Sources available in Vulnerability-Lookup project
Sources and Feeders
- CISA Known exploited vulnerability DB (via HTTP).
- NIST NVD CVE importer (via API 2.0), and Fraunhofer FKIE NVD.
- CVEProject - cvelist (via git submodule repository).
- Cloud Security Alliance - GSD-Database (via git submodule repository).
- GitHub Advisory Database (via git submodule repository).
- PySec Advisory Database (via git submodule repository).
- OpenSSF Malicious Packages (via git submodule repository)
- Additional sources via CSAF including CERT-Bund, CISA, Cisco, nozominetworks, Open-Xchange, Red Hat, Sick, Siemens, Microsoft.
- VARIoT IoT vulnerabilities database.
- JVN iPedia, Japan database of vulnerability countermeasure information.
- Tailscale security bulletins.
- CWE (Common Weakness Enumeration) and CAPEC (Common Attack Pattern Enumeration and Classification)
If you know additional sources or feeders to be added in Vulnerability-Lookup, don’t hesitate to open an issue.