or EPSS Score / Percentile, below options can be used:

$ cvemap -silent -cs '> 7' -es '> 0.00053' -l 5

| ID            | CVSS | SEVERITY | EPSS    | PRODUCT                               | TEMPLATE |
|---------------|------|----------|---------|---------------------------------------|----------|
| CVE-2023-5860 | 7.2  | HIGH     | 0.00132 |                                       | ❌       |
| CVE-2023-5843 | 9    | CRITICAL | 0.00053 |                                       | ❌       |
| CVE-2023-5807 | 9.8  | CRITICAL | 0.00076 | education_portal                      | ❌       |
| CVE-2023-5804 | 9.8  | CRITICAL | 0.00063 | nipah_virus_testing_management_system | ❌       |
| CVE-2023-5802 | 8.8  | HIGH     | 0.00058 | wp_knowledgebase                      | ❌       |

To filter cves to match with specifc conditions like, cves has public poc or template and in the list of kev, belows options can beused:

$ cvemap -silent -template=false -poc=true -kev=true -l 5 -f poc,kev

| ID             | CVSS | SEVERITY | EPSS    | PRODUCT | TEMPLATE | POC  | KEV  |
|----------------|------|----------|---------|---------|----------|------|------|
| CVE-2023-5631  | 5.4  | MEDIUM   | 0.00986 | webmail | ❌       | TRUE | TRUE |
| CVE-2023-5217  | 8.8  | HIGH     | 0.26047 | libvpx  | ❌       | TRUE | TRUE |
| CVE-2023-4863  | 8.8  | HIGH     | 0.4101  | chrome  | ❌       | TRUE | TRUE |
| CVE-2023-44487 | 7.5  | HIGH     | 0.52748 | http    | ❌       | TRUE | TRUE |
| CVE-2023-41993 | 9.8  | CRITICAL | 0.00617 | safari  | ❌       | TRUE | TRUE |

Return CVE IDs only

To return only CVE IDs, -lsi or -list-id flag can be used along with existing filter or search of cvemap.

cvemap -kev -limit 10 -list-id

CVE-2024-21887
CVE-2024-0519
CVE-2023-7101
CVE-2023-7024
CVE-2023-6549
CVE-2023-6548
CVE-2023-6448
CVE-2023-6345
CVE-2023-5631
CVE-2023-5217

JSON Output

$ echo CVE-2024-21887 | cvemap -json

[
  {
    "cve_id": "CVE-2024-21887",
    "cve_description": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x)  allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.",
    "severity": "critical",
    "cvss_score": 9.1,
    "cvss_metrics": {
      "cvss30": {
        "score": 9.1,
        "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "severity": "critical"
      },
      "cvss31": {
        "score": 9.1,
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
        "severity": "critical"
      }
    },
    "weaknesses": [
      {
        "cwe_id": "CWE-77",
        "cwe_name": "Improper Neutralization of Special Elements used in a Command ('Command Injection')"
      }
    ],
    "epss": {
      "epss_score": 0.95688,
      "epss_percentile": 0.99289
    },
    "cpe": {
      "cpe": "cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:*",
      "vendor": "ivanti",
      "product": "connect_secure"
    },
    "reference": [
      "http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html"
    ],
    "poc": [
      {
        "url": "https://github.com/tucommenceapousser/CVE-2024-21887",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-20T19:15:23Z"
      },
      {
        "url": "https://github.com/mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-19T08:11:31Z"
      },
      {
        "url": "https://github.com/seajaysec/Ivanti-Connect-Around-Scan",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-19T02:12:11Z"
      },
      {
        "url": "https://github.com/raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-18T13:25:46Z"
      },
      {
        "url": "https://github.com/TheRedDevil1/Check-Vulns-Script",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-17T10:29:02Z"
      },
      {
        "url": "https://github.com/Chocapikk/CVE-2024-21887",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-16T20:59:38Z"
      },
      {
        "url": "https://github.com/duy-31/CVE-2023-46805_CVE-2024-21887",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-16T19:40:59Z"
      },
      {
        "url": "https://github.com/rxwx/pulse-meter",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-16T19:19:52Z"
      },
      {
        "url": "https://github.com/oways/ivanti-CVE-2024-21887",
        "source": "gh-nomi-sec",
        "added_at": "2024-01-14T09:25:56Z"
      }
    ],
    "vendor_advisory": "https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US",
    "is_template": true,
    "nuclei_templates": {
      "template_path": "http/cves/2024/CVE-2024-21887.yaml",
      "template_url": "https://cloud.projectdiscovery.io/public/CVE-2024-21887",
      "created_at": "2024-01-17T02:23:45+05:30",
      "updated_at": "2024-01-16T21:14:22Z"
    },
    "is_exploited": true,
    "kev": {
      "added_date": "2024-01-10",
      "due_date": "2024-01-22"
    },
    "assignee": "support@hackerone.com",
    "published_at": "2024-01-12T17:15:10.017",
    "updated_at": "2024-01-22T17:15:09.523",
    "hackerone": {
      "rank": 6345,
      "count": 0
    },
    "age_in_days": 10,
    "vuln_status": "modified",
    "is_poc": true,
    "is_remote": false,
    "is_oss": false,
    "vulnerable_cpe": [
      "cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.5:r2.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.5:r2.1:*:*:*:*:*:*",
      "cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*"
    ]
  }
]

