Filter: ExploitTimelineFilter

A field that checks if all filters in the list apply

If the list is empty, this filter applies to all objects.

A field that checks if any of the filters in the list apply.

If the list is empty, this filter applies to no objects.

Note that only the items in the list or-combined; this complete OR field is and-combined with outer fields in the parent filter type.

Checks if firstExploitPocOrHigher equals a specified value.

If an index exists on firstExploitPocOrHigher, it can be used.

The date the exploit was first published as a proof of concept

Checks if firstExploitPocOrHigher is greater than a specified value.

The date the exploit was first published as a proof of concept

Checks if firstExploitPocOrHigher is greater or equal a specified value.

The date the exploit was first published as a proof of concept

Checks if firstExploitPocOrHigher is equal to one of the specified values.

The date the exploit was first published as a proof of concept

Checks if firstExploitPocOrHigher is less than a specified value.

The date the exploit was first published as a proof of concept

Checks if firstExploitPocOrHigher is less or equal a specified value.

The date the exploit was first published as a proof of concept

Checks if firstExploitPocOrHigher does not equal a specified value

The date the exploit was first published as a proof of concept

Checks if firstExploitPocOrHigher is not equal to one of the specified values.

The date the exploit was first published as a proof of concept

Checks if firstExploitPublished equals a specified value.

If an index exists on firstExploitPublished, it can be used.

The date the exploit was first published

Checks if firstExploitPublished is greater than a specified value.

The date the exploit was first published

Checks if firstExploitPublished is greater or equal a specified value.

The date the exploit was first published

Checks if firstExploitPublished is equal to one of the specified values.

The date the exploit was first published

Checks if firstExploitPublished is less than a specified value.

The date the exploit was first published

Checks if firstExploitPublished is less or equal a specified value.

The date the exploit was first published

Checks if firstExploitPublished does not equal a specified value

The date the exploit was first published

Checks if firstExploitPublished is not equal to one of the specified values.

The date the exploit was first published

Checks if firstExploitWeaponizedOrHigher equals a specified value.

If an index exists on firstExploitWeaponizedOrHigher, it can be used.

The date the exploit was first weaponized

Checks if firstExploitWeaponizedOrHigher is greater than a specified value.

The date the exploit was first weaponized

Checks if firstExploitWeaponizedOrHigher is greater or equal a specified value.

The date the exploit was first weaponized

Checks if firstExploitWeaponizedOrHigher is equal to one of the specified values.

The date the exploit was first weaponized

Checks if firstExploitWeaponizedOrHigher is less than a specified value.

The date the exploit was first weaponized

Checks if firstExploitWeaponizedOrHigher is less or equal a specified value.

The date the exploit was first weaponized

Checks if firstExploitWeaponizedOrHigher does not equal a specified value

The date the exploit was first weaponized

Checks if firstExploitWeaponizedOrHigher is not equal to one of the specified values.

The date the exploit was first weaponized

Checks if firstReportedBotnet equals a specified value.

If an index exists on firstReportedBotnet, it can be used.

The date the exploit was first used in a botnet

Checks if firstReportedBotnet is greater than a specified value.

The date the exploit was first used in a botnet

Checks if firstReportedBotnet is greater or equal a specified value.

The date the exploit was first used in a botnet

Checks if firstReportedBotnet is equal to one of the specified values.

The date the exploit was first used in a botnet

Checks if firstReportedBotnet is less than a specified value.

The date the exploit was first used in a botnet

Checks if firstReportedBotnet is less or equal a specified value.

The date the exploit was first used in a botnet

Checks if firstReportedBotnet does not equal a specified value

The date the exploit was first used in a botnet

Checks if firstReportedBotnet is not equal to one of the specified values.

The date the exploit was first used in a botnet

Checks if firstReportedRansomware equals a specified value.

If an index exists on firstReportedRansomware, it can be used.

