Skip to content

Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).

License

Notifications You must be signed in to change notification settings

cve-search/vulnerability-lookup

Vulnerability-Lookup

Vulnerability-Lookup logo

Latest release License Contributors Stars

Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD). Vulnerability-Lookup is also a collaborative platform where users can comment on security advisories and create bundles.

A Vulnerability-Lookup instance operated by CIRCL is available at https://vulnerability.circl.lu.

Features

  • API: A comprehensive and fast lookup API for searching vulnerabilities and identifying correlations by vulnerability identifier.
  • Feeders: Modular system to import vulnerabilities from different sources.
  • CVD process: Creation, edition and fork/copy of Security Advisories with the vulnogram editor. Support of local vulnerability source per Vulnerability-Lookup instance.
  • Sightings: Users have the possibility to add observations to vulnerabilities with different types of sightings, such as: seen, exploited, not exploited, confirmed, not confirmed, patched, and not patched.
  • Comments: Ability to add, review and share comments on vulnerability advisories.
  • Bundles: Possibility to create bundles of vulnerability advisories with a description.
  • RSS/Atom: An extensive RSS and Atom support for vulnerabilities and comments.
  • EPSS: Integration of the Exploit Prediction Scoring System.

The official documentation is available here.

Sources and Feeders

  • CISA Known exploited vulnerability DB (via HTTP).
  • NIST NVD CVE importer (via API 2.0).
  • CVEProject - cvelist (via git submodule repository).
  • Cloud Security Alliance - GSD-Database (via git submodule repository).
  • GitHub Advisory Database (via git submodule repository).
  • PySec Advisory Database (via git submodule repository).
  • OpenSSF Malicious Packages (via git submodule repository)
  • Additional sources via CSAF including CERT-Bund, CISA, Cisco, nozominetworks, Open-Xchange, Red Hat, Sick, Siemens, NCSC-NL.
  • VARIoT IoT vulnerabilities database.
  • JVN iPedia, Japan database of vulnerability countermeasure information.
  • Tailscale security bulletins.
  • CWE (Common Weakness Enumeration) and CAPEC (Common Attack Pattern Enumeration and Classification)

Sighting Sources

Vulnerability-Lookup facilitates the recording of vulnerability sightings, regardless of whether they have been published by a source. A suite of sighting clients is already available to support this functionality:

If you want to create your own sigthing tool, it's recommended to use PyVulnerabilityLookup, a Python library to access Vulnerability-Lookup via its REST API.

Installation

Requirements

Installation instructions are available in the documentation.

Architecture

Overview of the Vulnerability-Lookup architecture

License

Vulnerability-Lookup is free software released under the "GNU Affero General Public License v3.0".

Copyright (c) 2023-2024 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (c) 2023-2024 Alexandre Dulaunoy - https://github.com/adulau
Copyright (c) 2023-2024 Raphaël Vinot - https://github.com/Rafiot
Copyright (c) 2024 Cédric Bonhomme - https://github.com/cedricbonhomme

About

Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published