Sources available in Vulnerability-Lookup project

Sources and Feeders

  • CISA Known exploited vulnerability DB (via HTTP).
  • NIST NVD CVE importer (via API 2.0), and Fraunhofer FKIE NVD.
  • CVEProject - cvelist (via git submodule repository).
  • Cloud Security Alliance - GSD-Database (via git submodule repository).
  • GitHub Advisory Database (via git submodule repository).
  • PySec Advisory Database (via git submodule repository).
  • OpenSSF Malicious Packages (via git submodule repository)
  • Additional sources via CSAF including CERT-Bund, CISA, Cisco, nozominetworks, Open-Xchange, Red Hat, Sick, Siemens, Microsoft.
  • VARIoT IoT vulnerabilities database.
  • JVN iPedia, Japan database of vulnerability countermeasure information.
  • Tailscale security bulletins.
  • CWE (Common Weakness Enumeration) and CAPEC (Common Attack Pattern Enumeration and Classification)

If you know additional sources or feeders to be added in Vulnerability-Lookup, don’t hesitate to open an issue.