Commits

VulDB is an open database which allows the edits from users all over the world. The edit of a single field is called a commit and introduces a wide variety of additional possibilities.

Moderation

All edits are reviewed by selected moderators which allows us to guarantee the desired level of data quality and accuracy. A new commit might be processed like this:

  • correct and can be validated ⇒ accepted and will be published to the official entry
  • partially incorrect (e.g. wording, wrong data field selected) ⇒ corrected by a moderator
  • could not be verified entierly ⇒ published with a low confidence score and/or addition comment
  • is wrong (e.g. could not be verified, wrong data) ⇒ rejected with a comment
  • is spam or profanity ⇒ values of offensive commits are set to invisible

Confidence Levels

Commits and approvals have a confidence level ranging from 0-100. This makes it possible for VulDB user to decide which level of confidence they want to accept for further processing. The common commit level ranges are:

  • 0: not approved ⇒ hidden
  • 1-49: automated approval untrusted source
  • 50-69: automated approval trusted source
  • 70-89: manual approval
  • 90-100: manual validation

Time Variance

VulDB is the only vulnerability database providing time variance. All commits are stored in the database and can be reviewed. Data is never overwritten nor destroyed. This makes it possible to show commit histories and diffs of different versions of an entry. Vulnerability historians, investigating administrators, and penetrations testers may use this feature to understand the lifecycle of a vulnerability. It is possible to change the view during display of a vulnerability entry.

Hidden Commits

Some commits might be hidden for various reasons. For example if they affect a customer-specific field which is not intended to be public. Or if a commit was malicious, contains attack patterns, profanity, or personal data. Such commits are either hidden entirely or flagged as hidden. These commits remain accessible by a limited user group.

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!

PreviousOverviewNext