The date the exploit was first used for ransomware

Checks if firstReportedRansomware is greater than a specified value.

The date the exploit was first used for ransomware

Checks if firstReportedRansomware is greater or equal a specified value.

The date the exploit was first used for ransomware

Checks if firstReportedRansomware is equal to one of the specified values.

The date the exploit was first used for ransomware

Checks if firstReportedRansomware is less than a specified value.

The date the exploit was first used for ransomware

Checks if firstReportedRansomware is less or equal a specified value.

The date the exploit was first used for ransomware

Checks if firstReportedRansomware does not equal a specified value

The date the exploit was first used for ransomware

Checks if firstReportedRansomware is not equal to one of the specified values.

The date the exploit was first used for ransomware

Checks if firstReportedThreatActor equals a specified value.

If an index exists on firstReportedThreatActor, it can be used.

The date the exploit was first exploited by a named Threat Actor

Checks if firstReportedThreatActor is greater than a specified value.

The date the exploit was first exploited by a named Threat Actor

Checks if firstReportedThreatActor is greater or equal a specified value.

The date the exploit was first exploited by a named Threat Actor

Checks if firstReportedThreatActor is equal to one of the specified values.

The date the exploit was first exploited by a named Threat Actor

Checks if firstReportedThreatActor is less than a specified value.

The date the exploit was first exploited by a named Threat Actor

Checks if firstReportedThreatActor is less or equal a specified value.

The date the exploit was first exploited by a named Threat Actor

Checks if firstReportedThreatActor does not equal a specified value

The date the exploit was first exploited by a named Threat Actor

Checks if firstReportedThreatActor is not equal to one of the specified values.

The date the exploit was first exploited by a named Threat Actor

Checks if mostRecentExploitPublished equals a specified value.

If an index exists on mostRecentExploitPublished, it can be used.

The date of the most recently published exploit

Checks if mostRecentExploitPublished is greater than a specified value.

The date of the most recently published exploit

Checks if mostRecentExploitPublished is greater or equal a specified value.

The date of the most recently published exploit

Checks if mostRecentExploitPublished is equal to one of the specified values.

The date of the most recently published exploit

Checks if mostRecentExploitPublished is less than a specified value.

The date of the most recently published exploit

Checks if mostRecentExploitPublished is less or equal a specified value.

The date of the most recently published exploit

Checks if mostRecentExploitPublished does not equal a specified value

The date of the most recently published exploit

Checks if mostRecentExploitPublished is not equal to one of the specified values.

The date of the most recently published exploit

Checks if mostRecentReportedBotnet equals a specified value.

If an index exists on mostRecentReportedBotnet, it can be used.

The date the exploit was most recently used in a botnet

Checks if mostRecentReportedBotnet is greater than a specified value.

The date the exploit was most recently used in a botnet

Checks if mostRecentReportedBotnet is greater or equal a specified value.

The date the exploit was most recently used in a botnet

Checks if mostRecentReportedBotnet is equal to one of the specified values.

The date the exploit was most recently used in a botnet

Checks if mostRecentReportedBotnet is less than a specified value.

The date the exploit was most recently used in a botnet

Checks if mostRecentReportedBotnet is less or equal a specified value.

The date the exploit was most recently used in a botnet

Checks if mostRecentReportedBotnet does not equal a specified value

The date the exploit was most recently used in a botnet

Checks if mostRecentReportedBotnet is not equal to one of the specified values.

The date the exploit was most recently used in a botnet

Checks if mostRecentReportedRansomware equals a specified value.

If an index exists on mostRecentReportedRansomware, it can be used.

The date the exploit was most recently used for ransomware

Checks if mostRecentReportedRansomware is greater than a specified value.

The date the exploit was most recently used for ransomware

Checks if mostRecentReportedRansomware is greater or equal a specified value.

The date the exploit was most recently used for ransomware

Checks if mostRecentReportedRansomware is equal to one of the specified values.