Advanced Filters

You can combine filters with a -q query to match multiple filters. For example:

cvemap -q '"remote code execution" 2023 is_remote:true is_poc:true sort_asc:age_in_days'

| ID            | CVSS | SEVERITY | EPSS    | PRODUCT | TEMPLATE | POC  | KEV  |
|---------------|------|----------|---------|---------|----------|------|------|
| CVE-2023-5631 | 5.4  | MEDIUM   | 0.00986 | webmail | ❌       | TRUE | TRUE |
| CVE-2023-5217 | 8.8  | HIGH     | 0.26047 | libvpx  | ❌       | TRUE | TRUE |
| CVE-2023-4863 | 8.8  | HIGH     | 0.4101  | chrome  | ❌       | TRUE | TRUE |
| CVE-2023-44487| 7.5  | HIGH     | 0.52748 | http    | ❌       | TRUE | TRUE |
| CVE-2023-41993| 9.8  | CRITICAL | 0.00617 | safari  | ❌       | TRUE | TRUE |

You can see the documentation for all available filters below:

Metadata

age_in_days

number

Age of the CVE

assignee

string

The assignee for this CVE.

Typically this is an email address such as security@apache.org or cve@mitre.org

cve_description

string

The description of the CVE from the NVD

cve_id

string

The CVE ID for a specific CVE such as CVE-2019-7070

cvss_score

number

The CVSS v3.0 score for this CloseEvent. Example: 8.8

is_exploited

boolean

Is the CVE marked as a Known Exploited Vulnerability (KEV)

is_oss

boolean

Is this CVE in open source software with OSS data available?

is_poc

boolean

Is there a Proof of Concept (POC) available for this CVE?

.is_remote

boolean

Is this CVE remotely exploitable?

is_template

boolean

Is there a Nuclei Template available for this CVE?

patch_url

string

The URL for the patch for this CVE.

Example: https://helpx.adobe.com/security/products/acrobat/apsb19-07.html

published_at

datetime

The published date and time for this CVE. Example: 2019-05-24T19:29:02.080

reference

string

The URL reference for this CVE.

Example: https://www.zerodayinitiative.com/advisories/ZDI-19-210/

severity

string

The CVSS 3.0 severity for this CVE. Example: severity

updated_at

datetime

The last date and time that this CVE was updated. Example: 2019-08-21T16:20:31.353

vendor_advisory

string

The URL for the vendor advisory for this CVE.

Example: vendor_advisory

vuln_status

string

The vulnerability status this CVE. Example: confirmed

vulnerable_cpe

string

The CPE string for this CVE. Example: cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*

CPE Data

Common Platform Enumeration (CPE) Data

cpe

Common Platform Enumeration Object

Show properties

cpe

string

The full Common Platform Enumeration String. Example:

cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*

framework

string

Common Platform Enumeration framework. Example: wordpress

product

string

Common Platform Enumeration product. Example: acrobat_dc

vendor

string

Common Platform Enumeration vendor. Example: adobe

CVSS Data

Common Vulnerability Scoring System (CVSS) Data

cvss_metrics

CVSS Object

Show properties

cvss2

CVSS v2 Object

Show properties

score

number

CVSS v2 Score. Example: 9.3

severity

string

CVSS v2 severity. Example: critical

vector

string

CVSS v2 vector. Example: CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C

cvss30

CVSS v2 Object

Show properties

score

number

CVSS v3.0 Score. Example: 8.8

severity

string

CVSS v3.0 severity. Example: high

vector

string

CVSS v3.0 vector. Example: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

cvss31

CVSS v2 Object

Show properties

score

number

CVSS v3.1 Score. Example: 7

severity

string

CVSS v3.1 severity. Example: high

vector

string

CVSS v3.1 vector. Example: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Data

