ShadowTrackr

Log in >
RSS feed

Exploited CVEs visible in GUI and PDF reports

12 August 2024
You're already familiar with the CVEs in the GUI and PDF reports. They are blue boxes with rounded corners that have a color on the left side signalling the CVSS severity: red (critical), orange (high), yellow (medium) and green (low).

As of now, a red bar on the right side signals that the CVE is exploited. If you click on the CVE, you will be shown a page that shows you where that information comes from. IT can be because the US CISA says so on their Known Exploited Vulnerability list, or because a Proof-of-Concept is publicly available. In that last case, the link to the PoC is shown too.

There's also a new report available (query: $exploited_vulnerabilities_report) that only shows you the exploitable CVEs you have for you assets. Who knows, they might already have been exploited. Patch them as soon as possible!

Beta in API: Exploited CVE tracking

29 July 2024
If you keep track of vulnerabilities, you'll want to know if they are actively exploited or not. We now track exploit and abuse from several sources. Although some sources keep exploit availability and abuse separate, in ShadowTrackr there is only one: either the CVE is exploited (value: 1) or it is not (value: 0).

Tracking actual abuse is quite tricky, since you never have a complete view. It's safe to assume that if an exploit is available, there is abuse.

As of this week, there is an "exploited" field present in all CVE data in the API. If all goes well, the exploited data will soon be available in de GUI and reports too.

New CVEs found alert for assets

21 July 2024
After some elaborate restructuring of data and indexes it is finally here: CVE alerts. There is a new index called cves_assets which keeps tracks of CVEs found per asset.

As you know, an asset is either a host (ip address) or url (website or certificate). Any software found on an asset that has a version number is checked for CVEs and the results are stored in the cves_assets index. You can use the following query to create alerts for High and Critical CVEs: 

index=cves_assets cvss_score>=7 first_seen>-24h

Of course, there's also a template alert for this available in the alerts library.
Older posts >

Overview
Use cases
Plans and pricing
FAQ
Resources
API
Blog
Documentation
Integrations
Shodan
OpenCTI
Company
About
Contact us
Legal & Policy