cve-search - a tool to perform local searches for known vulnerabilities

Overview

cve-search

Join the chat at https://gitter.im/cve-search/cve-search

cve-search logo

Build & Test

cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitate search and processing of CVEs.

The main objective of the software is to avoid doing direct and public lookups into the public CVE databases. Local lookups are usually faster and you can limit your sensitive queries via the Internet.

cve-search includes a back-end to store vulnerabilities and related information, an intuitive web interface for search and managing vulnerabilities, a series of tools to query the system and a web API interface.

cve-search is used by many organizations including the public CVE services of CIRCL.

This document gives you basic information how to start with cve-search. For more information please refer to the documentation in the /doc folder of this project.

Getting started

Check the documentation to get you started

Usage

You can search the database using search.py

./bin/search.py -p cisco:ios:12.4
./bin/search.py -p cisco:ios:12.4 -o json
./bin/search.py -f nagios -n
./bin/search.py -p microsoft:windows_7 -o html

If you want to search all the WebEx vulnerabilities and only printing the official references from the supplier.

./bin/search.py -p webex: -o csv  -v "cisco"

You can also dump the JSON for a specific CVE ID.

./bin/search.py -c CVE-2010-3333

Or dump the last 2 CVE entries in RSS or Atom format

./bin/dump_last.py -f atom -l 2

Or you can use the webinterface.

./web/index.py

Usage of the ranking database

There is a ranking database allowing to rank software vulnerabilities based on their common platform enumeration name. The ranking can be done per organization or department within your organization or any meaningful name for you.

As an example, you can add a partial CPE name like "sap:netweaver" which is very critical for your accounting department.

./sbin/db_ranking.py  -c "sap:netweaver" -g "accounting" -r 3

and then you can lookup the ranking (-r option) for a specific CVE-ID:

./bin/search.py -c CVE-2012-4341  -r  -n

Advanced usage

As cve-search is based on a set of tools, it can be used and combined with standard Unix tools. If you ever wonder what are the top vendors using the term "unknown" for their vulnerabilities:

python3 bin/search_fulltext.py -q unknown -f | jq -c '. | .vulnerable_configuration[0]' | cut -f5 -d: | sort  | uniq -c  | sort -nr | head -10

1500 oracle
381 sun
372 hp
232 google
208 ibm
126 mozilla
103 microsoft
100 adobe
 78 apple
 68 linux

You can compare CVSS (Common Vulnerability Scoring System ) values of some products based on their CPE name. Like comparing oracle:java versus sun:jre and using R to make some statistics about their CVSS values:

python3 bin/search.py -p oracle:java -o json  | jq -r '.cvss' | Rscript -e 'summary(as.numeric(read.table(file("stdin"))[,1]))'
Min. 1st Qu.  Median    Mean 3rd Qu.    Max.
1.800   5.350   9.300   7.832  10.000  10.000


python3 bin/search.py -p sun:jre -o json  | jq -r '.cvss' | Rscript -e 'summary(as.numeric(read.table(file("stdin"))[,1]))'
Min. 1st Qu.  Median    Mean 3rd Qu.    Max.
0.000   5.000   7.500   7.333  10.000  10.000

Fulltext indexing

If you want to index all the CVEs from your current MongoDB collection:

./sbin/db_fulltext.py -l 0

and you query the fulltext index (to get a list of matching CVE-ID):

./bin/search_fulltext.py -q NFS -q Linux

or to query the fulltext index and output the JSON object for each CVE-ID:

./bin/search_fulltext.py -q NFS -q Linux -f

Fulltext visualization

The fulltext indexer visualization is using the fulltext indexes to build a list of the most common keywords used in CVE. NLTK is required to generate the keywords with the most common English stopwords and lemmatize the output. NTLK for Python 3 exists but you need to use the alpha version of NLTK.

./bin/search_fulltext.py  -g -s >cve.json

cve-search visualization

You can see a visualization on the demo site.

Web interface

The web interface is a minimal interface to see the last CVE entries and query a specific CVE. You'll need flask in order to run the website and Flask-PyMongo. To start the web interface:

cd ./web
./index.py

Then you can connect on http://127.0.0.1:5000/ to browser the last CVE.

Web API interface

The web interface includes a minimal JSON API to get CVE by ID, by vendor or product. A public version of the API is also accessible on cve.circl.lu.

List the know vendors in JSON

curl http://127.0.0.1:5000/api/browse/

Dump the product of a specific vendor in JSON

curl  http://127.0.0.1:5000/api/browse/zyxel
{
  "product": [
    "n300_netusb_nbg-419n",
    "n300_netusb_nbg-419n_firmware",
    "p-660h-61",
    "p-660h-63",
    "p-660h-67",
    "p-660h-d1",
    "p-660h-d3",
    "p-660h-t1",
    "p-660h-t3",
    "p-660hw",
    "p-660hw_d1",
    "p-660hw_d3",
    "p-660hw_t3"
  ],
  "vendor": "zyxel"
}

Find the associated vulnerabilities to a vendor and a product

curl  http://127.0.0.1:5000/api/search/zyxel/p-660hw
[{"cwe": "CWE-352", "references": ["http://www.exploit-db.com/exploits/33518", "http://secunia.com/advisories/58513", "http://packetstormsecurity.com/files/126812/Zyxel-P-660HW-T1-Cross-Site-Request-Forgery.html", "http://osvdb.org/show/osvdb/107449"], "vulnerable_configuration": ["cpe:/h:zyxel:p-660hw:_t1:v3"], "Published": "2014-06-16T14:55:09.713-04:00", "id": "CVE-2014-4162", "Modified": "2014-07-17T01:07:29.683-04:00", "cvss": 6.8, "summary": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Zyxel P-660HW-T1 (v3) wireless router allow remote attackers to hijack the authentication of administrators for requests that change the (1) wifi password or (2) SSID via a request to Forms/WLAN_General_1."}, {"cwe": "CWE-20", "references": ["http://www.kb.cert.org/vuls/id/893726"], "vulnerable_configuration": ["cpe:/h:zyxel:p-660h-63:-", "cpe:/h:zyxel:p-660h-t1:-", "cpe:/h:zyxel:p-660h-d3:-", "cpe:/h:zyxel:p-660h-t3:v2", "cpe:/h:zyxel:p-660h-t1:v2", "cpe:/h:zyxel:p-660h-d1:-", "cpe:/h:zyxel:p-660h-67:-", "cpe:/h:zyxel:p-660h-61:-", "cpe:/h:zyxel:p-660hw_t3:v2", "cpe:/h:zyxel:p-660hw_t3:-", "cpe:/h:zyxel:p-660hw_d3:-", "cpe:/h:zyxel:p-660hw_d1:v2", "cpe:/h:zyxel:p-660hw_d1:-", "cpe:/h:zyxel:p-660hw:_t1:v2", "cpe:/h:zyxel:p-660hw:_t1:-"], "Published": "2014-04-01T23:58:16.967-04:00", "id": "CVE-2013-3588", "Modified": "2014-04-02T11:29:53.243-04:00", "cvss": 7.8, "summary": "The web management interface on Zyxel P660 devices allows remote attackers to cause a denial of service (reboot) via a flood of TCP SYN packets."}, {"cwe": "CWE-79", "references": ["http://osvdb.org/ref/99/rompager407.pdf", "http://osvdb.org/99694", "http://antoniovazquezblanco.github.io/docs/advisories/Advisory_RomPagerXSS.pdf"], "vulnerable_configuration": ["cpe:/h:d-link:dsl-2640r:-", "cpe:/h:d-link:dsl-2641r:-", "cpe:/h:huawei:mt882:-", "cpe:/h:sitecom:wl-174:-", "cpe:/h:tp-link:td-8816:-", "cpe:/a:allegrosoft:rompager:4.07", "cpe:/h:zyxel:p-660hw_d1:-"], "Published": "2014-01-16T14:55:04.607-05:00", "id": "CVE-2013-6786", "Modified": "2014-01-17T11:01:47.353-05:00", "cvss": 4.3, "summary": "Cross-site scripting (XSS) vulnerability in Allegro RomPager before 4.51, as used on the ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D-Link DSL-2640R and DSL-2641R, when the \"forbidden author header\" protection mechanism is bypassed, allows remote attackers to inject arbitrary web script or HTML by requesting a nonexistent URI in conjunction with a crafted HTTP Referer header that is not properly handled in a 404 page.  NOTE: there is no CVE for a \"URL redirection\" issue that some sources list separately."}, {"cwe": "CWE-79", "references": ["http://xforce.iss.net/xforce/xfdb/41109", "http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded", "http://www.gnucitizen.org/projects/router-hacking-challenge/"], "vulnerable_configuration": ["cpe:/h:zyxel:p-660hw_t3:v2", "cpe:/h:zyxel:p-660hw:_t1:v2", "cpe:/h:zyxel:p-660hw_d1:v2", "cpe:/h:zyxel:p-660hw_t3:-", "cpe:/h:zyxel:p-660hw:_t1:-", "cpe:/h:zyxel:p-660hw_d3:-", "cpe:/h:zyxel:p-660hw_d1:-"], "Published": "2008-03-10T13:44:00.000-04:00", "id": "CVE-2008-1257", "Modified": "2012-05-31T00:00:00.000-04:00", "cvss": 4.3, "summary": "Cross-site scripting (XSS) vulnerability in Forms/DiagGeneral_2 on the ZyXEL P-660HW series router allows remote attackers to inject arbitrary web script or HTML via the PingIPAddr parameter."}, {"id": "CVE-2008-1256", "references": ["http://xforce.iss.net/xforce/xfdb/41108", "http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded", "http://www.gnucitizen.org/projects/router-hacking-challenge/"], "vulnerable_configuration": ["cpe:/h:zyxel:p-660hw"], "Published": "2008-03-10T13:44:00.000-04:00", "Modified": "2011-03-07T22:06:25.080-05:00", "cvss": 10.0, "summary": "The ZyXEL P-660HW series router has \"admin\" as its default password, which allows remote attackers to gain administrative access."}, {"cwe": "CWE-264", "references": ["http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded", "http://www.gnucitizen.org/projects/router-hacking-challenge/", "http://xforce.iss.net/xforce/xfdb/41114"], "vulnerable_configuration": ["cpe:/h:zyxel:p-660hw"], "Published": "2008-03-10T13:44:00.000-04:00", "id": "CVE-2008-1255", "Modified": "2008-09-05T17:37:15.440-04:00", "cvss": 10.0, "summary": "The ZyXEL P-660HW series router maintains authentication state by IP address, which allows remote attackers to bypass authentication by establishing a session from a source IP address of a previously authenticated user."}, {"cwe": "CWE-352", "references": ["http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded", "http://www.gnucitizen.org/projects/router-hacking-challenge/", "http://xforce.iss.net/xforce/xfdb/41111"], "vulnerable_configuration": ["cpe:/h:zyxel:p-660hw"], "Published": "2008-03-10T13:44:00.000-04:00", "id": "CVE-2008-1254", "Modified": "2008-09-05T17:37:15.287-04:00", "cvss": 6.8, "summary": "Multiple cross-site request forgery (CSRF) vulnerabilities on the ZyXEL P-660HW series router allow remote attackers to (1) change DNS servers and (2) add keywords to the \"bannedlist\" via unspecified vectors."}]

Software using cve-search

Docker versions

Official dockerized version of cve-search:

CVE-Search-Docker

There are some unofficial dockerized versions of cve-search (which are not maintained by us):

Changelog

You can find the changelog here.

License

cve-search is free software released under the "GNU Affero General Public License v3.0"

Copyright (c) 2012 Wim Remes - https://github.com/wimremes/
Copyright (c) 2012-2021 Alexandre Dulaunoy - https://github.com/adulau/
Copyright (c) 2015-2019 Pieter-Jan Moreels - https://github.com/pidgeyl/
Copyright (c) 2020-2021 Paul Tikken - https://github.com/P-T-I
Comments
  • Cve search 399

    Cve search 399

    @adulau As promised the first version of the API re-write; could you test this in the beta instance?

    Work done:

    • restructure of web gui to facilitate new API setup;
    • documented API via redoc (flask-restx);
    • bumped bootstrap, jquery, font-awesome versions;
    • moved table to datatables.js and incorporated server-side processing of all queries related to tables;
    • added JWT for token based api calls to admin endpoints;
    • started first setup for database plugin/abstraction;
    • moved to gevent webserver instead of tornado;
    • added websockets to speedup certain long lasting requests.

    Install instructions:

    • I've added some indexes for query performance, so please re-run the indexer;
    • There's no more minimal.py; this behaviour is controled via the configuration.ini file; setting WebInterface to something other then 'Full' should mimic this behaviour;
    • Web interface should be started via the index.py (as before)

    Love to hear your comments / further thoughts!

    fix #399

    opened by P-T-I 40
  • Error in index.py ( builtins.TypeError --- TypeError: 'bool' object is not callable)

    Error in index.py ( builtins.TypeError --- TypeError: 'bool' object is not callable)

    Hello! I am having a problem (Ubuntu 14.04 64-bit)

    I only happens in index.py

    If I run minimal-web.py works OK . But if I run Index.py, then enters 127.0.0.1:5000 shows me the following error

    Will I be able to help ? Thank you!

    Error in Web Browser

    builtins.TypeError
    
    TypeError: 'bool' object is not callable
    Traceback (most recent call last)
    
        File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1836, in __call__
    
        return self.wsgi_app(environ, start_response)
    
        File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1820, in wsgi_app
    
        response = self.make_response(self.handle_exception(e))
    
        File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1403, in handle_exception
    
        reraise(exc_type, exc_value, tb)
    
        File "/usr/local/lib/python3.4/dist-packages/flask/_compat.py", line 33, in reraise
    
        raise value
    
        File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1817, in wsgi_app
    
        response = self.full_dispatch_request()
    
        File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1477, in full_dispatch_request
    
        rv = self.handle_user_exception(e)
    
        File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1381, in handle_user_exception
    
        reraise(exc_type, exc_value, tb)
    
        File "/usr/local/lib/python3.4/dist-packages/flask/_compat.py", line 33, in reraise
    
        raise value
    
        File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1475, in full_dispatch_request
    
        rv = self.dispatch_request()
    
        File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1461, in dispatch_request
    
        return self.view_functions[rule.endpoint](**req.view_args)
    
        File "/home/csirt/cve-search/web/index.py", line 273, in index
    
         [Display the sourcecode for this frame]  [Open an interactive python shell in this frame] timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, pageLength, 0)
    
        File "/home/csirt/cve-search/web/index.py", line 177, in filter_logic
    
        if current_user.is_authenticated():
    
        TypeError: 'bool' object is not callable
    

    Error terminal:

    127.0.0.1 - - [17/Sep/2015 13:27:26] "GET / HTTP/1.1" 500 -
    Traceback (most recent call last):
      File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1836, in __call__
        return self.wsgi_app(environ, start_response)
      File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1820, in wsgi_app
        response = self.make_response(self.handle_exception(e))
      File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1403, in handle_exception
        reraise(exc_type, exc_value, tb)
      File "/usr/local/lib/python3.4/dist-packages/flask/_compat.py", line 33, in reraise
        raise value
      File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1817, in wsgi_app
        response = self.full_dispatch_request()
      File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1477, in full_dispatch_request
        rv = self.handle_user_exception(e)
      File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1381, in handle_user_exception
        reraise(exc_type, exc_value, tb)
      File "/usr/local/lib/python3.4/dist-packages/flask/_compat.py", line 33, in reraise
        raise value
      File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1475, in full_dispatch_request
        rv = self.dispatch_request()
      File "/usr/local/lib/python3.4/dist-packages/flask/app.py", line 1461, in dispatch_request
        return self.view_functions[rule.endpoint](**req.view_args)
      File "/home/csirt/cve-search/web/index.py", line 273, in index
        timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, pageLength, 0)
      File "/home/csirt/cve-search/web/index.py", line 177, in filter_logic
        if current_user.is_authenticated():
    TypeError: 'bool' object is not callable
    127.0.0.1 - - [17/Sep/2015 13:27:26] "GET /?__debugger__=yes&cmd=resource&f=style.css HTTP/1.1" 200 -
    127.0.0.1 - - [17/Sep/2015 13:27:26] "GET /?__debugger__=yes&cmd=resource&f=jquery.js HTTP/1.1" 200 -
    127.0.0.1 - - [17/Sep/2015 13:27:26] "GET /?__debugger__=yes&cmd=resource&f=debugger.js HTTP/1.1" 200 -
    127.0.0.1 - - [17/Sep/2015 13:27:26] "GET /?__debugger__=yes&cmd=resource&f=console.png HTTP/1.1" 200 -
    127.0.0.1 - - [17/Sep/2015 13:27:26] "GET /?__debugger__=yes&cmd=resource&f=console.png HTTP/1.1" 200 -
    127.0.0.1 - - [17/Sep/2015 13:27:26] "GET /?__debugger__=yes&cmd=resource&f=source.png HTTP/1.1" 200 -
    

    Error Screenshot:

    Image of Yaktocat Image of Yaktocat

    opened by sebastian0x00 37
  • Error in search_fulltext.py

    Error in search_fulltext.py

    Hi! have a problem running the command python3 search_fulltext.py -g -s >cve.json

    He shows me the following

    [email protected]:~/cve-search/bin$ python3 search_fulltext.py  -g -s >cve.json
    Traceback (most recent call last):
      File "search_fulltext.py", line 28, in <module>
        ix = index.open_dir("indexdir")
      File "/usr/local/lib/python3.4/dist-packages/whoosh/index.py", line 123, in open_dir
        return FileIndex(storage, schema=schema, indexname=indexname)
      File "/usr/local/lib/python3.4/dist-packages/whoosh/index.py", line 421, in __init__
        TOC.read(self.storage, self.indexname, schema=self._schema)
      File "/usr/local/lib/python3.4/dist-packages/whoosh/index.py", line 619, in read
        % (indexname, storage))
    whoosh.index.EmptyIndexError: Index 'MAIN' does not exist in FileStorage('indexdir')
    

    I have Whoosh==2.7.0

    Is it a bug? Or am I doing something wrong?

