The present invention relates to a method for verifying vulnerabilities of network device using Common Vulnerabilities and Exposures (“CVE)” entries comprising generating a CVE tree from each of the CVE entry and defining an indexed CVE entry, that identifies vulnerable configuration fields and extracts a set of vulnerable conditions comprising an operator attribute and nested CPE records. The CVE tree is provided with the operator attribute as node and with Common Platform Enumeration (“CPE”) records as leaves from the node, wherein the decoding comprises tokenizing of the decoded string in a sequence of plurality of n-grams having predefined sizes, and wherein the matching comprises a lookup of the sequence of plurality of n-grams into the CVE tree, that raises an alert when the operator attribute corresponds a match between CPE records.