shadow_server_feeds: - code: shadowserver-accessible-mysql-server name: Shadowserver Accessible MySQL Server search_subject_like: Shadowserver % Accessible MySQL Server Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-mysql-server __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-openmemcached name: Shadowserver Open Memcached search_subject_like: Shadowserver % Open Memcached Server Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-memcached __taxonomy: ["vulnerable", "ddos-amplifier"] - code: shadowserver-openmssql name: Shadowserver Open MSSQL search_subject_like: Shadowserver % Open MS-SQL Server Resolution Service Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-mssql __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-opentftp name: Shadowserver Open TFTP search_subject_like: Shadowserver % Open TFTP Servers Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-tftp __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-accessible-rdp name: Shadowserver Accessible RDP search_subject_like: Shadowserver % Accessible RDP Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-rdp __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-accessible-docker-service name: Shadowserver Accessible Docker Service search_subject_like: Shadowserver % Accessible Docker Service Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-docker-service monitoring-ignore-no-data: Rarerly contains any data __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-accessible-erlang-port-mapper-daemon-report name: Shadowserver Accessible Erlang Port Mapper Daemon Report search_subject_like: Shadowserver % Accessible Erlang Port Mapper Daemon Report __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-erlang-port-mapper-daemon - code: shadowserver-open-port-mapper name: Shadowserver Austria Open Portmapper Scan search_subject_like: Shadowserver % Open Portmapper Scan Report __taxonomy: ["vulnerable", "ddos-amplifier"] documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-portmapper - code: shadowserver-accessible-kubernetes-api name: Shadowserver Accessible Kubernetes API search_subject_like: Shadowserver % Accessible Kubernetes API Server Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-kubernetes-api __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-accessible-smb-service name: Shadowserver Accessible SMB Service search_subject_like: Shadowserver % Accessible SMB Service Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-smb __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-ntp-monitor name: Shadowserver NTP Monitor search_subject_like: Shadowserver % NTP Monitor Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#ntp-monitor __taxonomy: ["vulnerable", "ddos-amplifier"] - code: shadowserver-ntp-version name: Shadowserver NTP Version search_subject_like: Shadowserver % NTP Version Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#ntp-version __taxonomy: ["vulnerable", "ddos-amplifier"] - code: shadowserver-open-chargen name: Shadowserver Open Chargen search_subject_like: Shadowserver % Open Chargen Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-chargen __taxonomy: ["vulnerable", "ddos-amplifier"] - code: shadowserver-open-ipmi name: Shadowserver Open IPMI search_subject_like: Shadowserver % Open IPMI Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-ipmi __taxonomy: ["vulnerable", "vulnerable-system"] - code: shadowserver-open-mdns name: Shadowserver Open mDNS search_subject_like: Shadowserver % Open mDNS Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-mdns __taxonomy: ["vulnerable", "information-disclosure"] - code: shadowserver-open-mongodb-service name: Shadowserver Open MongoDB Service search_subject_like: Shadowserver % Open MongoDB Service Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-mongodb __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-open-netbios name: Shadowserver Open Netbios search_subject_like: Shadowserver % Open Netbios Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-netbios __taxonomy: ["vulnerable", "vulnerable-system"] - code: shadowserver-open-qotd name: Shadowserver Open QOTD search_subject_like: Shadowserver % Open QOTD Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-qotd __taxonomy: ["vulnerable", "ddos-amplifier"] - code: shadowserver-open-snmp name: Shadowserver Open SNMP search_subject_like: Shadowserver % Open SNMP Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-snmp __taxonomy: ["vulnerable", "vulnerable-system"] - code: shadowserver-open-ssdp name: Shadowserver Open SSDP search_subject_like: Shadowserver % Open SSDP Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-ssdp __taxonomy: ["vulnerable", "ddos-amplifier"] - code: shadowserver-vulnerable-http name: Shadowserver Vulnerable HTTP search_subject_like: Shadowserver % Vulnerable HTTP Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#vulnerable-http __taxonomy: ["vulnerable", "vulnerable-system"] - code: shadowserver-vulnerable-isakmp name: Shadowserver Vulnerable ISAKMP search_subject_like: Shadowserver % Vulnerable ISAKMP Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#vulnerable-isakmp monitoring-ignore-no-data: Rarerly contains any data - code: shadowserver-ssl-freak name: Shadowserver SSL/FREAK search_subject_like: Shadowserver % SSL/Freak Vulnerable Servers Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#ssl-freak - code: shadowserver-vulnerable-exchange-server name: Shadowserver Vulnerable Exchange Server search_subject_like: Shadowserver % Vulnerable Exchange Server Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#vulnerable-exchange-server __taxonomy: ["vulnerable", "vulnerable-system"] - code: shadowserver-accessible-postgresql name: Shadowserver Accessible PostgreSQL Server search_subject_like: Shadowserver % Accessible PostgreSQL Server Report __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-postgresql-server - code: shadowserver-accessible-vnc name: Shadowserver Accessible VNC search_subject_like: Shadowserver % Accessible VNC Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-vnc __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] monitoring-ignore-no-data: We have never got any data - code: shadowserver-accessible-afp name: ShadowServer Accessible Apple Filing Protocol search_subject_like: ShadowServer % Accessible Apple Filing Protocol documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-afp __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-accessible-amqp name: Shadowserver Accessible AMQP search_subject_like: Shadowserver % Accessible AMQP Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-amqp __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-accessible-apple-remote-desktop name: Shadowserver Accessible Apple Remote Desktop search_subject_like: Shadowserver % Accessible Apple Remote Desktop Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-ard __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-accessible-coap name: Shadowserver Accessible CoAP search_subject_like: Shadowserver % Accessible CoAP Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-coap __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-accessible-radmin name: Shadowserver Accessible Radmin search_subject_like: Shadowserver % Accessible Radmin Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-radmin __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-accessible-sip name: Shadowserver Accessible SIP search_subject_like: Shadowserver % Accessible SIP Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-sip __taxonomy: ["vulnerable", "ddos-amplifier"] - code: shadowserver-accessible-slp name: Shadowserver Accessible SLP Service search_subject_like: Shadowserver % Accessible SLP Service Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-slp __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-honeypot-ddos-amplification name: Shadowserver Honeypot DDoS Amplification Events search_subject_like: Shadowserver % Honeypot DDoS Amplification Events Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#honeypot-ddos-ampl __taxonomy: ["availability", "ddos"] - code: shadowserver-vulnerable-smtp name: Shadowserver Vulnerable SMTP search_subject_like: Shadowserver % Vulnerable SMTP Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#vulnerable-smtp __taxonomy: ["vulnerable", "vulnerable-system"] - code: shadowserver-accessible-xdmcp-service name: Shadowserver Accessible XDMCP Service search_subject_like: Shadowserver % Accessible XDMCP Service Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-xdmcp __taxonomy: ["vulnerable", "ddos-amplifier"] - code: shadowserver-accessible-ws-discovery-service name: Shadowserver Accessible WS-Discovery Service search_subject_like: Shadowserver % Accessible WS-Discovery Service Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-ws-discovery __taxonomy: ["vulnerable", "ddos-amplifier"] - code: shadowserver-accessible-stun-service name: Shadowserver Accessible Session Traversal Utilities for NAT Service search_subject_like: Shadowserver % Accessible Session Traversal Utilities for NAT Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-stun __taxonomy: ["vulnerable", "ddos-amplifier"] - code: shadowserver-accessible-rsync-service name: Shadowserver Accessible Rsync Service search_subject_like: Shadowserver % Accessible Rsync Service Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-rsync __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-open-mqtt name: Shadowserver Open MQTT search_subject_like: Shadowserver % Open MQTT Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-mqtt __taxonomy: ["vulnerable", "information-disclosure"] - code: shadowserver-accessible-dvr-dhcpdiscover name: Shadowserver Accessible DVR DHCPDiscover search_subject_like: Shadowserver % Accessible DVR DHCPDiscover Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-dvr-dhcp __taxonomy: ["vulnerable", "ddos-amplifier"] - code: shadowserver-accessible-couchdb-server name: Shadowserver Accessible CouchDB Server search_subject_like: Shadowserver % Accessible CouchDB Server Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-couchdb __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-honeypot-brutforce name: Shadowserver Honeypot Brute Force Events search_subject_like: Shadowserver % Honeypot Brute Force Events Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#honeypot-brutforce __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-hadoop name: Shadowserver Accessible Hadoop search_subject_like: Shadowserver % Accessible Hadoop Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-hadoop __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] monitoring-ignore-no-data: "Rarerly any data" - code: shadowserver-ddos-participant name: Shadowserver DDoS Participant search_subject_like: Shadowserver % DDoS Participant Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#ddos-participant __taxonomy: ["availability", "ddos"] monitoring-ignore-no-data: "Rarerly any data" - code: shadowserver-netcore-netis name: Shadowserver Netcore/Netis Router Vulnerability Scan search_subject_like: Shadowserver % Netcore/Netis Router Vulnerability Scan Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#netcore-netis __taxonomy: ["vulnerable", "vulnerable-system"] monitoring-ignore-no-data: "Rarerly any data" - code: shadowserver-synful-scan name: Shadowserver Synful Scan search_subject_like: Shadowserver % Synful Scan Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#synful-scan __taxonomy: ["vulnerable", "vulnerable-system"] monitoring-ignore-no-data: "Rarerly any data" - code: shadowserver-accessible-adb name: Shadowserver Accessible Android Debug Bridge search_subject_like: Shadowserver % Accessible Android Debug Bridge Report documentation: https://cert.at/de/services/daten-feeds/vulnerable#accessible-adb __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: sinkhole-http-events name: Shadowserver Sinkhole HTTP Events search_subject_like: Shadowserver % Sinkhole HTTP Events Report documentation: https://cert.at/de/services/daten-feeds/malicious-code#sinkhole-events __taxonomy: ["malicious-code", "infected-system"] - code: sinkhole-events name: Shadowserver Sinkhole Events Report search_subject_like: Shadowserver % Sinkhole Events Report documentation: https://cert.at/de/services/daten-feeds/malicious-code#sinkhole-events __taxonomy: ["malicious-code", "infected-system"] - code: shadowserver-accessible-ftp name: Shadowserver Accessible FTP search_subject_like: Shadowserver % Accessible FTP Service Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-ftp __taxonomy: ["vulnerable", "vulnerable-system"] # We filter out non-CVE entries - code: shadowserver-accessible-socks name: ShadowServer Accessible SOCKS 4/5 Proxy search_subject_like: Shadowserver % Accessible SOCKS4/5 Proxy Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#accessible-socks45 __taxonomy: ["vulnerable", "potentially-unwanted-accessible"] - code: shadowserver-open-http-proxy name: ShadowServer Open HTTP Proxy search_subject_like: Shadowserver % Open HTTP Proxy Report documentation: https://cert.at/de/services/daten-feeds/vulnerable/#open-http-proxy __taxonomy: ["vulnerable", "potentially-unwanted-accessible"]