    Thank you

    opened by sebastian0x00 36
  • No data in vendor-collection after running db_updater.py

    No data in vendor-collection after running db_updater.py

    The vendor collection remains empty after updating the database.

    db.vendor.find() doesn't return anything(all other collections do)

    api/browse/returns { "product": null, "vendor": [] }

    api/browse/zyxel returns

    builtins.AttributeError
    
    AttributeError: 'bool' object has no attribute '__call__'
    Traceback (most recent call last)
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/app.py", line 2000, in __call__
    
        return self.wsgi_app(environ, start_response)
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/app.py", line 1991, in wsgi_app
    
        response = self.make_response(self.handle_exception(e))
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/app.py", line 1567, in handle_exception
    
        reraise(exc_type, exc_value, tb)
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/_compat.py", line 33, in reraise
    
        raise value
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/app.py", line 1988, in wsgi_app
    
        response = self.full_dispatch_request()
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/app.py", line 1641, in full_dispatch_request
    
        rv = self.handle_user_exception(e)
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/app.py", line 1544, in handle_user_exception
    
        reraise(exc_type, exc_value, tb)
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/_compat.py", line 33, in reraise
    
        raise value
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/app.py", line 1639, in full_dispatch_request
    
        rv = self.dispatch_request()
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/app.py", line 1625, in dispatch_request
    
        return self.view_functions[rule.endpoint](**req.view_args)
    
        File "/home/tzimme/workspace/cvetest/cve-search-master/web/index.py", line 376, in apibrowse
    
        browseList = getBrowseList(vendor)
    
        File "/home/tzimme/workspace/cvetest/cve-search-master/web/index.py", line 80, in getBrowseList
    
        return page_not_found(404)
    
        File "/home/tzimme/workspace/cvetest/cve-search-master/web/index.py", line 732, in page_not_found
    
        return render_template('404.html'), 404
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/templating.py", line 134, in render_template
    
        context, ctx.app)
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/flask/templating.py", line 116, in _render
    
        rv = template.render(context)
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/jinja2/environment.py", line 989, in render
    
        return self.environment.handle_exception(exc_info, True)
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/jinja2/environment.py", line 754, in handle_exception
    
        reraise(exc_type, exc_value, tb)
    
        File "/home/tzimme/.local/lib/python3.5/site-packages/jinja2/_compat.py", line 37, in reraise
    
        raise value.with_traceback(tb)
    
        File "/home/tzimme/workspace/cvetest/cve-search-master/web/templates/404.html", line 1, in top-level template code
    
        {% extends 'layouts/master-page' %}
    
        File "/home/tzimme/workspace/cvetest/cve-search-master/web/templates/layouts/master-page", line 45, in top-level template code
    
        {% include 'subpages/menu.html' %}
    
        File "/home/tzimme/workspace/cvetest/cve-search-master/web/templates/subpages/menu.html", line 24, in top-level template code
    
        {% if current_user.is_authenticated() %}
    
        AttributeError: 'bool' object has no attribute '__call__'
    
    

    db_updater.py returned [!] Could not find plugin loader file! before finishing

    opened by tzimme 33
  • MongoDB hanging during a database update

    MongoDB hanging during a database update

    I am having the same issue as #669:

    mongo_1       | {"t":{"$date":"2021-04-30T09:39:39.618+00:00"},"s":"I",  "c":"STORAGE",  "id":22430,   "ctx":"conn100","msg":"WiredTiger message","attr":{"message":"oldest pinned transaction ID rolled back for eviction"}}
    mongo_1       | {"t":{"$date":"2021-04-30T09:39:40.251+00:00"},"s":"I",  "c":"STORAGE",  "id":22430,   "ctx":"conn100","msg":"WiredTiger message","attr":{"message":"oldest pinned transaction ID rolled back for eviction"}}
    mongo_1       | {"t":{"$date":"2021-04-30T09:39:40.294+00:00"},"s":"I",  "c":"STORAGE",  "id":22430,   "ctx":"conn96","msg":"WiredTiger message","attr":{"message":"oldest pinned transaction ID rolled back for eviction"}}
    

    While this is going on, the CPU usage skyrockets and the update process gets stuck: image image

    This happens on a fresh install using docker-compose. For context, the CPEs update just fine, this only occurs when updating CVEs.

    no-issue-activity unreproducible 
    opened by M0dEx 27
  • Initial import restructure

    Initial import restructure

    Took the liberty to redesign the (initial) import scripts and database populations. Structured logging and moved all print statements to the logging class. Initial import duration moved from several (4+) hours to less then an hour. Added update / populate progress monitoring via tqdm progress bars and (debug) logging. Fixed some typo's and wrong references. Fixes #424 Fixes #435 Fixes #463

    opened by P-T-I 25
  • Return proper HTTP status codes

    Return proper HTTP status codes

    Hi there! Nice project, but you need to handle error states and give proper responses.

    http://cve.circl.lu/api/cve/fffffffffff

    Why does this return "HTTP 200 OK" and just "null"?

    bug question 
    opened by flexd 25
  •  db_mgmt_cpe_other_dictionary.py taking a long time

    db_mgmt_cpe_other_dictionary.py taking a long time

    Not sure if this is an issue or it's just the way it works. I'm trying to use the software (great idea btw, thank you for doing this). I'm kind of stuck on the db_mgmt_cpe_other_dictionary.py script. It starts off well, running its thing quickly. Then after a few hours the process slows way down, according to the progress bar. It's been running for over 12 hours now. mongostat mongostat connected to: 127.0.0.1 insert query update delete getmore command flushes mapped vsize res faults locked db idx miss % qr|qw ar|aw netIn netOut conn time *0 *0 *0 *0 0 69|0 0 1.03g 2.3g 472m 0 cvedb:0.0% 0 0|0 1|0 7k 7k 3 05:22:20 *0 *0 *0 *0 0 71|0 0 1.03g 2.3g 472m 0 cvedb:0.0% 0 0|0 1|0 7k 7k 3 05:22:21 *0 *0 *0 *0 0 71|0 0 1.03g 2.3g 472m 0 cvedb:0.0% 0 0|0 1|0 7k 7k 3 05:22:22 *0 *0 *0 *0 0 72|0 1 1.03g 2.3g 472m 0 cvedb:0.0% 0 0|0 1|0 7k 8k 3 05:22:23 *0 *0 *0 *0 0 69|0 0 1.03g 2.3g 472m 0 cvedb:0.0% 0 0|0 1|0 7k 7k 3 05:22:24 *0 *0 *0 *0 0 71|0 0 1.03g 2.3g 472m 0 cvedb:0.0% 0 0|0 1|0 7k 7k 3 05:22:25 *0 3 *0 *0 0 69|0 0 1.03g 2.3g 472m 0 cvedb:0.0% 0 0|0 1|0 7k 7k 3 05:22:26 *0 *0 *0 *0 0 71|0 0 1.03g 2.3g 472m 0 cvedb:0.0% 0 0|0 1|0 7k 7k 3 05:22:27 *0 *0 *0 *0 0 71|0 0 1.03g 2.3g 472m 0 cvedb:0.0% 0 0|0 1|0 7k 7k 3 05:22:28 *0 *0 *0 *0 0 71|0 0 1.03g 2.3g 472m 0 cvedb:0.0% 0 0|0 1|0 7k 7k 3 05:22:29

    mongotop connected to: 127.0.0.1

                            ns       total        read       write              2015-05-28T12:23:09
                     cvedb.cpe      1967ms      1967ms         0ms
                cvedb.cpeother         2ms         2ms         0ms
          admin.system.indexes         0ms         0ms         0ms
            admin.system.roles         0ms         0ms         0ms
            admin.system.users         0ms         0ms         0ms
          admin.system.version         0ms         0ms         0ms
    
                            ns       total        read       write              2015-05-28T12:23:10
                     cvedb.cpe      1917ms      1917ms         0ms
                cvedb.cpeother         1ms         1ms         0ms
          admin.system.indexes         0ms         0ms         0ms
            admin.system.roles         0ms         0ms         0ms
            admin.system.users         0ms         0ms         0ms
          admin.system.version         0ms         0ms         0ms
    
                            ns       total        read       write              2015-05-28T12:23:11
                     cvedb.cpe      1958ms      1958ms         0ms
                cvedb.cpeother         1ms         1ms         0ms
          admin.system.indexes         0ms         0ms         0ms
            admin.system.roles         0ms         0ms         0ms
            admin.system.users         0ms         0ms         0ms
          admin.system.version         0ms         0ms         0ms
    

    Unix top PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 628 mongodb 20 0 2408028 484064 439436 S 97.1 23.7 1153:57 mongod 1311 root 20 0 985416 794980 7664 S 2.7 39.0 22:46.23 python3

    no-issue-activity 
    opened by jimmyfive 20
  • homogeneity -- wrapper

    homogeneity -- wrapper

    I was not sure about the title of the issue.

    Wouldn't that be better to use sub-commands rather than separate script to call.

    I mean just having cve-search bin like for git and then call actions (sub-commands) cve_doc, search, db_update, etc. (eg branch, checkout, clone, etc. for git).

    So this mean just adding a one CLI wrapper: to call:

    cve-search db_mgmt -p
    cve-search db_mgmt_cpe_dictionary
    # or maybe cve-search db_mgmt --cpe-dictionary
    cve-search db_updater -c
    cve-search search -p cisco:ios:12.4
    cve-search search_xmpp -j [email protected] -p strongpassword
    # or maybe cve-search search --xmpp -j [email protected] -p strongpassword
    cve-search dump_last -f atom -l 2
    

    Rather than:

    ./sbin/db_mgmt.py -p
    ./sbin/db_mgmt_cpe_dictionary.py
    ./sbin/db_updater.py -c
    ./bin/search.py -p cisco:ios:12.4
    ./bin/search_xmpp.py -j myb[email protected] -p strongpassword
    ./bin/dump_last.py -f atom -l 2
    

    What do you think?

    Imagine you would have to do:

    ./bin/git_add .
    ./bin/git_commit -m "commit message"
    ./bin/git_push origin master
    

    rather than

    git add .
    git commit -m "commit message"
    git push origin master
    
    enhancement Feature request 
    opened by noraj 19
  • CPE format

    CPE format

    formalizing the CPE format would allow for whitelisting of target software/hardware or other tags, which can be very useful. Example:

    (1) WFN:

    wfn:[
        part="o",
        vendor="microsoft",
        product="windows_vista",
        version="6\.0",
        update="sp1",
        edition=NA,
        language=NA,
        sw_edition="home_premium",
        target_sw=NA,
        target_hw="x64",
        other=NA
    ] 
    

    (2) WFN bound to a URI: cpe:/o:microsoft:windows_vista:6.0:sp1:~-~home_premium~-~x64~- (3) WFN bound to a formatted string: cpe:2.3:o:microsoft:windows_vista:6.0:sp1:-:-:home_premium:-:x64:- (4) Current Format (WFN URI-like notation): cpe:/o:microsoft:windows_vista:6.0:sp1:~~home_premium~~x64~

    In our case, the third option would be better. This way, we can more formal regexes. The current setup still allows for regex searching (for example by target software or hardware), but is not the nicest. Worth changing? @adulau @wimremes

    opened by PidgeyL 18
  • running as a service

    running as a service

    to have CVE-search update frequently i'm running both the web (index.py) as cvesvc.service and the update.py as cvesvc-updates.service

    During a manual test an update causes significant load on the machine for roughly 7 minutes. Now running as a service i notice it seems to fail to update the database. I've restarted the web service a few times to no avail. It's running for close to an hour now and no signs of updates commited although the log file clearly show updates were processed.

    running with: ./sbin/db_updater.py -c -p -i

    expected to run with: ./sbin/db_updater.py -l -c -p -i but this was abandoned as i have no idea with -l actually is used for.

    I like to have all data available so i think that's what it takes to update the DB, which i hope to do by re-running the update every 2 to 3 hours or so. Hence also using -c and -i in addition to -p, i don't run other update scripts such as cpe or cpe-other for now.

    Can someone comment if there are better ways to do this ? Here sharing the systemd.service files.


    [Unit] Description=circl dot lu CVE search service Documentation=https://cve-search.github.io/cve-search/getting_started/installation.html

    [Service] WorkingDirectory=/opt/cve-search ExecStart=python3 web/index.py User=cvedb Type=simple Restart=on-failure RestartSec=10

    [Install] WantedBy=multi-user.target


    [Unit] Description=circl dot lu CVE search service Documentation=https://cve-search.github.io/cve-search/getting_started/installation.html

    [Service] WorkingDirectory=/opt/cve-search ExecStart=python3 ./sbin/db_updater.py -c -p -i User=cvedb Type=onetime #Type=forking #Type=simple Restart=on-watchdog RestartSec=10 WatchdogSec=3h

    [Install] WantedBy=multi-user.targe


    question no-issue-activity 
    opened by commandline-be 17
  • Bump flask-socketio from 5.1.1 to 5.3.2

    Bump flask-socketio from 5.1.1 to 5.3.2

    Bumps flask-socketio from 5.1.1 to 5.3.2.

    Changelog

    Sourced from flask-socketio's changelog.

    Flask-SocketIO change log

    Release 5.3.2 - 2022-11-20

    • Deliver callbacks from different namespaces #1909 (commit)
    • Fix documentation typos #1881 (commit) (thanks Tim Gates!)

    Release 5.3.1 - 2022-09-11

    • Always pop allow_unsafe_werkzeug option from kwargs #1877 (commit) (thanks zakx!)

    Release 5.3.0 - 2022-08-23

    • Add call() function to emit to the client and wait for the callback response #1830 (commit)
    • Manage each test client's connection state independently #1829 (commit)
    • Support new Flask 2.2 session structure #1856 (commit)
    • Do not allow Werkzeug to be used in production by default #1814 (commit)
    • Fix documentation typo #1857 (commit) (thanks Vincent Kuhlmann!)

    Release 5.2.0 - 2022-05-22

    • Better handling of message_queue connection argument #1130 (commit)
    • More robust handling of to and room arguments of emit and send #1771 (commit)

    Release 5.1.2 - 2022-04-24

    • No need to push a new app context in the test client #1669 (commit)
    • Remove 3.6 and pypy-3.6 builds, add 3.10 and pypy-3.8 (commit)
    • Improve documentation on start_background_task() function (commit)
    • changed room argument to to in documentation examples #1665 (commit) (thanks David McInnis!)
    • Fix documentation typo #1793 (commit) (thanks Gabe Rust!)
    • Fix example code in documentation #1787 (commit) (thanks Louis-Justin TALLOT!)

    Release 5.1.1 - 2021-08-02

    • Only use SSL socket if at least one SSL kwarg is not None #1639 (commit) (thanks JT Raber!)
    • Remove unused SSL arguments from eventlet server options #1639 (commit)
    • Remove executable permissions from files that lack shebang lines #1621 (commit) (thanks Ben Beasley!)
    • Improved project structure (commit)

    Release 5.1.0 - 2021-05-28

    • Add reloader_options argument to socketio.run#1556 (commit)
    • Pass auth data from client in connect event handler #1555 (commit)
    • Do not show simple-websocket install prompt if it is already installed (commit)
    • Fix namespace bug in example #1543 (commit)
    • Added index to documentation #724 (commit)
    • Fixed typo in documentation #1551 (commit) (thanks Mayank Anuragi!)

    Release 5.0.3 - 2021-05-15

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump gevent from 21.12.0 to 22.10.2

    Bump gevent from 21.12.0 to 22.10.2

    Bumps gevent from 21.12.0 to 22.10.2.

    Commits
    • b600094 Preparing release 22.10.2
    • d56d130 Use greenlet 2.0 final.
    • 856a072 Bump to greenlet 2.0rc5
    • 6e52b74 Add manylinux builder for 2014; switch from 3.11rc2 to 3.11
    • a74ba95 Merge pull request #1922 from gevent/issue-1909
    • ed7c1d8 bump to greenlet rc4
    • 12307f0 IDNA: Another place to deal with the exception difference.
    • 4666505 Bump to greenlet 2.0rc3
    • 7ba3736 spread the love further.
    • d605cc6 and for ipv6
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • CVE collection populated partially

    CVE collection populated partially

    Hi, The last version of cve-search I used did not support CVSS 3.1, so I decided to update. For the DB, I chose to repopulate via db_updater.py -vf However, it seems I'm getting a random but smaller-than-intended number of CVEs updated every time I try this. Anywhere between 1,000 and 30,000, out of my attempts so far.

