cvemap usage - ProjectDiscovery Documentation

Access help

Use cvemap - h to display all help options.

cvemap help options

Flags:
CONFIG:
   -auth  configure projectdiscovery cloud (pdcp) api key

OPTIONS:
   -id string[]                    cve to list for given id
   -v, -vendor string[]            cve to list for given vendor
   -p, -product string[]           cve to list for given product
   -eproduct string[]              cves to exclude based on products
   -s, -severity string[]          cve to list for given severity
   -cs, -cvss-score string[]       cve to list for given cvss score
   -c, -cpe string                 cve to list for given cpe
   -es, -epss-score string         cve to list for given epss score
   -ep, -epss-percentile string[]  cve to list for given epss percentile
   -age string                     cve to list published by given age in days
   -a, -assignee string[]          cve to list for given publisher assignee
   -vs, -vstatus value             cve to list for given vulnerability status in cli output. supported: modified, rejected, unknown, new, confirmed, unconfirmed

UPDATE:
   -up, -update                 update cvemap to latest version
   -duc, -disable-update-check  disable automatic cvemap update check

FILTER:
   -q, -search string  search in cve data
   -k, -kev            display cves marked as exploitable vulnerabilities by cisa (default true)
   -t, -template       display cves that has public nuclei templates (default true)
   -poc                display cves that has public published poc (default true)
   -h1, -hackerone     display cves reported on hackerone (default true)
   -re, -remote        display remotely exploitable cves (AV:N & PR:N | PR:L) (default true)

OUTPUT:
   -f, -field value         fields to display in cli output. supported: age, kev, template, poc, cwe, vendor, vstatus, epss, product, assignee
   -fe, -exclude value      fields to exclude from cli output. supported: age, kev, template, poc, cwe, vendor, vstatus, epss, product, assignee
   -lsi, -list-id           list only the cve ids in the output
   -l, -limit int           limit the number of results to display (default 50)
   -offset int              offset the results to display
   -j, -json                return output in json format
   -epk, -enable-page-keys  enable page keys to navigate results

DEBUG:
   -version  Version
   -silent   Silent
   -verbose  Verbose

Notes on usage

CVE datasets gets updated in every 6 hours.

References

National Vulnerability Database (NVD): Comprehensive CVE vulnerability data.
Known Exploited Vulnerabilities Catalog (KEV): Exploited vulnerabilities catalog.
Exploit Prediction Scoring System (EPSS): Exploit prediction scores.
HackerOne: CVE discoveries disclosure.
Nuclei Templates: Vulnerability validation templates.
Live-Hack-CVE / PoC-in-GitHub GitHub Repository: Vulnerability PoCs references.

Tools

​Access help

​cvemap help options

​Notes on usage

​References

Access help

cvemap help options

Notes on usage

References