Use After FreeExploit Prediction Scoring System (EPSS) Data

epss

EPSS Object

Show properties

epss_percentile

number

The EPSS percentile. Example: 0.80053

epss_score

number

The EPSS score. Example: 0.00826

HackerOne Data

hackerone

hackerone Object

Show properties

count

number

Number of hackerone reports for this CVE. Example: 0

rank

number

The hackerone rank for this CVE. Example: 6279

KVE Data

Known Exploited Vulnerability (KEV) Data

kev

KVE Object

Show properties

added_date

date

Date added to the KEV. Example 2022-04-15

due_date

date

The KEV due Date. Example 2022-05-06

Nuclei Template Data

nuclei_templates

Nuclei Template Object

Show properties

created_at

datetime

Date and time that the Nuclei Template was created. Example 2020-04-05T23:31:09+05:30

template_issue

string

The GitHub issue for this template. Example https://github.com/projectdiscovery/nuclei-templates/issues/7549

template_issue_type

string

The GitHub issue type this template - has it been mentioned or is there a template created? Example mention or template

template_path

string

The full path for this template. Example http/cves/2019/CVE-2019-12314.yaml

template_pr

string

The GitHub pull request for this template. Example https://github.com/projectdiscovery/nuclei-templates/pull/3200

template_url

string

The public ProjectDiscovery Cloud Platform URL for this template. Example https://cloud.projectdiscovery.io/public/CVE-2019-12314

updated_at

datetime

Date and time that the Nuclei Template was last updated. Example 2023-12-29T09:30:44Z

Open Source Software (OSS) Data

oss

OSS Object

Show properties

created_at

datetime

Date and time that the OSS repository was created. Example 2009-05-21 01:33:45 +0000 UTC

description

string

Description for this software. Example Mirror of Apache ActiveMQ

forks

number

The number of forks for this project. Example 1407

language

string

The primary programming language of this software. Example Java

pushed_at

datetime

Date and time of the most recent push to this repository. Example 2023-12-12 17:51:19 +0000 UTC

stars

number

The number of stars for this project. Example 2221

subscribers

number

The number of subscribers for this repository. Example 200

topics

array

The topics for this project. Example php

updated_at

datetime

Date and time that the project was last updated. Example 2023-12-29 09:29:55 +0000 UTC

url

string

The public repository URL. Example "https://github.com/apache/activemq

Proof of Concept (POC) Data

poc

POC Object

Show properties

added_at

datetime

Date and time that the POC was added. Example 2019-04-02T12:50:46Z

source

string

The source of the POC. Example trickest

url

string

The URL of the POC. Example https://medium.com/@alt3kx/a-reflected-xss-in-print-archive-system-v2015-release-2-6-cve-2019-10685-b60763b7768b

Shodan Data

shodan

Shodan Object

Show properties

count

number

Number of Shodan results relative to this CVE. Example cpe:\"cpe:2.3:a:adobe:coldfusion\"

query

string

The Shodan query for this CVE. Example trickest

CWE Data

Common Weakness Enumeration (CWE) Data

weaknesses

CWE Object

Show properties

cwe_id

string

The CWE ID for this CVE. Example CWE-416

cwe_name

string

The CWE name for this CVE. Example Use After Free

On this page

Prerequisites for cvemap
Basic Examples
List top known exploited vulnerabilities
List top CVEs on HackerOne
List all CVEs for Confluence
Return CVE IDs only
JSON Output
Advanced Filters
Metadata
CPE Data
CVSS Data
EPSS Data
HackerOne Data
KVE Data
Nuclei Template Data
Open Source Software (OSS) Data
Proof of Concept (POC) Data
Shodan Data
CWE Data

​Prerequisites for cvemap

​Basic Examples

​List top known exploited vulnerabilities

​List top CVEs on HackerOne

​List all CVEs for Confluence

​Return CVE IDs only

​JSON Output

​Advanced Filters

​Metadata

​CPE Data

​CVSS Data

​EPSS Data

​HackerOne Data

​KVE Data

​Nuclei Template Data

​Open Source Software (OSS) Data

​Proof of Concept (POC) Data

​Shodan Data

​CWE Data

API Reference

​Prerequisites for cvemap

​Basic Examples

​List top known exploited vulnerabilities

​List top CVEs on HackerOne

​List all CVEs for Confluence

​Return CVE IDs only

​JSON Output

​Advanced Filters

​Metadata

​CPE Data

​CVSS Data

​EPSS Data

​HackerOne Data

​KVE Data

​Nuclei Template Data

​Open Source Software (OSS) Data

​Proof of Concept (POC) Data

​Shodan Data

​CWE Data

Prerequisites for cvemap

Basic Examples

List top known exploited vulnerabilities

List top CVEs on HackerOne

List all CVEs for Confluence

Return CVE IDs only

JSON Output

Advanced Filters

Metadata

CPE Data

CVSS Data

EPSS Data

HackerOne Data

KVE Data

Nuclei Template Data

Open Source Software (OSS) Data

Proof of Concept (POC) Data

Shodan Data

CWE Data

Prerequisites for cvemap

Basic Examples

List top known exploited vulnerabilities

List top CVEs on HackerOne

List all CVEs for Confluence

Return CVE IDs only

JSON Output

Advanced Filters

Metadata

CPE Data

CVSS Data

EPSS Data

HackerOne Data

KVE Data

Nuclei Template Data

Open Source Software (OSS) Data

Proof of Concept (POC) Data

Shodan Data

CWE Data