    The log file seems to indicate that the CVEs were all downloaded and parsed successfully, but something went wrong in the end and most were lost.

    You can see (scroll down a bit to see the CVE part specifically) that it downloads each year 2002-2022 successfully, and prints out believable amounts of CVEs (around 20K for each year of the latest years), but then right after it finishes with a mere 29K CVEs:

    2022-12-20 22:09:49,644 - CVEDownloads - DEBUG - Queue max_len: 28797, current_q_len: 28772, q_len: 28797, dif_old: 0, cycle: 0 2022-12-20 22:10:19,681 - CVEDownloads - DEBUG - Queue max_len: 28797, q_len: 4488, dif_old: 24309, cycles: 6 2022-12-20 22:10:19,715 - CVEDownloads - INFO - Duration: 0:25:40.583673 2022-12-20 22:10:19,720 - CVEDownloads - INFO - Finished CVE database population 2022-12-20 22:10:19,724 - DBUpdater - INFO - cve has 28963 elements (28963 update)

    Full log file:

    2022-12-20 21:34:44,199 - DBUpdater - INFO - Dropping metadata 2022-12-20 21:34:44,275 - DBUpdater - INFO - ========================== 2022-12-20 21:34:44,275 - DBUpdater - INFO - Tue 20 December 2022 21:34 2022-12-20 21:34:44,275 - DBUpdater - INFO - ========================== 2022-12-20 21:34:44,275 - DBUpdater - INFO - Dropping collection: cpe 2022-12-20 21:34:44,292 - DBUpdater - INFO - cpe dropped 2022-12-20 21:34:44,292 - DBUpdater - INFO - Starting cpe 2022-12-20 21:34:44,344 - CPEDownloads - INFO - CPE Database population started 2022-12-20 21:34:44,612 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on cpe 2022-12-20 21:34:44,691 - DatabaseIndexer - INFO - Success to create index [('vendor', 1)] on cpe 2022-12-20 21:34:44,742 - DatabaseIndexer - INFO - Success to create index [('product', 1)] on cpe 2022-12-20 21:34:44,748 - CPEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cpematch/1.0/nvdcpematch-1.0.json.zip 2022-12-20 21:34:46,418 - CPEDownloads - DEBUG - Last CPE modified value: 2022-12-20 05:45:10 for URL: https://nvd.nist.gov/feeds/json/cpematch/1.0/nvdcpematch-1.0.json.zip 2022-12-20 21:34:46,420 - CPEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cpematch/1.0/nvdcpematch-1.0.json.zip fetched Content-Type: application/x-zip-compressed 2022-12-20 21:34:46,420 - CPEDownloads - DEBUG - Saving file to: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:34:48,912 - CPEDownloads - DEBUG - Starting processing of file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:34:53,504 - CPEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:34:57,241 - CPEDownloads - DEBUG - Processed 10000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:01,398 - CPEDownloads - DEBUG - Processed 15000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:08,886 - CPEDownloads - DEBUG - Processed 20000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:12,672 - CPEDownloads - DEBUG - Processed 25000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:18,543 - CPEDownloads - DEBUG - Processed 30000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:21,859 - CPEDownloads - DEBUG - Processed 35000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:25,399 - CPEDownloads - DEBUG - Processed 40000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:28,363 - CPEDownloads - DEBUG - Processed 45000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:31,568 - CPEDownloads - DEBUG - Processed 50000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:41,820 - CPEDownloads - DEBUG - Processed 55000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:44,054 - CPEDownloads - DEBUG - Processed 60000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:48,554 - CPEDownloads - DEBUG - Processed 65000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:52,682 - CPEDownloads - DEBUG - Processed 70000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:55,453 - CPEDownloads - DEBUG - Processed 75000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:35:59,350 - CPEDownloads - DEBUG - Processed 80000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:36:03,639 - CPEDownloads - DEBUG - Processed 85000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:36:06,331 - CPEDownloads - DEBUG - Processed 90000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:36:09,830 - CPEDownloads - DEBUG - Processed 95000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:36:14,518 - CPEDownloads - DEBUG - Processed 100000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:36:18,221 - CPEDownloads - DEBUG - Processed 105000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:36:22,100 - CPEDownloads - DEBUG - Processed 110000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:36:27,871 - CPEDownloads - DEBUG - Processed 115000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:36:32,523 - CPEDownloads - DEBUG - Processed 120000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:36:36,841 - CPEDownloads - DEBUG - Processed 125000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:36:40,243 - CPEDownloads - DEBUG - Processed 130000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:36:56,261 - CPEDownloads - DEBUG - Processed 135000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:37:44,555 - CPEDownloads - DEBUG - Processed 140000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:37:47,971 - CPEDownloads - DEBUG - Processed 145000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:37:51,929 - CPEDownloads - DEBUG - Processed 150000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:37:54,502 - CPEDownloads - DEBUG - Processed 155000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:37:59,122 - CPEDownloads - DEBUG - Processed 160000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:01,938 - CPEDownloads - DEBUG - Processed 165000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:04,581 - CPEDownloads - DEBUG - Processed 170000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:07,926 - CPEDownloads - DEBUG - Processed 175000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:10,602 - CPEDownloads - DEBUG - Processed 180000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:13,902 - CPEDownloads - DEBUG - Processed 185000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:21,727 - CPEDownloads - DEBUG - Processed 190000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:24,451 - CPEDownloads - DEBUG - Processed 195000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:27,189 - CPEDownloads - DEBUG - Processed 200000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:30,236 - CPEDownloads - DEBUG - Processed 205000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:36,955 - CPEDownloads - DEBUG - Processed 210000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:42,049 - CPEDownloads - DEBUG - Processed 215000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:45,646 - CPEDownloads - DEBUG - Processed 220000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:48,157 - CPEDownloads - DEBUG - Processed 225000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:38:52,268 - CPEDownloads - DEBUG - Processed 230000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:40:16,696 - CPEDownloads - DEBUG - Processed 235000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:40:19,858 - CPEDownloads - DEBUG - Processed 240000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:40:24,401 - CPEDownloads - DEBUG - Processed 245000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:40:27,372 - CPEDownloads - DEBUG - Processed 250000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:40:30,982 - CPEDownloads - DEBUG - Processed 255000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:40:36,185 - CPEDownloads - DEBUG - Processed 260000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:40:41,705 - CPEDownloads - DEBUG - Processed 265000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:40:44,672 - CPEDownloads - DEBUG - Processed 270000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:40:50,165 - CPEDownloads - DEBUG - Processed 275000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:40:54,013 - CPEDownloads - DEBUG - Processed 280000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:40:58,638 - CPEDownloads - DEBUG - Processed 285000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:03,497 - CPEDownloads - DEBUG - Processed 290000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:07,489 - CPEDownloads - DEBUG - Processed 295000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:13,744 - CPEDownloads - DEBUG - Processed 300000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:18,238 - CPEDownloads - DEBUG - Processed 305000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:21,633 - CPEDownloads - DEBUG - Processed 310000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:25,962 - CPEDownloads - DEBUG - Processed 315000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:29,390 - CPEDownloads - DEBUG - Processed 320000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:33,920 - CPEDownloads - DEBUG - Processed 325000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:38,862 - CPEDownloads - DEBUG - Processed 330000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:41,997 - CPEDownloads - DEBUG - Processed 335000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:45,904 - CPEDownloads - DEBUG - Processed 340000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:48,644 - CPEDownloads - DEBUG - Processed 345000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:52,796 - CPEDownloads - DEBUG - Processed 350000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:41:57,677 - CPEDownloads - DEBUG - Processed 355000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:42:00,768 - CPEDownloads - DEBUG - Processed 360000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:42:04,867 - CPEDownloads - DEBUG - Processed 365000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:42:08,510 - CPEDownloads - DEBUG - Processed 370000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:42:11,632 - CPEDownloads - DEBUG - Processed 375000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:42:14,939 - CPEDownloads - DEBUG - Processed 380000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:43:05,342 - CPEDownloads - DEBUG - Processed 385000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:43:08,553 - CPEDownloads - DEBUG - Processed 390000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:43:14,468 - CPEDownloads - DEBUG - Processed 395000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:43:19,810 - CPEDownloads - DEBUG - Processed 400000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:43:23,339 - CPEDownloads - DEBUG - Processed 405000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:43:27,369 - CPEDownloads - DEBUG - Processed 410000 entries from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json 2022-12-20 21:43:27,714 - IJSONHandler - DEBUG - Processed 410512 items from file: /tmp/tmpw3kfmklc/nvdcpematch-1.0.json, using prefix: matches.item 2022-12-20 21:43:27,715 - CPEDownloads - DEBUG - Removing working dir: /tmp/tmpw3kfmklc 2022-12-20 21:43:27,946 - CPEDownloads - DEBUG - Queue max_len: 179578, current_q_len: 179576, q_len: 179578, dif_old: 0, cycle: 0 2022-12-20 21:44:18,024 - CPEDownloads - DEBUG - Queue max_len: 179578, current_q_len: 26851, q_len: 26911, dif_old: 152667, cycle: 10 2022-12-20 21:44:38,027 - CPEDownloads - DEBUG - Queue max_len: 179578, q_len: 8523, dif_old: 171055, cycles: 14 2022-12-20 21:44:38,135 - CPEDownloads - INFO - Duration: 0:09:53.392144 2022-12-20 21:44:38,136 - CPEDownloads - INFO - Finished CPE database population 2022-12-20 21:44:38,138 - DBUpdater - INFO - cpe has 179573 elements (179573 update) 2022-12-20 21:44:38,138 - DBUpdater - INFO - Dropping collection: cve 2022-12-20 21:44:38,139 - DBUpdater - INFO - cve dropped 2022-12-20 21:44:38,140 - DBUpdater - INFO - Starting cve 2022-12-20 21:44:38,230 - CVEDownloads - INFO - CVE database population started 2022-12-20 21:44:38,231 - CVEDownloads - INFO - Starting CVE database population starting from year: 2002 2022-12-20 21:44:38,417 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on cves 2022-12-20 21:44:38,496 - DatabaseIndexer - INFO - Success to create index [('vulnerable_configuration', 1)] on cves 2022-12-20 21:44:38,564 - DatabaseIndexer - INFO - Success to create index [('vulnerable_product', 1)] on cves 2022-12-20 21:44:38,639 - DatabaseIndexer - INFO - Success to create index [('Modified', 1)] on cves 2022-12-20 21:44:38,699 - DatabaseIndexer - INFO - Success to create index [('Published', 1)] on cves 2022-12-20 21:44:38,759 - DatabaseIndexer - INFO - Success to create index [('last-modified', 1)] on cves 2022-12-20 21:44:38,822 - DatabaseIndexer - INFO - Success to create index [('cvss', 1)] on cves 2022-12-20 21:44:38,875 - DatabaseIndexer - INFO - Success to create index [('cvss3', 1)] on cves 2022-12-20 21:44:38,946 - DatabaseIndexer - INFO - Success to create index [('summary', 'text')] on cves 2022-12-20 21:44:38,978 - DatabaseIndexer - INFO - Success to create index [('vendors', 1)] on cves 2022-12-20 21:44:39,028 - DatabaseIndexer - INFO - Success to create index [('products', 1)] on cves 2022-12-20 21:44:39,072 - DatabaseIndexer - INFO - Success to create index [('vulnerable_product_stems', 1)] on cves 2022-12-20 21:44:39,131 - DatabaseIndexer - INFO - Success to create index [('vulnerable_configuration_stems', 1)] on cves 2022-12-20 21:44:39,132 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2002.json.gz 2022-12-20 21:44:39,132 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2003.json.gz 2022-12-20 21:44:39,144 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2004.json.gz 2022-12-20 21:44:39,145 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2005.json.gz 2022-12-20 21:44:39,176 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2006.json.gz 2022-12-20 21:44:39,189 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2007.json.gz 2022-12-20 21:44:39,205 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2008.json.gz 2022-12-20 21:44:39,267 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2009.json.gz 2022-12-20 21:44:39,277 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2010.json.gz 2022-12-20 21:44:39,283 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2011.json.gz 2022-12-20 21:44:40,435 - CVEDownloads - DEBUG - Last CVES modified value: 2022-11-15 08:15:09 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2002.json.gz 2022-12-20 21:44:40,437 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2002.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:40,437 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpmhb9yng4/nvdcve-1.1-2002.json 2022-12-20 21:44:40,754 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2012.json.gz 2022-12-20 21:44:40,972 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-15 08:15:12 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2012.json.gz 2022-12-20 21:44:40,975 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2012.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:40,975 - CVEDownloads - DEBUG - Saving file to: /tmp/tmp8h02lsgr/nvdcve-1.1-2012.json 2022-12-20 21:44:40,981 - CVEDownloads - DEBUG - Last CVES modified value: 2022-09-24 07:15:11 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2004.json.gz 2022-12-20 21:44:40,986 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2004.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:40,988 - CVEDownloads - DEBUG - Saving file to: /tmp/tmphipj4une/nvdcve-1.1-2004.json 2022-12-20 21:44:41,132 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2013.json.gz 2022-12-20 21:44:41,180 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-14 08:15:11 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2003.json.gz 2022-12-20 21:44:41,184 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2003.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:41,186 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpgcm96boc/nvdcve-1.1-2003.json 2022-12-20 21:44:41,262 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-03 08:15:11 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2009.json.gz 2022-12-20 21:44:41,264 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2009.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:41,265 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpcy994ij1/nvdcve-1.1-2009.json 2022-12-20 21:44:41,280 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2014.json.gz 2022-12-20 21:44:41,309 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-15 08:15:12 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2010.json.gz 2022-12-20 21:44:41,313 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2010.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:41,316 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpwstl174t/nvdcve-1.1-2010.json 2022-12-20 21:44:41,325 - CVEDownloads - DEBUG - Last CVES modified value: 2022-11-30 08:15:10 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2011.json.gz 2022-12-20 21:44:41,345 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-15 08:15:12 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2008.json.gz 2022-12-20 21:44:41,358 - CVEDownloads - DEBUG - Last CVES modified value: 2022-11-08 08:15:11 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2007.json.gz 2022-12-20 21:44:41,365 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-14 08:15:11 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2013.json.gz 2022-12-20 21:44:41,366 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-10 08:15:11 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2006.json.gz 2022-12-20 21:44:41,368 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2011.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:41,375 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpto739ou0/nvdcve-1.1-2011.json 2022-12-20 21:44:41,372 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2008.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:41,378 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpy7ypno64/nvdcve-1.1-2008.json 2022-12-20 21:44:41,379 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2007.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:41,379 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpgec0zet2/nvdcve-1.1-2007.json 2022-12-20 21:44:41,382 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2006.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:41,382 - CVEDownloads - DEBUG - Saving file to: /tmp/tmper7suu2w/nvdcve-1.1-2006.json 2022-12-20 21:44:41,422 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2015.json.gz 2022-12-20 21:44:41,460 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2013.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:41,465 - CVEDownloads - DEBUG - Saving file to: /tmp/tmph3k_go54/nvdcve-1.1-2013.json 2022-12-20 21:44:41,472 - CVEDownloads - DEBUG - Last CVES modified value: 2022-11-03 07:15:09 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2005.json.gz 2022-12-20 21:44:41,475 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2005.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:41,477 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpmbesu5lx/nvdcve-1.1-2005.json 2022-12-20 21:44:41,590 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-14 08:15:11 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2014.json.gz 2022-12-20 21:44:41,592 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2014.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:41,608 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpav4uehyz/nvdcve-1.1-2014.json 2022-12-20 21:44:41,665 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-14 08:15:11 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2015.json.gz 2022-12-20 21:44:41,669 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2015.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:41,671 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpy7zd6tp0/nvdcve-1.1-2015.json 2022-12-20 21:44:42,286 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2016.json.gz 2022-12-20 21:44:42,560 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2017.json.gz 2022-12-20 21:44:42,567 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2018.json.gz 2022-12-20 21:44:42,607 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2019.json.gz 2022-12-20 21:44:42,649 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2020.json.gz 2022-12-20 21:44:42,651 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-20 08:15:09 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2016.json.gz 2022-12-20 21:44:42,674 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2016.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:42,674 - CVEDownloads - DEBUG - Saving file to: /tmp/tmp3hlmi79l/nvdcve-1.1-2016.json 2022-12-20 21:44:42,748 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2021.json.gz 2022-12-20 21:44:42,815 - CVEDownloads - DEBUG - Downloading from url: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2022.json.gz 2022-12-20 21:44:43,138 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-14 08:15:12 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2018.json.gz 2022-12-20 21:44:43,140 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2018.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:43,141 - CVEDownloads - DEBUG - Saving file to: /tmp/tmplhyldysn/nvdcve-1.1-2018.json 2022-12-20 21:44:43,161 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-15 08:15:12 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2017.json.gz 2022-12-20 21:44:43,176 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2017.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:43,188 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpz2aawrcd/nvdcve-1.1-2017.json 2022-12-20 21:44:43,303 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-20 08:15:09 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2021.json.gz 2022-12-20 21:44:43,306 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2021.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:43,306 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpn3zh4qfg/nvdcve-1.1-2021.json 2022-12-20 21:44:43,311 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-20 08:15:09 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2022.json.gz 2022-12-20 21:44:43,312 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2022.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:43,313 - CVEDownloads - DEBUG - Saving file to: /tmp/tmpw1xbnhvl/nvdcve-1.1-2022.json 2022-12-20 21:44:43,355 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-20 08:15:09 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2020.json.gz 2022-12-20 21:44:43,358 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2020.