VARIoT IoT vulnerabilities and exploits databases API

Access the API

Access to the API is limited for not registerd users to 100 requests per day.

You can access the API without restrictions after registering with your email here.


API Key

To access the API without restrictions you must pass your token in the "Authorization" field of the requests's header:

curl -X GET 'https://www.variotdbs.pl/api/vulns/' -H 'Authorization: Token yourAuthorizationTokenGoesHere'


API endpoints

API has four endpoints:

  1. /api/vuln/<id>/?jsonld=false
  2. /api/vulns/?jsonld=false&since=1970-01-01&before=2099-01-01
  3. /api/exploit/<id>/?jsonld=false
  4. /api/exploits/?jsonld=false&since=1970-01-01&before=2099-01-01

vuln endpoint

vuln endpoint is used to retrive details of the single vulnerability. Query param can be omitted to get data in the JSON format.

/api/vuln/<id>/?jsonld=false

<id>
ID of the vulnerability to download. ID can be CVE or VARIoT identifier. Format of the VARIoT identifier is:

VAR-YEARMONTH-ENUMERATOR

e.g VAR-202103-0001
jsonld
Switch to choose data output format. Default is

jsonld=false

jsonld=true

result will be returned in JSON-LD format

jsonld=false

result will be returned in JSON format

vulns endpoint

vulns endpoint is used to retrive details of many vulnerabilities matching criteria in the query. Query params can be omitted to obtain all the vulnerabilities in the JSON format.

/api/vulns/?jsonld=false&since=1970-01-01&before=2099-12-31

jsonld
Switch to choose data output format. Default is

jsonld=false

jsonld=true

result will be returned in JSON-LD format

jsonld=false

result will be returned in JSON format
since
Retrive vulnerabilities updated since the specified date (YEAR-MONTH-DAYT24H:MINUTES:SECONDS+TIMEZONE). For example:

since=1970-01-01T23:59:00+01:00

before
Retrive vulnerabilities updated before the specified date. For example:

before=2099-12-31T23:59:00+01:00


exploit endpoint

exploit endpoint is used to retrive details of the single exploit. Query param can be omitted to get data in the JSON format.

/api/exploit/<id>/?jsonld=false

<id>
ID of the exploit to download. ID can be CVE, EXPLOIT-DB or VARIoT identifier. Format of the VARIoT identifier is:

VAR-E-YEARMONTH-ENUMERATOR

e.g VAR-E-202103-0001
jsonld
Switch to choose data output format. Default is

jsonld=false

jsonld=true

result will be returned in JSON-LD format

jsonld=false

result will be returned in JSON format

exploits endpoint

exploits endpoint is used to retrive details of many exploits matching criteria in the query. Query params can be omitted to obtain all the exploits in the JSON format.

/api/exploits/?jsonld=false&since=1970-01-01&before=2099-12-31

jsonld
Switch to choose data output format. Default is

jsonld=false

jsonld=true

result will be returned in JSON-LD format

jsonld=false

result will be returned in JSON format
since
Retrive exploits updated since the specified date (YEAR-MONTH-DAYT24H:MINUTES:SECONDS+TIMEZONE). For example:

since=1970-01-01T23:59:00+01:00

before
Retrive exploits updated before the specified date. For example:

before=2099-12-31T23:59:00+01:00


Example of the output

{
 "count":17000,
 "next":"https://www.variotdbs.pl/api/vulns/?jsonld=false&limit=100&offset=100",
 "previous":null,
 "results":[{…}]
}

where:
count
Number of entries matching the query criteria
next
URL to retrive next portion of data
previous
URL to retrive previous portion of data
results
List of JSON documents with data