Find the insights and best practices about Recon.
Search & CVE Database
How to use global search & the CVE Database page effectively to search and filter vulnerabilities

This guide will walk you through how to effectively use global search & the CVE Database page to search and filter vulnerabilities. The CVE Database page allows you to search the Recon database with specific keywords and/or specific criteria.

 

 

Global Search

Direct CVE search

Enter a CVE ID to go direct to that CVE’s details page (e.g. search term 'CVE-2024-21412'):

 

 

Partial or text-based search

Do a partial search to return a table of results related to your query (e.g. search term '21412'):

 

 

 

Do a text-based search (e.g. description or vendor) to return a table of results related to your query (e.g. search term ‘adobe’, or 'remote code'):

 

 

CVE Database Search

Operates the same as Global Search functionality, but can be used in conjunction with advanced search filters / criteria (e.g. search term ‘adobe’ + tag ‘Metasploit = active’):

 

 

Advanced Search

Search our CVE Database for specific criteria. Tags can be stacked to help identify specific CVE groups. For instance, you can search for all CVEs that are on CISA KEV and were released during Microsoft Patch Tuesday:

 

 

Search criteria details:

  • Risk Rating Level
    A multiple choice search field that relates to the Cytidel Risk Rating that is applied to every CVE. This field returns CVEs matching any selected category. Options include Low, Moderate, Elevated, High and Significant.
  • CVSS Score
    A multiple choice search field relating to the Common Vulnerability Scoring System. This field returns all CVEs matching a selected range of CVSS scores defined between 0 and 10.
  • EPSS Score
    A multiple choice search field relating to the Exploit Prediction Scoring System. This field returns all CVEs matching a selected range of EPSS scores defined between 0 and 100%.
  • Metasploit Module
    Return all CVEs that have a tagged metasploit module.
  • Nuclei Template
    Return all CVEs that have a tagged nuclei template.
  • Exploit or POCs
    Return all CVEs that have a tagged exploit or POC.
  • Trending
    A single choice search field that returns all CVEs excluding trending, or that have trended either in the past 24 hours, 48 hours, 7 days or 30 days.
  • CISA KEV
    Return all CVEs that have been added to CISA’s Known Exploited Vulnerability list.
  • Not in NVD
    Return all CVEs that are not yet published to NVD but have been picked up by Cytidel due to a recent new advisory, trending news or social content, or a potential public exploit being tagged.
  • Potential Proof-of-Concept
    Return all CVEs that have been tagged as having a newly discovered POC or exploit.
  • Known Threat Actor
    Return all CVEs that have been tagged with an associated threat actor.
  • Patch Tuesday
    Return all CVEs that have been tagged as part of a Microsoft Patch Tuesday release.
  • Potential Public Exploit
    Return all CVEs that have been tagged as a potential zero day or that have a potential exploitation in the wild.
  • Cytidel Spotlight
    Return all CVEs that have been added to the Cytidel Spotlight.
Did this answer your question?