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:43,358 - CVEDownloads - DEBUG - Saving file to: /tmp/tmp6tqbdwxh/nvdcve-1.1-2020.json 2022-12-20 21:44:43,371 - CVEDownloads - DEBUG - Last CVES modified value: 2022-12-20 08:15:09 for URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2019.json.gz 2022-12-20 21:44:43,376 - CVEDownloads - DEBUG - URL: https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-2019.json.gz fetched Content-Type: application/x-gzip 2022-12-20 21:44:43,382 - CVEDownloads - DEBUG - Saving file to: /tmp/tmp3u1l2vxr/nvdcve-1.1-2019.json 2022-12-20 21:44:45,400 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpmhb9yng4/nvdcve-1.1-2002.json 2022-12-20 21:44:45,400 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmphipj4une/nvdcve-1.1-2004.json 2022-12-20 21:44:45,401 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpgcm96boc/nvdcve-1.1-2003.json 2022-12-20 21:44:45,406 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmp8h02lsgr/nvdcve-1.1-2012.json 2022-12-20 21:44:45,427 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpmbesu5lx/nvdcve-1.1-2005.json 2022-12-20 21:44:45,438 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpgec0zet2/nvdcve-1.1-2007.json 2022-12-20 21:44:45,444 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpwstl174t/nvdcve-1.1-2010.json 2022-12-20 21:44:45,456 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpcy994ij1/nvdcve-1.1-2009.json 2022-12-20 21:45:29,417 - IJSONHandler - DEBUG - Processed 1553 items from file: /tmp/tmpgcm96boc/nvdcve-1.1-2003.json, using prefix: CVE_Items.item 2022-12-20 21:45:29,441 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpgcm96boc 2022-12-20 21:45:29,453 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpto739ou0/nvdcve-1.1-2011.json 2022-12-20 21:46:07,974 - IJSONHandler - DEBUG - Processed 2707 items from file: /tmp/tmphipj4une/nvdcve-1.1-2004.json, using prefix: CVE_Items.item 2022-12-20 21:46:08,001 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmphipj4une 2022-12-20 21:46:08,030 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmper7suu2w/nvdcve-1.1-2006.json 2022-12-20 21:46:55,021 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmpmhb9yng4/nvdcve-1.1-2002.json 2022-12-20 21:47:06,036 - IJSONHandler - DEBUG - Processed 4765 items from file: /tmp/tmpmbesu5lx/nvdcve-1.1-2005.json, using prefix: CVE_Items.item 2022-12-20 21:47:06,051 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpmbesu5lx 2022-12-20 21:47:06,161 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpy7ypno64/nvdcve-1.1-2008.json 2022-12-20 21:47:30,866 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmpgec0zet2/nvdcve-1.1-2007.json 2022-12-20 21:47:41,978 - IJSONHandler - DEBUG - Processed 6769 items from file: /tmp/tmpmhb9yng4/nvdcve-1.1-2002.json, using prefix: CVE_Items.item 2022-12-20 21:47:41,997 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpmhb9yng4 2022-12-20 21:47:42,032 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmph3k_go54/nvdcve-1.1-2013.json 2022-12-20 21:48:08,974 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmpcy994ij1/nvdcve-1.1-2009.json 2022-12-20 21:48:09,767 - IJSONHandler - DEBUG - Processed 5025 items from file: /tmp/tmpcy994ij1/nvdcve-1.1-2009.json, using prefix: CVE_Items.item 2022-12-20 21:48:09,827 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpcy994ij1 2022-12-20 21:48:09,950 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpy7zd6tp0/nvdcve-1.1-2015.json 2022-12-20 21:48:27,660 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmpwstl174t/nvdcve-1.1-2010.json 2022-12-20 21:48:28,062 - IJSONHandler - DEBUG - Processed 6577 items from file: /tmp/tmpgec0zet2/nvdcve-1.1-2007.json, using prefix: CVE_Items.item 2022-12-20 21:48:28,083 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpgec0zet2 2022-12-20 21:48:28,166 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpav4uehyz/nvdcve-1.1-2014.json 2022-12-20 21:48:34,530 - IJSONHandler - DEBUG - Processed 5191 items from file: /tmp/tmpwstl174t/nvdcve-1.1-2010.json, using prefix: CVE_Items.item 2022-12-20 21:48:34,546 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpwstl174t 2022-12-20 21:48:34,571 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmp3hlmi79l/nvdcve-1.1-2016.json 2022-12-20 21:48:49,386 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmper7suu2w/nvdcve-1.1-2006.json 2022-12-20 21:48:55,008 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmp8h02lsgr/nvdcve-1.1-2012.json 2022-12-20 21:49:21,357 - IJSONHandler - DEBUG - Processed 4831 items from file: /tmp/tmpto739ou0/nvdcve-1.1-2011.json, using prefix: CVE_Items.item 2022-12-20 21:49:21,362 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpto739ou0 2022-12-20 21:49:21,478 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpz2aawrcd/nvdcve-1.1-2017.json 2022-12-20 21:49:23,058 - IJSONHandler - DEBUG - Processed 5838 items from file: /tmp/tmp8h02lsgr/nvdcve-1.1-2012.json, using prefix: CVE_Items.item 2022-12-20 21:49:23,075 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmp8h02lsgr 2022-12-20 21:49:23,148 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmplhyldysn/nvdcve-1.1-2018.json 2022-12-20 21:49:47,657 - IJSONHandler - DEBUG - Processed 7140 items from file: /tmp/tmper7suu2w/nvdcve-1.1-2006.json, using prefix: CVE_Items.item 2022-12-20 21:49:47,670 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmper7suu2w 2022-12-20 21:49:47,815 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpw1xbnhvl/nvdcve-1.1-2022.json 2022-12-20 21:50:00,573 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmpy7ypno64/nvdcve-1.1-2008.json 2022-12-20 21:51:25,543 - IJSONHandler - DEBUG - Processed 7171 items from file: /tmp/tmpy7ypno64/nvdcve-1.1-2008.json, using prefix: CVE_Items.item 2022-12-20 21:51:25,545 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpy7ypno64 2022-12-20 21:51:25,595 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmp3u1l2vxr/nvdcve-1.1-2019.json 2022-12-20 21:51:56,626 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmph3k_go54/nvdcve-1.1-2013.json 2022-12-20 21:52:17,965 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmpy7zd6tp0/nvdcve-1.1-2015.json 2022-12-20 21:52:26,183 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmpav4uehyz/nvdcve-1.1-2014.json 2022-12-20 21:52:48,082 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmp3hlmi79l/nvdcve-1.1-2016.json 2022-12-20 21:53:09,927 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmpz2aawrcd/nvdcve-1.1-2017.json 2022-12-20 21:53:28,289 - IJSONHandler - DEBUG - Processed 6678 items from file: /tmp/tmph3k_go54/nvdcve-1.1-2013.json, using prefix: CVE_Items.item 2022-12-20 21:53:28,301 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmph3k_go54 2022-12-20 21:53:28,421 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmp6tqbdwxh/nvdcve-1.1-2020.json 2022-12-20 21:54:40,603 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmplhyldysn/nvdcve-1.1-2018.json 2022-12-20 21:54:56,036 - IJSONHandler - DEBUG - Processed 8892 items from file: /tmp/tmpav4uehyz/nvdcve-1.1-2014.json, using prefix: CVE_Items.item 2022-12-20 21:54:56,039 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpav4uehyz 2022-12-20 21:54:56,143 - CVEDownloads - DEBUG - Starting processing of file: /tmp/tmpn3zh4qfg/nvdcve-1.1-2021.json 2022-12-20 21:55:36,182 - IJSONHandler - DEBUG - Processed 8599 items from file: /tmp/tmpy7zd6tp0/nvdcve-1.1-2015.json, using prefix: CVE_Items.item 2022-12-20 21:55:36,189 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpy7zd6tp0 2022-12-20 21:56:32,848 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmp3u1l2vxr/nvdcve-1.1-2019.json 2022-12-20 21:57:14,851 - CVEDownloads - DEBUG - Processed 10000 entries from file: /tmp/tmp3hlmi79l/nvdcve-1.1-2016.json 2022-12-20 21:57:20,983 - CVEDownloads - DEBUG - Processed 10000 entries from file: /tmp/tmpz2aawrcd/nvdcve-1.1-2017.json 2022-12-20 21:57:36,073 - IJSONHandler - DEBUG - Processed 10511 items from file: /tmp/tmp3hlmi79l/nvdcve-1.1-2016.json, using prefix: CVE_Items.item 2022-12-20 21:57:36,074 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmp3hlmi79l 2022-12-20 21:58:29,428 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmp6tqbdwxh/nvdcve-1.1-2020.json 2022-12-20 21:58:53,792 - CVEDownloads - DEBUG - Processed 10000 entries from file: /tmp/tmplhyldysn/nvdcve-1.1-2018.json 2022-12-20 22:00:30,774 - CVEDownloads - DEBUG - Processed 10000 entries from file: /tmp/tmp3u1l2vxr/nvdcve-1.1-2019.json 2022-12-20 22:00:31,618 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmpn3zh4qfg/nvdcve-1.1-2021.json 2022-12-20 22:00:36,589 - CVEDownloads - DEBUG - Processed 15000 entries from file: /tmp/tmpz2aawrcd/nvdcve-1.1-2017.json 2022-12-20 22:01:15,400 - CVEDownloads - DEBUG - Processed 10000 entries from file: /tmp/tmp6tqbdwxh/nvdcve-1.1-2020.json 2022-12-20 22:01:26,974 - IJSONHandler - DEBUG - Processed 16678 items from file: /tmp/tmpz2aawrcd/nvdcve-1.1-2017.json, using prefix: CVE_Items.item 2022-12-20 22:01:26,985 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpz2aawrcd 2022-12-20 22:02:28,980 - CVEDownloads - DEBUG - Processed 15000 entries from file: /tmp/tmplhyldysn/nvdcve-1.1-2018.json 2022-12-20 22:02:52,658 - CVEDownloads - DEBUG - Processed 5000 entries from file: /tmp/tmpw1xbnhvl/nvdcve-1.1-2022.json 2022-12-20 22:03:13,110 - IJSONHandler - DEBUG - Processed 16742 items from file: /tmp/tmplhyldysn/nvdcve-1.1-2018.json, using prefix: CVE_Items.item 2022-12-20 22:03:13,121 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmplhyldysn 2022-12-20 22:03:50,162 - CVEDownloads - DEBUG - Processed 10000 entries from file: /tmp/tmpn3zh4qfg/nvdcve-1.1-2021.json 2022-12-20 22:04:11,019 - CVEDownloads - DEBUG - Processed 15000 entries from file: /tmp/tmp6tqbdwxh/nvdcve-1.1-2020.json 2022-12-20 22:04:12,125 - CVEDownloads - DEBUG - Processed 15000 entries from file: /tmp/tmp3u1l2vxr/nvdcve-1.1-2019.json 2022-12-20 22:04:57,646 - IJSONHandler - DEBUG - Processed 16736 items from file: /tmp/tmp3u1l2vxr/nvdcve-1.1-2019.json, using prefix: CVE_Items.item 2022-12-20 22:04:57,646 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmp3u1l2vxr 2022-12-20 22:06:30,086 - CVEDownloads - DEBUG - Processed 10000 entries from file: /tmp/tmpw1xbnhvl/nvdcve-1.1-2022.json 2022-12-20 22:06:30,510 - IJSONHandler - DEBUG - Processed 19733 items from file: /tmp/tmp6tqbdwxh/nvdcve-1.1-2020.json, using prefix: CVE_Items.item 2022-12-20 22:06:30,510 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmp6tqbdwxh 2022-12-20 22:06:37,085 - CVEDownloads - DEBUG - Processed 15000 entries from file: /tmp/tmpn3zh4qfg/nvdcve-1.1-2021.json 2022-12-20 22:09:07,464 - CVEDownloads - DEBUG - Processed 20000 entries from file: /tmp/tmpn3zh4qfg/nvdcve-1.1-2021.json 2022-12-20 22:09:09,382 - CVEDownloads - DEBUG - Processed 15000 entries from file: /tmp/tmpw1xbnhvl/nvdcve-1.1-2022.json 2022-12-20 22:09:23,993 - IJSONHandler - DEBUG - Processed 21049 items from file: /tmp/tmpn3zh4qfg/nvdcve-1.1-2021.json, using prefix: CVE_Items.item 2022-12-20 22:09:23,993 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpn3zh4qfg 2022-12-20 22:09:49,303 - IJSONHandler - DEBUG - Processed 19370 items from file: /tmp/tmpw1xbnhvl/nvdcve-1.1-2022.json, using prefix: CVE_Items.item 2022-12-20 22:09:49,304 - CVEDownloads - DEBUG - Removing working dir: /tmp/tmpw1xbnhvl 2022-12-20 22:09:49,644 - CVEDownloads - DEBUG - Queue max_len: 28797, current_q_len: 28772, q_len: 28797, dif_old: 0, cycle: 0 2022-12-20 22:10:19,681 - CVEDownloads - DEBUG - Queue max_len: 28797, q_len: 4488, dif_old: 24309, cycles: 6 2022-12-20 22:10:19,715 - CVEDownloads - INFO - Duration: 0:25:40.583673 2022-12-20 22:10:19,720 - CVEDownloads - INFO - Finished CVE database population 2022-12-20 22:10:19,724 - DBUpdater - INFO - cve has 28963 elements (28963 update) 2022-12-20 22:10:19,725 - DBUpdater - INFO - Dropping collection: cwe 2022-12-20 22:10:19,745 - DBUpdater - INFO - cwe dropped 2022-12-20 22:10:19,745 - DBUpdater - INFO - Starting cwe 2022-12-20 22:10:19,754 - CWEDownloads - INFO - CWE database update started 2022-12-20 22:10:19,757 - CWEDownloads - DEBUG - Downloading from url: https://cwe.mitre.org/data/xml/cwec_v4.4.xml.zip 2022-12-20 22:10:21,670 - CWEDownloads - DEBUG - Last CWE modified value: 2021-03-15 12:38:06 for URL: https://cwe.mitre.org/data/xml/cwec_v4.4.xml.zip 2022-12-20 22:10:21,672 - CWEDownloads - DEBUG - URL: https://cwe.mitre.org/data/xml/cwec_v4.4.xml.zip fetched Content-Type: application/zip 2022-12-20 22:10:21,672 - CWEDownloads - DEBUG - Saving file to: /tmp/tmpoze_za6b/cwec_v4.4.xml 2022-12-20 22:10:22,777 - CWEDownloads - DEBUG - Processed 1234 entries from file: /tmp/tmpoze_za6b/cwec_v4.4.xml 2022-12-20 22:10:22,778 - CWEDownloads - DEBUG - Removing working dir: /tmp/tmpoze_za6b 2022-12-20 22:10:22,968 - CWEDownloads - DEBUG - Queue max_len: 623, current_q_len: 580, q_len: 623, dif_old: 0, cycle: 0 2022-12-20 22:10:32,972 - CWEDownloads - DEBUG - Queue max_len: 623, q_len: 580, dif_old: 43, cycles: 2 2022-12-20 22:10:32,997 - CWEDownloads - INFO - Duration: 0:00:13.241189 2022-12-20 22:10:32,998 - CWEDownloads - INFO - Finished CWE database update 2022-12-20 22:10:33,001 - DBUpdater - INFO - cwe has 1234 elements (0 update) 2022-12-20 22:10:33,001 - DBUpdater - INFO - Dropping collection: capec 2022-12-20 22:10:33,021 - DBUpdater - INFO - capec dropped 2022-12-20 22:10:33,022 - DBUpdater - INFO - Starting capec 2022-12-20 22:10:33,028 - CAPECDownloads - INFO - CAPEC database update started 2022-12-20 22:10:33,031 - CAPECDownloads - DEBUG - Downloading from url: https://capec.mitre.org/data/xml/capec_v3.7.xml 2022-12-20 22:10:36,830 - CAPECDownloads - DEBUG - Last CAPEC modified value: 2022-02-22 17:48:32 for URL: https://capec.mitre.org/data/xml/capec_v3.7.xml 2022-12-20 22:10:36,831 - CAPECDownloads - DEBUG - URL: https://capec.mitre.org/data/xml/capec_v3.7.xml fetched Content-Type: application/xml 2022-12-20 22:10:36,832 - CAPECDownloads - DEBUG - Saving file to: /tmp/tmpbt9d6wd6/capec_v3.7.xml 2022-12-20 22:10:37,369 - CAPECDownloads - DEBUG - Processed 546 entries from file: /tmp/tmpbt9d6wd6/capec_v3.7.xml 2022-12-20 22:10:37,370 - CAPECDownloads - DEBUG - Removing working dir: /tmp/tmpbt9d6wd6 2022-12-20 22:10:37,551 - CAPECDownloads - DEBUG - Queue max_len: 116, current_q_len: 67, q_len: 116, dif_old: 0, cycle: 0 2022-12-20 22:10:47,553 - CAPECDownloads - DEBUG - Queue max_len: 116, q_len: 67, dif_old: 49, cycles: 2 2022-12-20 22:10:47,572 - CAPECDownloads - INFO - Duration: 0:00:14.541938 2022-12-20 22:10:47,572 - CAPECDownloads - INFO - Finished CAPEC database update 2022-12-20 22:10:47,573 - DBUpdater - INFO - capec has 546 elements (-2 update) 2022-12-20 22:10:47,574 - DBUpdater - INFO - Dropping collection: via4 2022-12-20 22:10:47,595 - DBUpdater - INFO - via4 dropped 2022-12-20 22:10:47,595 - DBUpdater - INFO - Starting via4 2022-12-20 22:10:47,603 - VIADownloads - INFO - VIA4 database update started 2022-12-20 22:10:47,605 - VIADownloads - DEBUG - Downloading from url: https://www.cve-search.org/feeds/via4.json 2022-12-20 22:10:49,211 - VIADownloads - DEBUG - Last VIA4 modified value: 2021-01-23 15:47:42 for URL: https://www.cve-search.org/feeds/via4.json 2022-12-20 22:10:49,212 - VIADownloads - DEBUG - URL: https://www.cve-search.org/feeds/via4.json fetched Content-Type: application/json 2022-12-20 22:10:49,213 - VIADownloads - DEBUG - Saving file to: /tmp/tmpzr0wld32/via4.json 2022-12-20 22:12:37,299 - VIADownloads - DEBUG - Processed 148299 items from file: /tmp/tmpzr0wld32/via4.json 2022-12-20 22:12:37,300 - IJSONHandler - DEBUG - Processed 1 items from file: /tmp/tmpzr0wld32/via4.json, using prefix: cves 2022-12-20 22:12:40,593 - VIADownloads - DEBUG - Processed metadata from file: /tmp/tmpzr0wld32/via4.json 2022-12-20 22:12:40,594 - VIADownloads - DEBUG - Removing working dir: /tmp/tmpzr0wld32 2022-12-20 22:12:41,365 - VIADownloads - DEBUG - Queue max_len: 147594, current_q_len: 147487, q_len: 147594, dif_old: 0, cycle: 0 2022-12-20 22:13:31,449 - VIADownloads - DEBUG - Queue max_len: 147594, q_len: 7409, dif_old: 140185, cycles: 10 2022-12-20 22:13:31,495 - VIADownloads - INFO - Duration: 0:02:43.889582 2022-12-20 22:13:31,495 - VIADownloads - INFO - Finished VIA4 database update 2022-12-20 22:13:31,498 - DBUpdater - INFO - via4 has 148299 elements (0 update) 2022-12-20 22:13:31,499 - DBUpdater - INFO - Starting ensureindex 2022-12-20 22:13:32,669 - DatabaseIndexer - INFO - Success to create index statements.contributor on via4 2022-12-20 22:13:34,018 - DatabaseIndexer - INFO - Success to create index statements.organization on via4 2022-12-20 22:13:35,414 - DatabaseIndexer - INFO - Success to create index refmap.aixapar on via4 2022-12-20 22:13:36,851 - DatabaseIndexer - INFO - Success to create index refmap.bea on via4 2022-12-20 22:13:38,461 - DatabaseIndexer - INFO - Success to create index refmap.bid on via4 2022-12-20 22:13:39,486 - DatabaseIndexer - INFO - Success to create index refmap.cert on via4 2022-12-20 22:13:40,422 - DatabaseIndexer - INFO - Success to create index refmap.cert-vn on via4 2022-12-20 22:13:41,510 - DatabaseIndexer - INFO - Success to create index refmap.debian on via4 2022-12-20 22:13:41,989 - DatabaseIndexer - INFO - Success to create index refmap.fedora on via4 2022-12-20 22:13:42,484 - DatabaseIndexer - INFO - Success to create index refmap.freebsd on via4 2022-12-20 22:13:42,961 - DatabaseIndexer - INFO - Success to create index refmap.gentoo on via4 2022-12-20 22:13:43,440 - DatabaseIndexer - INFO - Success to create index refmap.hp on via4 2022-12-20 22:13:43,912 - DatabaseIndexer - INFO - Success to create index refmap.jvn on via4 2022-12-20 22:13:44,426 - DatabaseIndexer - INFO - Success to create index refmap.jvndb on via4 2022-12-20 22:13:44,905 - DatabaseIndexer - INFO - Success to create index refmap.mandrake on via4 2022-12-20 22:13:45,405 - DatabaseIndexer - INFO - Success to create index refmap.mandriva on via4 2022-12-20 22:13:45,811 - DatabaseIndexer - INFO - Success to create index refmap.milw0rm on via4 2022-12-20 22:13:46,302 - DatabaseIndexer - INFO - Success to create index refmap.netbsd on via4 2022-12-20 22:13:46,835 - DatabaseIndexer - INFO - Success to create index refmap.openpkg on via4 2022-12-20 22:13:47,318 - DatabaseIndexer - INFO - Success to create index refmap.osvdb on via4 2022-12-20 22:13:47,805 - DatabaseIndexer - INFO - Success to create index refmap.sco on via4 2022-12-20 22:13:48,400 - DatabaseIndexer - INFO - Success to create index refmap.sectrack on via4 2022-12-20 22:13:49,567 - DatabaseIndexer - INFO - Success to create index refmap.secunia on via4 2022-12-20 22:13:50,101 - DatabaseIndexer - INFO - Success to create index refmap.sgi on via4 2022-12-20 22:13:50,694 - DatabaseIndexer - INFO - Success to create index refmap.slackware on via4 2022-12-20 22:13:51,184 - DatabaseIndexer - INFO - Success to create index refmap.suse on via4 2022-12-20 22:13:51,666 - DatabaseIndexer - INFO - Success to create index refmap.ubuntu on via4 2022-12-20 22:13:52,147 - DatabaseIndexer - INFO - Success to create index refmap.vupen on via4 2022-12-20 22:13:52,642 - DatabaseIndexer - INFO - Success to create index refmap.xf on via4 2022-12-20 22:13:53,060 - DatabaseIndexer - INFO - Success to create index redhat.advisories.rhsa.id on via4 2022-12-20 22:13:53,743 - DatabaseIndexer - INFO - Success to create index redhat.advisories.bugzilla.id on via4 2022-12-20 22:13:55,440 - DatabaseIndexer - INFO - Success to create index redhat.rpms on via4 2022-12-20 22:13:56,062 - DatabaseIndexer - INFO - Success to create index msbulletin.name on via4 2022-12-20 22:13:56,855 - DatabaseIndexer - INFO - Success to create index msbulletin.knowledgebase_id on via4 2022-12-20 22:13:57,579 - DatabaseIndexer - INFO - Success to create index d2sec.name on via4 2022-12-20 22:13:58,105 - DatabaseIndexer - INFO - Success to create index oval.id on via4 2022-12-20 22:13:59,302 - DatabaseIndexer - INFO - Success to create index saint.id on via4 2022-12-20 22:14:00,761 - DatabaseIndexer - INFO - Success to create index saint.bid on via4 2022-12-20 22:14:01,886 - DatabaseIndexer - INFO - Success to create index saint.osvdb on via4 2022-12-20 22:14:03,235 - DatabaseIndexer - INFO - Success to create index saint.title on via4 2022-12-20 22:14:03,248 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on cpe 2022-12-20 22:14:03,252 - DatabaseIndexer - INFO - Success to create index [('vendor', 1)] on cpe 2022-12-20 22:14:03,257 - DatabaseIndexer - INFO - Success to create index [('product', 1)] on cpe 2022-12-20 22:14:03,284 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on cpeother 2022-12-20 22:14:03,298 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on cves 2022-12-20 22:14:03,301 - DatabaseIndexer - INFO - Success to create index [('vulnerable_configuration', 1)] on cves 2022-12-20 22:14:03,304 - DatabaseIndexer - INFO - Success to create index [('vulnerable_product', 1)] on cves 2022-12-20 22:14:03,305 - DatabaseIndexer - INFO - Success to create index [('Modified', 1)] on cves 2022-12-20 22:14:03,308 - DatabaseIndexer - INFO - Success to create index [('Published', 1)] on cves 2022-12-20 22:14:03,310 - DatabaseIndexer - INFO - Success to create index [('last-modified', 1)] on cves 2022-12-20 22:14:03,311 - DatabaseIndexer - INFO - Success to create index [('cvss', 1)] on cves 2022-12-20 22:14:03,313 - DatabaseIndexer - INFO - Success to create index [('cvss3', 1)] on cves 2022-12-20 22:14:03,314 - DatabaseIndexer - INFO - Success to create index [('summary', 'text')] on cves 2022-12-20 22:14:03,315 - DatabaseIndexer - INFO - Success to create index [('vendors', 1)] on cves 2022-12-20 22:14:03,316 - DatabaseIndexer - INFO - Success to create index [('products', 1)] on cves 2022-12-20 22:14:03,320 - DatabaseIndexer - INFO - Success to create index [('vulnerable_product_stems', 1)] on cves 2022-12-20 22:14:03,321 - DatabaseIndexer - INFO - Success to create index [('vulnerable_configuration_stems', 1)] on cves 2022-12-20 22:14:05,985 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on via4 2022-12-20 22:14:06,015 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on mgmt_whitelist 2022-12-20 22:14:06,056 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on mgmt_blacklist 2022-12-20 22:14:06,230 - DatabaseIndexer - INFO - Success to create index [('related_weakness', 1)] on capec 2022-12-20 22:14:06,230 - DBUpdater - INFO - Starting schema 2022-12-20 22:14:06,489 - SchemaChecker - INFO - Updating schema version 2022-12-20 22:14:06,515 - SchemaChecker - INFO - Update schema version done!

