Unfortunately we can not rely on issued CVEs, as there seem to be vendors security advisories without an issued CVE yet. I want to build a database of vulnerabilities, so data that is easy to process automatically would be great.
Asked
Active
Viewed 143 times
-1
-
Unfortunately there is nothing better than CVE, at least not that is publicly available for free. – paj28 Sep 14 '16 at 10:02
1 Answers
2
Try https://www.cvedetails.com/ where you can filter by vendor and product.
e.g. Microsoft .NET Framework vulnerabilities.
These are also retrievable via RSS feeds.
SilverlightFox
- 33,408
- 6
- 67
- 178
-
Thanks for your answer. On suggested site under https://www.cvedetails.com/vulnerability-list/vendor_id-1367/Drupal.html I can not find the vulnerability suggested by https://www.drupal.org/node/2765575 , although there even exists a metasploit module: https://www.rapid7.com/db/modules/exploit/unix/webapp/drupal_coder_exec . Am I using this site wrong? – Lester Sep 14 '16 at 08:50
-
There doesn't appear to be a CVE yet. The Drupal site says the following: `A CVE identifier will be requested, and added upon issuance` – SilverlightFox Sep 14 '16 at 09:06
-
Yeah, that's right. But the vulnerability was issued about two month ago. An even though cvedetails.com claims to include metasploit modules (an there exists one for that vulnerability), the vulnerability is not listed there. I think that answers a part of my question in a way: We can not rely on CVE info alone. If we want comprehensive up-to-date info on vulnerabilites out there, we need another solution. – Lester Sep 14 '16 at 09:33
-
Have a look at [this question](https://security.stackexchange.com/questions/25219/how-are-cve-identifiers-assigned-and-managed). – SilverlightFox Sep 14 '16 at 09:35
-
Thank you for your effort. I am sorry, but I can not see how this helps to solve the problem in question. Did you just want to point out why CVEs alone do not help with the problem or is there a good hint towards a solution I am not aware of? – Lester Sep 14 '16 at 09:44