The date the exploit was most recently used for ransomware

Checks if mostRecentReportedRansomware is less than a specified value.

The date the exploit was most recently used for ransomware

Checks if mostRecentReportedRansomware is less or equal a specified value.

The date the exploit was most recently used for ransomware

Checks if mostRecentReportedRansomware does not equal a specified value

The date the exploit was most recently used for ransomware

Checks if mostRecentReportedRansomware is not equal to one of the specified values.

The date the exploit was most recently used for ransomware

Checks if mostRecentReportedThreatActor equals a specified value.

If an index exists on mostRecentReportedThreatActor, it can be used.

The date the exploit was most recently reported to have been used by a named Threat Actor

Checks if mostRecentReportedThreatActor is greater than a specified value.

The date the exploit was most recently reported to have been used by a named Threat Actor

Checks if mostRecentReportedThreatActor is greater or equal a specified value.

The date the exploit was most recently reported to have been used by a named Threat Actor

Checks if mostRecentReportedThreatActor is equal to one of the specified values.

The date the exploit was most recently reported to have been used by a named Threat Actor

Checks if mostRecentReportedThreatActor is less than a specified value.

The date the exploit was most recently reported to have been used by a named Threat Actor

Checks if mostRecentReportedThreatActor is less or equal a specified value.

The date the exploit was most recently reported to have been used by a named Threat Actor

Checks if mostRecentReportedThreatActor does not equal a specified value

The date the exploit was most recently reported to have been used by a named Threat Actor

Checks if mostRecentReportedThreatActor is not equal to one of the specified values.

The date the exploit was most recently reported to have been used by a named Threat Actor

Checks if nvdPublished equals a specified string, case-sensitively.

If an index exists on nvdPublished, it can be used.

See also like for a case-insensitive filter.

The date the exploit was first recognized by NVD

Checks if nvdPublished contains a specified string, case-sensitively.

The date the exploit was first recognized by NVD

Checks if nvdPublished ends with a specified string, case-sensitively.

The date the exploit was first recognized by NVD

Checks if nvdPublished is greater than a specified value.

The date the exploit was first recognized by NVD

Checks if nvdPublished is greater or equal a specified value.

The date the exploit was first recognized by NVD

Checks if nvdPublished is equal to one of the specified values.

The date the exploit was first recognized by NVD

Matches nvdPublished against a pattern case-insensitively with the following placeholders:

% matches any sequence of characters, including the empty string; _ matches exactly one character; \ can be used to escape the placeholders (use \\ for a literal backslash);

If an index exists on nvdPublished, it can be used for the literal prefix (the part until the first placeholder).

The date the exploit was first recognized by NVD

Checks if nvdPublished is less than a specified value.

The date the exploit was first recognized by NVD

Checks if nvdPublished is less or equal a specified value.

The date the exploit was first recognized by NVD

Checks if nvdPublished does not equal a specified string, case-sensitively.

The date the exploit was first recognized by NVD

Checks if nvdPublished does not contain a specified string, case-sensitively.

The date the exploit was first recognized by NVD

Checks if nvdPublished does not end with a specified string, case-sensitively.

The date the exploit was first recognized by NVD

Checks if nvdPublished is not equal to one of the specified values.

The date the exploit was first recognized by NVD

Checks if nvdPublished does not match a pattern case-insensitively with the following placeholders:

% matches any sequence of characters, including the empty string; _ matches exactly one character; \ can be used to escape the placeholders (use \\ for a literal backslash);

The date the exploit was first recognized by NVD

Checks if nvdPublished does not start with a specified string, case-sensitively.

Never uses an index. Consider using not_like (with the % placeholder) for a case-insensitive filter that can use an index.

The date the exploit was first recognized by NVD

Checks if nvdPublished starts with a specified string, case-sensitively.

Never uses an index. Consider using like (with the % placeholder) for a case-insensitive filter that can use an index.

The date the exploit was first recognized by NVD