cve-search
cve-search - a tool to perform local searches for known vulnerabilities (by cve-search)
gsd-database
Global Security Database (by CloudSecurityAlliance)
cve-search | gsd-database | |
---|---|---|
1 | 7 | |
2,202 | 294 | |
0.9% | 1.0% | |
8.5 | 9.5 | |
12 days ago | 7 days ago | |
Python | ||
GNU Affero General Public License v3.0 | Creative Commons Zero v1.0 Universal |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cve-search
Posts with mentions or reviews of cve-search.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-02-07.
-
Vulnerability scraper
Above that, a search for "cve scraper github" will give you tens of ready-made (Python) projects to build off. This one is almost complete: https://github.com/cve-search/cve-search
gsd-database
Posts with mentions or reviews of gsd-database.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-02-07.
- Vulnerability scraper
-
Linux Kernel ksmbd Use-After-Free Remote Code Execution Vulnerability ZDI-22-1690 CVSS SCORE 10.0
On Thu, Dec 22, 2022 at 04:49:04PM -0500, Jan Schaumann wrote:> Lastly, given that this is a coordinated disclosure,> I don't know why there are no CVE IDs reserved for> these.The kernel developers do not work with CVEs at all as they are not allthat relevant for the most part for kernel issues. MITRE agrees with uswill not even give them to us if we ask for them :)Some Linux companies still insist on assigning CVEs, but that'sprimarily to help enable their internal engineering processes more thananything else.As an alternative, please look at the GSD (Global Security Database,https://globalsecuritydatabase.org/) for which the kernel does get idsassigned for issues like this, and many many others.sorry,greg k-h
-
Notes on OpenSSL remote memory corruption
The Global Security Database (https://globalsecuritydatabase.org) has assigned this GSD-2022-1002526 (https://edit.globalsecuritydatabase.org/identifier/GSD-2022-1002526) for tracking purposes. Please feel free to update it if you see anything incorrect or missing. Thanks.
-
AWS universal rate-limiter bypass
Thanks, this has been assigned GSD-2022-1002524 by the GlobalSecurityDatabase (https://globalsecuritydatabase.org/), the data is available at: https://raw.globalsecuritydatabase.org/GSD-2022-1002524
- Show HN: Global Security Database
-
Marak adds infinite loop to colors.js.
The color.js issue is being tracked by the #GSD https://globalsecuritydatabase.org/ in GSD-2022-1000007 (https://github.com/cloudsecurityalliance/gsd-database/blob/main/2022/1000xxx/GSD-2022-1000007.json) and the faker.js issue in GSD-2022-1000008, if you would like to add anything to it please submit a PR or file an issue against the file. Thanks.
-
PHP 7.3-8.1 disable_functions bypass using string concatenation (PoC)
Thanks, this is tracked in the https://globalsecuritydatabase.org/ as GSD-2022-1000005 https://github.com/cloudsecurityalliance/gsd-database/blob/main/2022/1000xxx/GSD-2022-1000005.json
What are some alternatives?
When comparing cve-search and gsd-database you can also consider the following projects:
web-cve-tests - A simple framework for sending test payloads for known web CVEs.
rdma-fs - A file system over RDMA
rapidscan - :new: The Multi-Tool Web Vulnerability Scanner.
colors.js - get colors in your node.js console
CVEAggregate - Build a CVE library with aggregated CISA, EPSS and CVSS data