    Any idea?

    opened by Sleeptime17 4
  • Bump flask-restx from 0.5.1 to 1.0.3

    Bump flask-restx from 0.5.1 to 1.0.3

    Bumps flask-restx from 0.5.1 to 1.0.3.

    Release notes

    Sourced from flask-restx's releases.

    1.0.3

    Bug Fixes

    • Properly remove six dependency

    1.0.1

    Breaking

    Starting from this release, we only support python versions >= 3.7

    Bug Fixes

    • Fix compatibility issue with werkzeug 2.1.0 (#423) [stacywsmith]

    Enhancements

    • Drop support for python <3.7
    Changelog

    Sourced from flask-restx's changelog.

    Flask-RestX Changelog

    Basic structure is

    ::

    ADD LINK (..) _section-VERSION
    VERSION
    -------
    ADD LINK (..) _bug_fixes-VERSION OR _enhancments-VERSION
    Bug Fixes or Enchancements
    ~~~~~~~~~~~~~~~~~~~~~~~~~~
    * Message (TICKET) [CONTRIBUTOR]
    

    Opening a release

    If you’re the first contributor, add a new semver release to the document. Place your addition in the correct category, giving a short description (matching something in a git commit), the issue ID (or PR ID if no issue opened), and your Github username for tracking contributors!

    Releases prior to 0.3.0 were “best effort” filled out, but are missing some info. If you see your contribution missing info, please open a PR on the Changelog!

    .. _section-1.0.2: 1.0.2

    .. _bug_fixes-1.0.2 Bug Fixes

    
    ::
    
    • Properly remove six dependency

    .. _section-1.0.1: 1.0.1

    .. _breaking-1.0.1

    Breaking

    
    Starting from this release, we only support python versions &gt;= 3.7
    

    &lt;/tr&gt;&lt;/table&gt; </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary>

    <ul> <li><a href="https://github.com/python-restx/flask-restx/commit/19c7fd7eda2ef20122d4072eec1695bc045f3ac2"><code>19c7fd7</code></a> Bump version 1.0.3</li> <li><a href="https://github.com/python-restx/flask-restx/commit/cbd0867e5e357fb8b572889acdfa56118602f3cb"><code>cbd0867</code></a> fix: remove python 3.11 support for now</li> <li><a href="https://github.com/python-restx/flask-restx/commit/235737f393fba6830508c17ab071441a230bda4f"><code>235737f</code></a> fix: python 3.11 requirements</li> <li><a href="https://github.com/python-restx/flask-restx/commit/b58823fd2ca1258e234d22e749a5fe53b2b7aa5a"><code>b58823f</code></a> properly remove six dependency (closes <a href="https://github-redirect.dependabot.com/python-restx/flask-restx/issues/482">#482</a>)</li> <li><a href="https://github.com/python-restx/flask-restx/commit/1461b0105bbb41a15249fed160a091cc730f9a16"><code>1461b01</code></a> update CHANGELOG</li> <li><a href="https://github.com/python-restx/flask-restx/commit/3bc6b8dcc9e900cd75dd213d5d4fdd19ab9f9436"><code>3bc6b8d</code></a> Update to version 1.0.2.dev for next development cycle</li> <li><a href="https://github.com/python-restx/flask-restx/commit/a6e10ef859df1e870bdb9d33d1820218c9596755"><code>a6e10ef</code></a> Bump version 1.0.1</li> <li><a href="https://github.com/python-restx/flask-restx/commit/a27a9025b172d0061f2584b7664958f5266ccc55"><code>a27a902</code></a> Bump version 1.0.0</li> <li><a href="https://github.com/python-restx/flask-restx/commit/4eaf37347b7671a632804fff8024075e619226b5"><code>4eaf373</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/python-restx/flask-restx/issues/371">#371</a> from EtiennePelletier/fix_typo</li> <li><a href="https://github.com/python-restx/flask-restx/commit/a37126d57dec141134d30e7c311c4b37aa01e883"><code>a37126d</code></a> fix: properly set pattern in reqparse object list when using option</li> <li>Additional commits viewable in <a href="https://github.com/python-restx/flask-restx/compare/0.5.1...1.0.3">compare view</a></li> </ul> </details>

    <br />

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump flask from 2.1.1 to 2.2.2

    Bump flask from 2.1.1 to 2.2.2

    Bumps flask from 2.1.1 to 2.2.2.

    Release notes

    Sourced from flask's releases.

    2.2.2

    This is a fix release for the 2.2.0 feature release.

    2.2.1

    This is a fix release for the 2.2.0 feature release.

    2.2.0

    This is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades.

    2.1.3

    2.1.2

    This is a fix release for the 2.1.0 feature release.

    Changelog

    Sourced from flask's changelog.

    Version 2.2.2

    Released 2022-08-08

    • Update Werkzeug dependency to >= 2.2.2. This includes fixes related to the new faster router, header parsing, and the development server. :pr:4754
    • Fix the default value for app.env to be "production". This attribute remains deprecated. :issue:4740

    Version 2.2.1

    Released 2022-08-03

    • Setting or accessing json_encoder or json_decoder raises a deprecation warning. :issue:4732

    Version 2.2.0

    Released 2022-08-01

    • Remove previously deprecated code. :pr:4667

      • Old names for some send_file parameters have been removed. download_name replaces attachment_filename, max_age replaces cache_timeout, and etag replaces add_etags. Additionally, path replaces filename in send_from_directory.
      • The RequestContext.g property returning AppContext.g is removed.
    • Update Werkzeug dependency to >= 2.2.

    • The app and request contexts are managed using Python context vars directly rather than Werkzeug's LocalStack. This should result in better performance and memory use. :pr:4682

      • Extension maintainers, be aware that _app_ctx_stack.top and _request_ctx_stack.top are deprecated. Store data on g instead using a unique prefix, like g._extension_name_attr.
    • The FLASK_ENV environment variable and app.env attribute are deprecated, removing the distinction between development and debug mode. Debug mode should be controlled directly using the --debug option or app.run(debug=True). :issue:4714

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump pymongo from 3.12.1 to 4.3.3

    Bump pymongo from 3.12.1 to 4.3.3

    Bumps pymongo from 3.12.1 to 4.3.3.

    Release notes

    Sourced from pymongo's releases.

