Dark Mode
Intended users include security researchers
Data Science and Analytics
Tags and Keywords
Trusted By
"No reviews yet"
Free
About
Tracks cases of zero-day exploits detected actively "in the wild," meaning the vulnerability was used in real attacks against users before it was known publicly or by the vendor at the time of detection. The information is collected from a range of public sources. This resource is essential for understanding critical security flaws being actively exploited by attackers and monitoring the industry response to these threats. Expected updates occur on a quarterly basis.
Columns
The data includes 11 key fields detailing each zero-day incident:
- CVE: The Common Vulnerabilities and Exposures identifier associated with the flaw.
- Vendor: The name of the provider responsible for the vulnerable product. Major vendors observed include Microsoft and Apple.
- Product: The vulnerable product name, such as Windows or Chrome.
- Type: The general categorisation of the vulnerability, most commonly Memory Corruption or Logic/Design Flaw.
- Description: A textual explanation of the zero-day vulnerability.
- Date Discovered: The date the zero-day exploit was detected.
- Date Patched: The date remediation or a patch became available.
- Advisory: Details regarding the vendor advisory, if available.
- Analysis URL: Links to associated documentation and third-party analysis.
- Root Cause Analysis: Write-ups provided by Google Project Zero detailing the technical root cause.
- Reported By: The contact or group credited with reporting the vulnerability.
Distribution
The data file, titled 0day In the Wild - All.csv, is approximately 90.75 kB in size and contains 11 columns. There are 312 unique records tracked by CVE identifiers. The data is suitable for use in CSV file formats.
Usage
This data is ideal for cyber security teams looking to enhance threat intelligence models. It can be used to analyse trends in exploitation techniques, assess vendor responsiveness in patching critical flaws, and conduct research into historical zero-day attack patterns. It is also valuable for calculating time-to-patch metrics.
Coverage
The tracked activity spans a significant period, with discovery dates ranging from January 2015 to January 2024. Patch availability dates cover an even wider scope, from August 2014 to March 2024. The data covers products from 26 unique vendors, with Microsoft and Apple accounting for the majority of entries.
License
CC BY-NC-SA 4.0
Who Can Use It
Intended users include security researchers, threat intelligence analysts, academic researchers focusing on vulnerability economics, software vendors assessing competitive response times, and cyber security professionals requiring insight into real-world exploitation.
Dataset Name Suggestions
- Zero-Day Exploits In The Wild Tracker
- Google Project Zero Vulnerability Data
- Real-World 0day Attack Log
- Active Zero-Day Threat Index
Attributes
Original Data Source: Intended users include security researchers
QUALITYLoading...