    PyMongo 4.3.3

    Release notes: https://www.mongodb.com/community/forums/t/pymongo-4-3-3-release/200145

    PyMongo 4.3.2

    Release notes: https://www.mongodb.com/community/forums/t/pymongo-4-3-2-released/194266

    PyMongo 4.2.0

    Release notes: https://www.mongodb.com/community/forums/t/pymongo-4-2-0-released/176012

    PyMongo 4.2.0b0

    Release notes: https://www.mongodb.com/community/forums/t/python-driver-4-2-0-beta-available/168488

    PyMongo 4.1.1

    Release notes: https://www.mongodb.com/community/forums/t/pymongo-4-1-1-released/157895

    PyMongo 4.1.0

    Release notes: https://www.mongodb.com/community/forums/t/pymongo-4-1-0-released/156029

    PyMongo 4.0.2

    Release notes: https://www.mongodb.com/community/forums/t/pymongo-4-0-2-released/150457

    PyMongo 4.0.1

    Release notes: https://www.mongodb.com/community/forums/t/pymongo-4-0-1-released/135979

    PyMongo 4.0

    Release notes: https://www.mongodb.com/community/forums/t/pymongo-4-0-released/134677

    PyMongo 3.13.0

    Release notes https://www.mongodb.com/community/forums/t/pymongo-3-13-0-released/197141

    PyMongo 3.12.3

    Release notes: https://www.mongodb.com/community/forums/t/pymongo-3-12-3-released/135978

    Changelog

    Sourced from pymongo's changelog.

    Changes in Version 4.3.3

    Version 4.3.3 documents support for the following:

    • :ref:CSFLE on-demand credentials for cloud KMS providers.
    • Authentication support for :ref:EKS Clusters.
    • Added the :ref:timeout-example example page to improve the documentation for :func:pymongo.timeout.

    Bug Fixes .........

    • Fixed a performance regression in :meth:~gridfs.GridFSBucket.download_to_stream and :meth:~gridfs.GridFSBucket.download_to_stream_by_name by reading in chunks instead of line by line (PYTHON-3502_).
    • Improved performance of :meth:gridfs.grid_file.GridOut.read and :meth:gridfs.grid_file.GridOut.readline (PYTHON-3508_).

    Issues Resolved ...............

    See the PyMongo 4.3.3 release notes in JIRA_ for the list of resolved issues in this release.

    .. _PYTHON-3502: https://jira.mongodb.org/browse/PYTHON-3502 .. _PYTHON-3508: https://jira.mongodb.org/browse/PYTHON-3508 .. _PyMongo 4.3.3 release notes in JIRA: https://jira.mongodb.org/secure/ReleaseNote.jspa?projectId=10004&version=34709

    Changes in Version 4.3 (4.3.2)

    Note: We withheld uploading tags 4.3.0 and 4.3.1 to PyPI due to a version handling error and a necessary documentation update.

    dnspython <https://pypi.python.org/pypi/dnspython>_ is now a required dependency. This change makes PyMongo easier to install for use with "mongodb+srv://" connection strings and MongoDB Atlas <https://www.mongodb.com/cloud>_.

    PyMongo 4.3 brings a number of improvements including:

    • Added support for decoding BSON datetimes outside of the range supported by Python's :class:~datetime.datetime builtin. See :ref:handling-out-of-range-datetimes for examples, as well as :class:bson.datetime_ms.DatetimeMS, :class:bson.codec_options.DatetimeConversion, and :class:bson.codec_options.CodecOptions's datetime_conversion parameter for more details (PYTHON-1824_).
    • PyMongo now resets its locks and other shared state in the child process after a :py:func:os.fork to reduce the frequency of deadlocks. Note that deadlocks are still possible because libraries that PyMongo depends like

    ... (truncated)

    Commits
    • 3d03276 BUMP 4.3.3
    • 1edbfad PYTHON-3529 Improve reliability of test_list_databases (#1120)
    • cde9adf PYTHON-3527 + PYTHON-3528 Fix no-server tests (#1118)
    • b290f7b PYTHON-3526 Fix mockup tests (#1119)
    • 3ab7390 PYTHON-3500 Resync retryable tests to fix serverless failures (#1116)
    • 363e0b2 PYTHON-2818 Add documentation and changelog (#1115)
    • 79aa5e6 PYTHON-3516 Improve test EventListener api (#1114)
    • d056804 PYTHON-2818 Add native support for AWS IAM Roles for service accounts, EKS in...
    • fcb1151 PYTHON-3517 Add documentation for on-demand KMS providers (#1113)
    • 92e6150 PYTHON-3493 Bulk Write InsertOne Should Be Parameter Of Collection Type (#1106)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
Releases(v4.2.1)
  • v4.2.1(May 27, 2022)

    v4.2.1 (2022-05-27)

    cve-search v4.2.1 released including multiple bugs fixed and improvements.

    • Configurable max limits & reasonable defaults for /api/cvefor & /api/last
    • Fix CPE conversions
    • Capec 3.7 update
    • Various improvements in the JS dependencies
    • Add Database connectivity using MONGODB+SRV connection string

    Thanks to @eengelking, @P-T-I and @oh2fih for all the hard work and contributions!

    Changelog

    • [release] version 4.2.1. [Alexandre Dulaunoy]

    Other

    • Merge pull request #888 from oh2fih/master. [PT]

    • Black formatting for lib/Config.py. [Esa Jokinen]

    • Use CVEMaxLimit in /api/cvefor and /api/last. [Esa Jokinen]

    • Add configurable [API] CVEMaxLimit. [Esa Jokinen]

    • Black formatting (web/) [Esa Jokinen]

    • Rename the maximum limit variable. [Esa Jokinen]

    • Set default limit & max limit for /api/cvefor. [Esa Jokinen]

    • Merge pull request #884 from oh2fih/master. [PT]

    • Merge branch 'update-js-dependencies' [Esa Jokinen]

    • Update Bootstrap v4.6.0 -> v4.6.1. [Esa Jokinen]

    • Update clipboard.js v2.0.8 -> v2.0.10. [Esa Jokinen]

    • Update Popper v2.10.1 -> v2.11.5. [Esa Jokinen]

    • Update DataTables 1.11.2 -> 1.11.3. [Esa Jokinen]

      Not changed:

      • [1.11.3]/js/dataTables.bootstrap4.min.js
      • [1.11.3]/css/dataTables.bootstrap4.min.css
    • Merge pull request #883 from oh2fih/master. [PT]

    • Update rest api documentation to meet with PR #880. [Esa Jokinen]

    • Merge pull request #880 from oh2fih/master. [PT]

      Fix CPE conversions

    • Use cpe_conversion library in Toolkit.py. [Esa Jokinen]

    • Black formatting. [Esa Jokinen]

    • Rename library to match its purpose. [Esa Jokinen]

    • Merge pull request #2 from rg-atte/master. [Esa Jokinen]

      Added cve conversion library

    • EOF newline. [Atte]

    • Functionality to correctly convert CPE versions. [Atte]

    • Merge pull request #878 from AlphaBravoCompany/master. [PT]

    • Add authentication database variables (#3) [Ed Engelking]

      • Added authSource to DB connection call. Updated configuration sample with variable.

      • Updated documentation

      • Updated documentation wording

    • Updated github actions python versions to 3.8. [Paul Tikken Laptop]

    • Updated github actions python versions to 3.8. [Paul Tikken Laptop]

    • Merge pull request #869 from P-T-I/cve-search-858. [PT]

      Capec 3.7 update

    • Capec sources updated to 3.7. [Paul Tikken Laptop]

    • Update requirements.txt. [Paul Tikken Laptop]

    • Merge pull request #848 from cve-search/dependabot/pip/nltk-3.7. [PT]

      Bump nltk from 3.6.5 to 3.7

    • Bump nltk from 3.6.5 to 3.7. [dependabot[bot]]

      Bumps nltk from 3.6.5 to 3.7.


      updated-dependencies:

      • dependency-name: nltk dependency-type: direct:production update-type: version-update:semver-minor ...
    • Merge pull request #856 from cve-search/dependabot/pip/pytest-7.1.1. [PT]

      Bump pytest from 6.2.5 to 7.1.1

    • Bump pytest from 6.2.5 to 7.1.1. [dependabot[bot]]

      Bumps pytest from 6.2.5 to 7.1.1.


      updated-dependencies:

      • dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-major ...
    • Merge pull request #862 from cve-search/dependabot/pip/requests-2.27.1. [PT]

      Bump requests from 2.26.0 to 2.27.1

    • Bump requests from 2.26.0 to 2.27.1. [dependabot[bot]]

      Bumps requests from 2.26.0 to 2.27.1.


      updated-dependencies:

      • dependency-name: requests dependency-type: direct:production update-type: version-update:semver-minor ...
    • Merge pull request #865 from cve-search/dependabot/pip/docs/source/nltk-3.6.6. [PT]

      Bump nltk from 3.6.5 to 3.6.6 in /docs/source

    • Bump nltk from 3.6.5 to 3.6.6 in /docs/source. [dependabot[bot]]

      Bumps nltk from 3.6.5 to 3.6.6.


      updated-dependencies:

      • dependency-name: nltk dependency-type: direct:production ...
    • Merge pull request #864 from AlphaBravoCompany/master. [PT]

      Database connectivity using MONGODB+SRV connection string

    • Database connectivity using MONGO+SRV connection string (#2) [Ed Engelking]

      • Added feature to use mongodb-srv URI records in mongodb plugin. Added URI configuration options in Config.py. Updated sample configuration to include ability to enable mongodb-srv URI. Added dnspython to pip requirements.txt.

      • Updating database documentation to explain how to use the new configuration options for SRV syntax.

      • Fixed a word.

      • Updated Config.py and mongodb.py to allow calls for SRV connections.

    • Update VERSION. [PT]

    Source code(tar.gz)
    Source code(zip)
  • v4.2(Mar 21, 2022)

    cve-search version 4.2 released including many bugs fixed and improvements. (2022-03-21)

    New

    • [config] changelogrc configuration + updated pattern for tag matching. [Alexandre Dulaunoy]

    Other

    • Merge pull request #854 from oh2fih/master. [PT]

    • Remove logrotate as logging to syslog. [Esa Jokinen]

    • A more complete set of CVE-Search systemd services. [Esa Jokinen]

    • Merge pull request #831 from FafnerKeyZee/patch-1. [PT]

    • Sending parameters to make uwsgi happy ;) [Fafner [KeyZee]]

    • Merge pull request #830 from FafnerKeyZee/master. [PT]

    • Adding systemd and logrotate. [Olivier Ferrand]

    • Merge pull request #824 from cve-search/dependabot/pip/sphinx-4.3.1. [Alexandre Dulaunoy]

      Bump sphinx from 4.3.0 to 4.3.1

    • Bump sphinx from 4.3.0 to 4.3.1. [dependabot[bot]]

      Bumps sphinx from 4.3.0 to 4.3.1.


      updated-dependencies:

      • dependency-name: sphinx dependency-type: direct:development update-type: version-update:semver-patch ...
    • Merge pull request #816 from kawtar01/feature/setup_oidc_auth_flow. [PT]

    • Update doc to elaborate idp discovery url. [Kawtar.ahaggach.e]

    • Update requirements.txt. [Paul Tikken Laptop]

    • Rebase. [Paul Tikken Laptop]

    • Merge pull request #823 from P-T-I/api_doc_fix. [PT]

      Redoc dependency removal

    • Removed redoc as dependency. [Paul Tikken Laptop]

    • Merge pull request #822 from P-T-I/update_reqs. [PT]

      Updated requirements

    • Updated requirements. [Paul Tikken Laptop]

    • Fix for always showing the bottom plugin toolbar. [Paul Tikken Laptop]

    • Merge pull request #819 from P-T-I/cve-search-801. [PT]

      Updates capec version

    • Fix #cve-search-801; update capec version. [Paul Tikken Laptop]

    • Changed print statements to logger statements. Added function to retrieve a requests session instead of a plain request method. This function also respects proxies from the config. Added verify possibility to ignore requests made with/to self signed certificates OIDC servers. Black formatting enforced. [Paul Tikken Laptop]

    • Black formatting and cleanup imports. [Paul Tikken Laptop]

    • Added SSL_Verify to Config.py and corresponding method to retrieve the value. Added this value into the configuration.ini.sample as well. [Paul Tikken Laptop]

    • Setup OIDC login flow. [Kawtar.ahaggach.e]

    • Merge pull request #814 from FafnerKeyZee/master. [PT]

    • Update bookmarked.html. [Fafner [KeyZee]]

    • Update linked.html. [Fafner [KeyZee]]

    • Merge pull request #806 from oh2fih/master. [PT]

      Enhance sanitation #796 + black formatting.

    • Black formatting. [Esa Jokinen]

    • Enhance sanitation #796 + black formatting. [Esa Jokinen]

    • Merge pull request #796 from P-T-I/cve-search-795. [PT]

      Reflected server-side cross-site scripting

    • Update requirements. [Paul Tikken Laptop]

    • Fix #795; server side XSS vulnerability. [Paul Tikken Laptop]

    • Merge pull request #784 from cve-search/dependabot/pip/jinja2-3.0.2. [PT]

    • Bump jinja2 from 3.0.1 to 3.0.2. [dependabot[bot]]

      Bumps jinja2 from 3.0.1 to 3.0.2.


      updated-dependencies:

      • dependency-name: jinja2 dependency-type: direct:production update-type: version-update:semver-patch ...
    • Merge pull request #786 from cve-search/dependabot/pip/werkzeug-2.0.2. [PT]

    • Bump werkzeug from 2.0.1 to 2.0.2. [dependabot[bot]]

      Bumps werkzeug from 2.0.1 to 2.0.2.


      updated-dependencies:

      • dependency-name: werkzeug dependency-type: direct:production update-type: version-update:semver-patch ...
    • Merge pull request #783 from cve-search/dependabot/pip/flask-2.0.2. [PT]

    • Bump flask from 2.0.1 to 2.0.2. [dependabot[bot]]

      Bumps flask from 2.0.1 to 2.0.2.


      updated-dependencies:

      • dependency-name: flask dependency-type: direct:production update-type: version-update:semver-patch ...
    • Merge pull request #782 from cve-search/dependabot/pip/pytest-cov-3.0.0. [PT]

    • Bump pytest-cov from 2.12.1 to 3.0.0. [dependabot[bot]]

      Bumps pytest-cov from 2.12.1 to 3.0.0.


      updated-dependencies:

      • dependency-name: pytest-cov dependency-type: direct:production update-type: version-update:semver-major ...
    • Merge pull request #789 from oh2fih/master. [PT]

    • Merge branch 'cve-search:master' into master. [Esa Jokinen]

    • Merge pull request #785 from oh2fih/master. [PT]

    • Remove IRC and XMPP from documentation (#787) [Esa Jokinen]

    • Remove requirements for IRC and XMPP (#787) [Esa Jokinen]

    • Remove broken feature: XMPP bot (#787) [Esa Jokinen]

    • Remove broken feature: IRC bot (#787) [Esa Jokinen]

    • Add "Logging: True/False" in sample config (#774) [Esa Jokinen]

    • Improve logging: config & fault tolerance (#774) [Esa Jokinen]

    • Merge pull request #778. [PT]

      update redoc

    • Redoc update. [Paul Tikken Laptop]

    • Merge pull request #777. [PT]

      req update

    • Docs update. [Paul Tikken Laptop]

    • Merge pull request #776. [PT]

      docs update

    • Docs update. [Paul Tikken Laptop]

    • Merge pull request #775. [PT]

      update requirements

    • Update requirements.txt. [Paul Tikken Laptop]

    • Merge pull request #771 from cve-search/dependabot/pip/tqdm-4.62.3. [PT]

      Bump tqdm from 4.62.2 to 4.62.3

    • Bump tqdm from 4.62.2 to 4.62.3. [dependabot[bot]]

      Bumps tqdm from 4.62.2 to 4.62.3.


      updated-dependencies:

      • dependency-name: tqdm dependency-type: direct:production update-type: version-update:semver-patch ...
    • Merge pull request #772 from cve-search/dependabot/pip/nltk-3.6.3. [PT]

      Bump nltk from 3.6.2 to 3.6.3

    • Bump nltk from 3.6.2 to 3.6.3. [dependabot[bot]]

      Bumps nltk from 3.6.2 to 3.6.3.


      updated-dependencies:

      • dependency-name: nltk dependency-type: direct:production update-type: version-update:semver-patch ...
    • Merge pull request #766 from oh2fih/master. [PT]

      Ajaxify searches & adjust search result reason priority

    • Merge branch 'cve-search:master' into master. [Esa Jokinen]

    • Merge pull request #768 from cve-search/dependabot/pip/sphinx-rtd-theme-1.0.0. [PT]

      Bump sphinx-rtd-theme from 0.5.2 to 1.0.0

    • Bump sphinx-rtd-theme from 0.5.2 to 1.0.0. [dependabot[bot]]

      Bumps sphinx-rtd-theme from 0.5.2 to 1.0.0.


      updated-dependencies:

      • dependency-name: sphinx-rtd-theme dependency-type: direct:development update-type: version-update:semver-major ...
    • Merge pull request #769 from cve-search/dependabot/pip/sphinx-4.2.0. [PT]

      Bump sphinx from 4.1.2 to 4.2.0

    • Bump sphinx from 4.1.2 to 4.2.0. [dependabot[bot]]

      Bumps sphinx from 4.1.2 to 4.2.0.


      updated-dependencies:

      • dependency-name: sphinx dependency-type: direct:development update-type: version-update:semver-minor ...
    • Fix breadcrumb for freetext search. [Esa Jokinen]

    • Update search tooltip. [Esa Jokinen]

    • Change freetext search path (removing '?search=') [Esa Jokinen]

    • Remove unused template static_table.html (#758) [Esa Jokinen]

    • Breadcrumb for freetext search (#758) [Esa Jokinen]

    • Expand Ajax search to vendor browsing (#758) [Esa Jokinen]

    • Merge branch 'cve-search:master' into master. [Esa Jokinen]

    • Merge pull request #764 from oh2fih/master. [PT]

    • Adjust search result reason priority. [Esa Jokinen]

    • Show 'reason' only if exists. Fix indentation. [Esa Jokinen]

    • Shared functions: better on the same file. (#758) [Esa Jokinen]

    • Ajaxify freetext search (#758) [Esa Jokinen]

    • Merge branch 'cve-search:master' into master. [Esa Jokinen]

    • Merge pull request #762 from oh2fih/master. [PT]

    • Filter validation for an authenticated user (#763) [Esa Jokinen]

    • Authenticated user defaults for the filter (#763) [Esa Jokinen]

    • Backend state for the auth user filter form (#763) [Esa Jokinen]

    • CSS for Bootstrap v4.5.2 -> v4.6.0. [Esa Jokinen]

    • Update Bootstrap v4.5.2 -> v4.6.0 (#761) [Esa Jokinen]

    • Popper required by Bootstrap must be before it. [Esa Jokinen]

    • Merge branch 'web-cleanup' [Esa Jokinen]

    • Update clipboard.js v2.0.6 -> v2.0.8 (#761) [Esa Jokinen]

    • Update Popper (?? 2019 version) -> v2.10.1 (#761) [Esa Jokinen]

    • Update DataTables 1.10.22 -> 1.11.2 (#761) [Esa Jokinen]

    • Remove legacy Flash (#761) [Esa Jokinen]

    • Uniform style with master-page layout (#761) [Esa Jokinen]

    • Remove unused HTML5 Shiv v3.6.2 (#761) [Esa Jokinen]

    • Abandon IE 6-8 support. (#761) [Esa Jokinen]

    • CSS for Font Awesome Free 5.13.0 -> 5.15.4 (#761) [Esa Jokinen]

    • Remove unused jQuery v3.5.1 (#761) [Esa Jokinen]

    • Use jQuery v3.6.0 (replacing jQuery v3.5.1) (#761) [Esa Jokinen]

    • Add jQuery v3.6.0 (#761) [Esa Jokinen]

    • Remove unused fonts (glyphicons-halflings) (#761) [Esa Jokinen]

    • Update Font Awesome Free 5.13.0 -> 5.15.4 (#761) [Esa Jokinen]

    • Enable Font Awesome Free (ref. all.min.js) (#761) [Esa Jokinen]

    • Remove unused jQuery v1.11.2 (#761) [Esa Jokinen]

    • Remove unreferenced template api.html (#761) [Esa Jokinen]

    • Remove unreferenced template filters2.html (#761) [Esa Jokinen]

    • Merge pull request #760 from oh2fih/master. [PT]

    • Merge branch 'cve-search:master' into master. [Esa Jokinen]

    • Merge pull request #755 from cve-search/dependabot/pip/beautifulsoup4-4.10.0. [PT]

      Bump beautifulsoup4 from 4.9.3 to 4.10.0

    • Bump beautifulsoup4 from 4.9.3 to 4.10.0. [dependabot[bot]]

      Bumps beautifulsoup4 from 4.9.3 to 4.10.0.


      updated-dependencies:

      • dependency-name: beautifulsoup4 dependency-type: direct:production update-type: version-update:semver-minor ...
    • Fix indentation. [Esa Jokinen]

    • Rename the function to be less general. (#758) [Esa Jokinen]

    • One more MountPath fix for (#759) [Esa Jokinen]

    • Merge branch 'cve-search:master' into master. [oh2fih]

    • Merge pull request #756 from oh2fih/master. [PT]

      Minor improvements to the filter functionality. Fixed search.

    • Merge pull request #757 from DocArmoryTech/patch-1. [PT]

      Fix typo in production installation

    • Fix typo in production installation. [DocArmoryTech]

      Added missing redirects > to the cat commands in the instructions for production installation

    • Facilitate mounting with JS var MountPath (#759) [Esa Jokinen]

    • Dynamically generate URL for mounting. [Esa Jokinen]

    • These were already fixed in #728 but got reverted. [Esa Jokinen]

    • Add global JS variable for MountPath (#759) [Esa Jokinen]

    • Removed duplicate // from favicon URL. [Esa Jokinen]

    • Beautify indentation etc. [Esa Jokinen]

    • This is redundant, too. [Esa Jokinen]

    • Fix freetext search form; simplified GET-redirect. [Esa Jokinen]

    • /search to support both GET & POST. Fix redirect. [Esa Jokinen]

    • Delete invalid cookie more aggressively. [Esa Jokinen]

    • Make the "Filter" buttons behave equally. [Esa Jokinen]

    • Show the filter box if a warning is displayed. [Esa Jokinen]

    • Merge pull request #754 from oh2fih/master. [PT]

      Fix the server-side filter date validation

    • Merge branch 'cve-search:master' into master. [oh2fih]

    • Merge pull request #753 from oh2fih/master. [PT]

      Move inline JavaScript from the HTML template to static .js files

    • Fix the server-side date validation. (#733) [Esa Jokinen]

    • Added newline in the end of file. [Esa Jokinen]

    • Move all possible inline JS to static files. [Esa Jokinen]

    • Uniform indentation. [Esa Jokinen]

    • Move filter related JS from template to /static. [Esa Jokinen]

    • Not used anywhere; setFilters() always empty. [Esa Jokinen]

    • Merge pull request #752 from P-T-I/cve-search-751. [PT]

    • Dropping all collections when forced. [Paul Tikken Laptop]

    • Reconfigured wsgi mount path to be configurable via the configuration settings. [Paul Tikken Laptop]

    • Merge pull request #749 from P-T-I/cve-search-742. [PT]

      Web GUI filters always filtering on CVSS3 (despite CVSS2 chosen)

    • Fix #742; fixed gui performing wrong CVSS filter and fixed filtering on dates which where performed on the wrong date format. [Paul Tikken Laptop]

    • Merge branch 'up_master' into cve-search-742. [Paul Tikken Laptop]

    • Merge pull request #748 from oh2fih/master. [PT]

      Client-side filter handling with cookies

    • More responsive user interactions (#747) [Esa Jokinen]

    • Client-side filter validation (#747) [Esa Jokinen]

    • Better look for warning (same size when empty). [Esa Jokinen]

    • Merge branch 'cve-search:master' into master. [oh2fih]

    • Reduce requests to /fetch_cve_data (#747) [Esa Jokinen]

    • No need for server-side logging anymore (#747) [Esa Jokinen]

    • Move filter handling client-side (#747) [Esa Jokinen]

    • Fixed bug where datestrings where not handled correctly. [Paul Tikken Laptop]

    • Merge pull request #746. [PT]

      UX enhancements related to the previous fixes on bug #733

    • UX: hilight active drop-down menu options. (#733) [Esa Jokinen]

    • UX: replace JS alerts with inline warnings (#733) [Esa Jokinen]

    • Update installation.rst. [PT]

    • Merge pull request #743 from oh2fih/master. [PT]

      Added backend filter validation and pre-filling of the filter form data

    • Beautify console errors & reduce verbosity. (#733) [Esa Jokinen]

    • Update filter form with the backend state. (#733) [Esa Jokinen]

    • Fix a typo; making 'equals' & 'below' work (#733) [Esa Jokinen]

    • Make frontend aware of the backend state (#733) [Esa Jokinen]

    • Backend filter validation for /set_filter (#733) [Esa Jokinen]

    • Merge pull request #744 from DocArmoryTech/wsgi-doc. [PT]

      UWSGI documentation update

    • Fixed rst reference to Config section. [DocArmoryTech]

    • Added note to highlight end of standard install. [DocArmoryTech]

      Added note to highlight end of standard install and direct the reader on to the Configuration section (hoping to avoid people trying to perform both installations

    • Renamed 'basic' to 'standard' installation. [DocArmoryTech]

    • Update webgui.rst. [DocArmoryTech]

      Decomposed the "starting the webserver" section into two parts one for a standard installation, and one for a production installation that covers setup of uwsgi and nginx

    • Update webgui.rst. [DocArmoryTech]

    • Removed UWSGI and NGINX setup. [DocArmoryTech]

      Removed UWSGI and NGINX setup with the intention of replacing it under the webgui section of the docs

    • Corrected type in virtualenv. [DocArmoryTech]

    • Added virtualenv parameter. [DocArmoryTech]

      Added a virtualenv parameter to tally with that specified in the docs

    • Copied mongo-db install to Prod. Install. [DocArmoryTech]

      Copied the instructions for installing mongodb to the "Production Installation" section

    • Updated docs to use requirements.prod file. [DocArmoryTech]

    • Create requirements.prod. [DocArmoryTech]

    • Update installation.rst. [DocArmoryTech]

    • Fixed formatting of new section. [DocArmoryTech]

      Fixed md formatting of new "Production Installation" section

    • Create nginx.conf.sample. [DocArmoryTech]

    • Update installation.rst. [DocArmoryTech]

    • Merge pull request #741 from P-T-I/cleanup. [PT]

      query published date

    • Fixed bug where datestrings posted to the api/query endpoint where not handled correctly. [Paul Tikken Laptop]

    • Merge pull request #738 from P-T-I/plugin_rewrite. [PT]

      Plugin rewrite

    • Documentation update and first release for Cve-Search plugin. [Paul Tikken Laptop]

    • Rebase merge. [Paul Tikken Laptop]

    • Merge pull request #737 from P-T-I/cve-search-709. [PT]

      /api/dbInfo missing in the new API

    • Restructure dbinfo in documentation. [Paul Tikken Laptop]

    • Merge pull request #736 from P-T-I/cve-search-734. [PT]

      Issues using the REST API

    • Added cvssVersion header. [Paul Tikken Laptop]

    • Updated requirements and fixed headers with underscore no longer being processed by the REST API. [Paul Tikken Laptop]

    • Merge pull request #732 from P-T-I/cve-search-714. [PT]

      Support for MongoDB 5.0

    • Black formatting. [Paul Tikken Laptop]

    • Rebase. [Paul Tikken Laptop]

    • Merge pull request #728 from DocArmoryTech/mounty. [PT]

      Dynamically generate all URLs to facilitate mounting

    • Small error with cwe breadcrumb. [Paul Tikken Laptop]

    • Merge branch 'mounty' of https://github.com/DocArmoryTech/cve-search into mounty. [dotsie]

    • Updated fixed to masterLogin. [DocArmoryTech]

      Reverted changes made to masterLogin function to make use of the local (and not absent) verifyPass function.

    • Version change for rebase. [DocArmoryTech]

    • Corrected version. [DocArmoryTech]

    • Update VERSION. [DocArmoryTech]

    • Update wsgi.ini.sample. [DocArmoryTech]

    • Fixed path of wsgi-file. [DocArmoryTech]

    • Removed beforeSend hook. [dotsie]

    • Prefix XHR urls with url_for. [dotsie]

    • Fixed typo in chaneg_pass url. [dotsie]

    • Moved XHR js functions to admin template. [dotsie]

    • Modified URL generation in stand UI. [dotsie]

    • Fixed urls in admin or full webui. [dotsie]

    • Fixed db mgmt admin scripts ref to non-existent function. [dotsie]

      db_mgmt_admin.py attempted to make use of the mongodb plugin's verifyPass function.

      Assuming a refactoring oversight, and changing the function call to verifyUser(user, pass)

    • Merge branch 'mounty' of https://github.com/DocArmoryTech/cve-search into mounty. [dotsie]

    • Create wsgi.ini.sample. [DocArmoryTech]

      A minimal example of a uwsgi ini that runs cve-search listening on a socket

    • Removed leading slash from constructed breadcrumb urls. [dotsie]

      • Modified dynamic list constructors so as to not return a leading / in generated URLs
      • Modified the loop body that generates the page breadcrumb so as to include the url_for('home.index')

      todo:

      • modify admin 'views'
      • admin/account testing
    • Dynamically generated urls to static resources for app mounting /_get_plugins. [dotsie]

      In order to faciliate 'mounting' of cve-search as a web app, or alteration of the application root:

      • Modified the 'hard coded' urls to static resources (css, imgs, js) to use the url_for() function to generate urls dynamically
      • Added a new <script> in the <head> of web/templates/layouts/master-page.html
        • moved the ~search~ redirect() function from web/static/js/custom/scripts.js to a new <script> in the master layout template
        • modified the redirect() function to use url_for() when generating urls and redirecting
        • configured ajax to prepend the web_root to XHR requets using the beforeSend hook

      Todo:

      • Breadcrumbs are broken
      • Admin functions need testing
    • Update wsgi.ini.sample. [DocArmoryTech]

    • Fixed path of wsgi-file. [DocArmoryTech]

    • Removed beforeSend hook. [dotsie]

    • Prefix XHR urls with url_for. [dotsie]

    • Fixed typo in chaneg_pass url. [dotsie]

    • Moved XHR js functions to admin template. [dotsie]

    • Modified URL generation in stand UI. [dotsie]

    • Fixed urls in admin or full webui. [dotsie]

    • Create wsgi.ini.sample. [DocArmoryTech]

      A minimal example of a uwsgi ini that runs cve-search listening on a socket

    • Removed leading slash from constructed breadcrumb urls. [dotsie]

      • Modified dynamic list constructors so as to not return a leading / in generated URLs
      • Modified the loop body that generates the page breadcrumb so as to include the url_for('home.index')

      todo:

      • modify admin 'views'
      • admin/account testing
    • Dynamically generated urls to static resources for app mounting /_get_plugins. [dotsie]

      In order to faciliate 'mounting' of cve-search as a web app, or alteration of the application root:

      • Modified the 'hard coded' urls to static resources (css, imgs, js) to use the url_for() function to generate urls dynamically
      • Added a new <script> in the <head> of web/templates/layouts/master-page.html
        • moved the ~search~ redirect() function from web/static/js/custom/scripts.js to a new <script> in the master layout template
        • modified the redirect() function to use url_for() when generating urls and redirecting
        • configured ajax to prepend the web_root to XHR requets using the beforeSend hook

      Todo:

      • Breadcrumbs are broken
      • Admin functions need testing
    • Black formatting. [Paul Tikken Laptop]

    • Change is not backwards compatible with earlier create indexes in mongodb; so rebuild is needed. [Paul Tikken Laptop]

    • Removed weights from indexes for mongodb 5.0 compatibility and black formatting. [Paul Tikken Laptop]

    • Merge pull request #731 from P-T-I/cve-search-680. [PT]

      db update throws error message after creating user

    • Fixed errors when inserting a user into the database. [Paul Tikken Laptop]

    • Black formatting and requirement added. [Paul Tikken Laptop]

    • Merge master. [Paul Tikken Laptop]

    • Merge pull request #730 from P-T-I/cve-search-712. [PT]

      Update source to capec3.5

    • Fix #712; updated to capec3.5 and upped schema version. [Paul Tikken Laptop]

    • Merge pull request #729 from P-T-I/master. [PT]

      updated docs and updated requirements

    • Updated docs and updated requirements. [Paul Tikken Laptop]

    • Merge pull request #720 from cve-search/dependabot/pip/requests-2.26.0. [PT]

    • Bump requests from 2.25.1 to 2.26.0. [dependabot[bot]]

      Bumps requests from 2.25.1 to 2.26.0.


      updated-dependencies:

      • dependency-name: requests dependency-type: direct:production update-type: version-update:semver-minor ...
    • Merge pull request #715 from cve-search/dependabot/pip/sphinx-4.0.3. [PT]

    • Bump sphinx from 4.0.2 to 4.0.3. [dependabot[bot]]

      Bumps sphinx from 4.0.2 to 4.0.3.


      updated-dependencies:

      • dependency-name: sphinx dependency-type: direct:development update-type: version-update:semver-patch ...
    • Merge pull request #716 from cve-search/dependabot/pip/flask-jwt-extended-4.2.3. [PT]

    • Bump flask-jwt-extended from 4.2.1 to 4.2.3. [dependabot[bot]]

      Bumps flask-jwt-extended from 4.2.1 to 4.2.3.


      updated-dependencies:

      • dependency-name: flask-jwt-extended dependency-type: direct:production update-type: version-update:semver-patch ...
    • Merge pull request #717 from cve-search/dependabot/pip/tqdm-4.61.2. [PT]

    • Bump tqdm from 4.61.1 to 4.61.2. [dependabot[bot]]

      Bumps tqdm from 4.61.1 to 4.61.2.


      updated-dependencies:

      • dependency-name: tqdm dependency-type: direct:production update-type: version-update:semver-patch ...
    • Merge pull request #707 from cve-search/dependabot/pip/tqdm-4.61.1. [PT]

    • Bump tqdm from 4.61.0 to 4.61.1. [dependabot[bot]]

      Bumps tqdm from 4.61.0 to 4.61.1.


      updated-dependencies:

      • dependency-name: tqdm dependency-type: direct:production update-type: version-update:semver-patch ...
    • Merge pull request #705 from cve-search/dependabot/pip/pytest-cov-2.12.1. [PT]

    • Bump pytest-cov from 2.12.0 to 2.12.1. [dependabot[bot]]

      Bumps pytest-cov from 2.12.0 to 2.12.1.


      updated-dependencies:

      • dependency-name: pytest-cov dependency-type: direct:production update-type: version-update:semver-patch ...
    • Merge pull request #699 from cve-search/dependabot/pip/tqdm-4.61.0. [PT]

      Bump tqdm from 4.60.0 to 4.61.0

    • Bump tqdm from 4.60.0 to 4.61.0. [dependabot[bot]]

      Bumps tqdm from 4.60.0 to 4.61.0.

    • Merge pull request #703 from cve-search/dependabot/pip/flask-wtf-0.15.1. [PT]

    • Bump flask-wtf from 0.14.3 to 0.15.1. [dependabot[bot]]

      Bumps flask-wtf from 0.14.3 to 0.15.1.

    • Merge pull request #702 from hashier/fix/dependencies. [PT]

    • Fix(dependencies): dowgrade flask. [Christopher Loessl]

      because flask-restx is not yet compatible

    • Merge pull request #697 from P-T-I/cve-search-690. [PT]

      fixed double entries in the CWE description (and also notic…

    • Fix #690; fixed double entries in the CWE description (and also noticed that the wrong description is in the CWE description) [Paul Tikken Laptop]

    • Merge pull request #696 from P-T-I/cve-search-679. [PT]

      Let data tables respond to PageLength setting

    • Fix #679; Let data tables respond to PageLength setting in configuration.ini. [Paul Tikken Laptop]

    • Merge pull request #695 from P-T-I/master. [PT]

      Update requirements files

    • Updated requirements.txt. [Paul Tikken Laptop]

    • Merge branch 'up_master' [Paul Tikken Laptop]

    • Merge pull request #691 from cve-search/dependabot/pip/sphinx-4.0.2. [PT]

      Bump sphinx from 3.5.4 to 4.0.2

    • Bump sphinx from 3.5.4 to 4.0.2. [dependabot[bot]]

      Bumps sphinx from 3.5.4 to 4.0.2.

    • Updated requirements.txt. [Paul Tikken Laptop]

    • Updated requirements.txt. [Paul Tikken Laptop]

    • Merge pull request #678 from cve-search/dependabot/pip/pytest-6.2.4. [PT]

    • Bump pytest from 6.2.3 to 6.2.4. [dependabot[bot]]

      Bumps pytest from 6.2.3 to 6.2.4.

    • Merge pull request #677 from cve-search/dependabot/pip/pymongo-3.11.4. [PT]

    • Bump pymongo from 3.11.3 to 3.11.4. [dependabot[bot]]

      Bumps pymongo from 3.11.3 to 3.11.4.

    • Merge branch 'up_master' into plugin_rewrite. [Paul Tikken Laptop]

    • Merge pull request #676 from cve-search/dependabot/pip/flask-jwt-extended-4.2.0. [PT]

      Bump flask-jwt-extended from 4.1.0 to 4.2.0

    • Bump flask-jwt-extended from 4.1.0 to 4.2.0. [dependabot[bot]]

      Bumps flask-jwt-extended from 4.1.0 to 4.2.0.

    • Merge remote-tracking branch 'origin/plugin_rewrite' into plugin_rewrite. [Paul Tikken Laptop]

      Conflicts:

      web/VERSION

    • Merge up_master. [Paul Tikken Laptop]

    • Merge up_master. [Paul Tikken Laptop]

    • Merge pull request #673 from P-T-I/redoc_update. [PT]

      redoc update

    • Redoc update. [Paul Tikken Laptop]

    • Merge pull request #671 from M0dEx/master. [PT]

      Search in 'vendors' and 'products' fields

    • Search in 'vendors' and 'products' fields - earching using only fulltext searches misses a lot of obvious matches (search for "trendmicro" or "trend micro" returns a lot less CVEs than it should (<150, when there are 300+ CVEs for Trend Micro) [M0dEx]

    • Merge pull request #668 from M0dEx/master. [PT]

    • Convert WORKER_SIZE from ENV to int as it can cause issues when not converted (in CVE-Search-Docker, for example) [M0dEx]

    • Working on flask-plugins. [Paul Tikken Laptop]

    • Working on flask-plugins. [Paul Tikken Laptop]

    • Refactored the CVE page. [Paul Tikken Laptop]

    • Cleanup old plugin framework. [Paul Tikken Laptop]

    • Cleanup old plugin framework. [Paul Tikken Laptop]

    • Merge branch 'up_master' into plugin_rewrite. [Paul Tikken Laptop]

    • Merge. [Paul Tikken Laptop]

    • Working on new plugin framework. [Paul Tikken Laptop]

    Source code(tar.gz)
    Source code(zip)
  • v4.1.0(Apr 24, 2021)

    cve-search v4.1.0 (2021-04-24) released including many improvements and bug fixes.

    Thanks to all the contributors including bugs reporters who helped us to improve cve-search.

    v4.1.0 (2021-04-24)

    Changes

    • [version] v4.1.0 released. [Alexandre Dulaunoy]

    Fix

    • [doc] fix the default link of the public cvepremium.circl.lu. [Alexandre Dulaunoy]

    • [view/capec] Non existing CAPEC value was not properly handled. [Alexandre Dulaunoy]

      Fix #648

    • [json import] ASSIGNER not always present (required) in NVD json feed. [Alexandre Dulaunoy]

      Fix #650

    Other

    • Merge pull request #664 from P-T-I/cve-search-659. [PT]

      fix #cve-search-659; wrong date format disables effective sorting on …

    • Fix #cve-search-659; wrong date format disables effective sorting on table + inserted cvss3 score to vendor search table. [Paul Tikken Laptop]

    • Merge pull request #663 from P-T-I/cve-search-660. [PT]

      fix #cve-search-660; fixed the back to top button covering the datata…

    • Fix #cve-search-660; fixed the back to top button covering the datatables buttons. [Paul Tikken Laptop]

    • Merge pull request #662 from P-T-I/master. [PT]

      Proxies fix

    • Proxies fix. [Paul Tikken Laptop]

    • Proxies fix. [Paul Tikken Laptop]

    • Merge pull request #661 from P-T-I/master. [PT]

      proxies fix

    • Proxies fix. [Paul Tikken Laptop]

    • Merge pull request #657 from P-T-I/cve-search-586. [PT]

      Fix #cve-search-586; created possibility to set download worker size …

    • Merge branch 'master' into cve-search-586. [Paul Tikken Laptop]

    • Merge pull request #615 from EXXETA/downloadHandlerProxy. [PT]

      Use http proxy in download handler

    • Move proxy setting to a more central place (get_session) [Justin Kromlinger]

    • Move configuration to a class variable and import statement to the top of the file. [Justin Kromlinger]

    • Use http proxy in download handler. [Justin Kromlinger]

    • Fix #cve-search-586; created possibility to set download worker size via environment variable. [Paul Tikken Laptop]

    • Merge pull request #656 from FafnerKeyZee/patch-2. [Alexandre Dulaunoy]

      dirty patch for #651

    • Update Sources_process.py. [Fafner [KeyZee]]

    • Update Sources_process.py. [Fafner [KeyZee]]

    • Update Sources_process.py. [Fafner [KeyZee]]

      Yeah it's a dirty fix, but it does the job for the moment.

    • Merge pull request #644 from EXXETA/vendor-search. [Alexandre Dulaunoy]

      Added endpoints to search for the CPE fields vendor, product and version

    • Added endpoints to search for the CPE fields vendor, product and version. [weigeltj]

    • Merge pull request #647 from cve-search/dependabot/pip/nltk-3.6.2. [PT]

    • Bump nltk from 3.6.1 to 3.6.2. [dependabot[bot]]

      Bumps nltk from 3.6.1 to 3.6.2.

    • Merge pull request #643 from cve-search/dependabot/pip/sphinx-3.5.4. [PT]

    • Bump sphinx from 3.5.3 to 3.5.4. [dependabot[bot]]

      Bumps sphinx from 3.5.3 to 3.5.4.

    • Merge pull request #642 from cve-search/dependabot/pip/nltk-3.6.1. [PT]

      Bump nltk from 3.5 to 3.6.1

    • Bump nltk from 3.5 to 3.6.1. [dependabot[bot]]

      Bumps nltk from 3.5 to 3.6.1.

    • Merge pull request #641 from P-T-I/cve-search-625. [PT]

      update to cwe4.4

    • Update to cwe4.4. [Paul Tikken Laptop]

    • Merge pull request #640 from P-T-I/new_redoc. [PT]

      New redoc version added

    • New redoc version added. [Paul Tikken Laptop]

    • Merge pull request #639 from P-T-I/cve-search-612. [PT]

      Cve search 612

    • Version bump. [Paul Tikken Laptop]

    • Merge branch 'master' into cve-search-612. [Paul Tikken Laptop]

    • Merge pull request #635 from cve-search/dependabot/pip/tqdm-4.60.0. [PT]

      Bump tqdm from 4.59.0 to 4.60.0

    • Bump tqdm from 4.59.0 to 4.60.0. [dependabot[bot]]

      Bumps tqdm from 4.59.0 to 4.60.0.

    • Merge pull request #634 from cve-search/dependabot/pip/sphinx-rtd-theme-0.5.2. [PT]

      Bump sphinx-rtd-theme from 0.5.1 to 0.5.2

    • Bump sphinx-rtd-theme from 0.5.1 to 0.5.2. [dependabot[bot]]

      Bumps sphinx-rtd-theme from 0.5.1 to 0.5.2.

    • Merge pull request #632 from cve-search/dependabot/pip/pytest-6.2.3. [PT]

    • Bump pytest from 6.2.2 to 6.2.3. [dependabot[bot]]

      Bumps pytest from 6.2.2 to 6.2.3.

    • Merge pull request #631 from cve-search/dependabot/pip/flask-restx-0.3.0. [PT]

      Bump flask-restx from 0.2.0 to 0.3.0

    • Bump flask-restx from 0.2.0 to 0.3.0. [dependabot[bot]]

      Bumps flask-restx from 0.2.0 to 0.3.0.

    • Create codeql-analysis.yml. [PT]

    • Merge pull request #630 from oh2fih/patch-1. [PT]

      Correct installation order

    • Correct installation order. [oh2fih]

      Because python3 & python3-pip are part of requirements.system, the system requirements must be installed before installing CVE-Search and its Python dependencies.

    • Merge pull request #629 from jorgectf/fix-regex-injection. [PT]

    • Fix Regular Expression injection. [jorgectf]

    • Merge pull request #628 from cve-search/dependabot/pip/sphinx-3.5.3. [PT]

    • Bump sphinx from 3.5.2 to 3.5.3. [dependabot[bot]]

      Bumps sphinx from 3.5.2 to 3.5.3.

    • Merge pull request #627 from cve-search/dependabot/pip/docs/source/jinja2-2.11.3. [PT]

      Bump jinja2 from 2.11.2 to 2.11.3 in /docs/source

    • Bump jinja2 from 2.11.2 to 2.11.3 in /docs/source. [dependabot[bot]]

      Bumps jinja2 from 2.11.2 to 2.11.3.

    • Fix #612; add min-length attribute to search input box. [Paul Tikken Laptop]

    • Merge pull request #624 from P-T-I/cve-search-622. [PT]

      fix #622; skip processing files when file failes to download...

    • Fix #622; skip processing files when file failes to download... [Paul Tikken Laptop]

    • Merge pull request #621 from cve-search/dependabot/pip/flask-jwt-extended-4.1.0. [PT]

    • Bump flask-jwt-extended from 4.0.2 to 4.1.0. [dependabot[bot]]

      Bumps flask-jwt-extended from 4.0.2 to 4.1.0.

    • Merge pull request #619 from cve-search/dependabot/pip/tqdm-4.59.0. [PT]

    • Bump tqdm from 4.58.0 to 4.59.0. [dependabot[bot]]

      Bumps tqdm from 4.58.0 to 4.59.0.

    • Merge pull request #620 from cve-search/dependabot/pip/sphinx-3.5.2. [PT]

    • Bump sphinx from 3.5.1 to 3.5.2. [dependabot[bot]]

      Bumps sphinx from 3.5.1 to 3.5.2.

    • Merge pull request #618 from EXXETA/cpeBrowseAPI. [PT]

      Provide /browse endpoint to list product CPEs

    • Fix field description. [Justin Kromlinger]

    • Provide /browse endpoint to list product CPEs. [Justin Kromlinger]

      The vendor isn't really required here, but it fits the current API style and represents the same functionality as the webinterface.

    • Merge pull request #616 from cve-search/dependabot/pip/ijson-3.1.4. [PT]

      Bump ijson from 3.1.3 to 3.1.4

    • Bump ijson from 3.1.3 to 3.1.4. [dependabot[bot]]

      Bumps ijson from 3.1.3 to 3.1.4.

    • Merge pull request #614 from cve-search/dependabot/pip/tqdm-4.58.0. [PT]

    • Bump tqdm from 4.57.0 to 4.58.0. [dependabot[bot]]

      Bumps tqdm from 4.57.0 to 4.58.0.

    • Merge pull request #613 from RoccovanAsselt/display_help. [PT]

    • Print_help if no parameters. [Rocco van Asselt]

    • Merge pull request #610 from cve-search/dependabot/pip/tqdm-4.57.0. [PT]

      Bump tqdm from 4.56.2 to 4.57.0

    • Bump tqdm from 4.56.2 to 4.57.0. [dependabot[bot]]

      Bumps tqdm from 4.56.2 to 4.57.0.

    • Merge pull request #609 from cve-search/dependabot/pip/sphinx-3.5.1. [PT]

    • Bump sphinx from 3.5.0 to 3.5.1. [dependabot[bot]]

      Bumps sphinx from 3.5.0 to 3.5.1.

    • Merge pull request #608 from P-T-I/cve-search-607. [PT]

      fix #607; updated the renamed jwt functions

    • Fix #607; updated the renamed jwt functions. [Paul Tikken Laptop]

    • Merge pull request #606 from cve-search/dependabot/pip/sphinx-3.5.0. [PT]

    • Bump sphinx from 3.4.3 to 3.5.0. [dependabot[bot]]

      Bumps sphinx from 3.4.3 to 3.5.0.

    • Merge pull request #605 from cve-search/dependabot/pip/flask-jwt-extended-4.0.2. [PT]

    • Bump flask-jwt-extended from 3.25.0 to 4.0.2. [dependabot[bot]]

      Bumps flask-jwt-extended from 3.25.0 to 4.0.2.

    • Merge pull request #603 from cve-search/dependabot/pip/tqdm-4.56.2. [PT]

    • Bump tqdm from 4.56.1 to 4.56.2. [dependabot[bot]]

      Bumps tqdm from 4.56.1 to 4.56.2.

    • Merge pull request #602 from cve-search/dependabot/pip/tqdm-4.56.1. [PT]

    • Bump tqdm from 4.56.0 to 4.56.1. [dependabot[bot]]

      Bumps tqdm from 4.56.0 to 4.56.1.

    • Merge pull request #601 from cve-search/dependabot/pip/jsonpickle-2.0.0. [PT]

    • Bump jsonpickle from 1.5.1 to 2.0.0. [dependabot[bot]]

      Bumps jsonpickle from 1.5.1 to 2.0.0.

    • Merge pull request #600 from cve-search/dependabot/pip/pymongo-3.11.3. [PT]

    • Bump pymongo from 3.11.2 to 3.11.3. [dependabot[bot]]

      Bumps pymongo from 3.11.2 to 3.11.3.

    • Merge pull request #599 from cve-search/dependabot/pip/jsonpickle-1.5.1. [PT]

      Bump jsonpickle from 1.5.0 to 1.5.1

    • Bump jsonpickle from 1.5.0 to 1.5.1. [dependabot[bot]]

      Bumps jsonpickle from 1.5.0 to 1.5.1.

    • Merge pull request #598 from cve-search/dependabot/pip/jinja2-2.11.3. [PT]

      Bump jinja2 from 2.11.2 to 2.11.3

    • Bump jinja2 from 2.11.2 to 2.11.3. [dependabot[bot]]

      Bumps jinja2 from 2.11.2 to 2.11.3.

    • Merge pull request #596 from cve-search/dependabot/pip/pytest-6.2.2. [PT]

      Bump pytest from 6.2.1 to 6.2.2

    • Bump pytest from 6.2.1 to 6.2.2. [dependabot[bot]]

      Bumps pytest from 6.2.1 to 6.2.2.

    • Merge pull request #593 from cve-search/dependabot/pip/gevent-21.1.2. [PT]

      Bump gevent from 21.1.1 to 21.1.2

    • Bump gevent from 21.1.1 to 21.1.2. [dependabot[bot]]

      Bumps gevent from 21.1.1 to 21.1.2.

    • Merge pull request #594 from cve-search/dependabot/pip/pytest-cov-2.11.1. [PT]

      Bump pytest-cov from 2.11.0 to 2.11.1

    • Bump pytest-cov from 2.11.0 to 2.11.1. [dependabot[bot]]

      Bumps pytest-cov from 2.11.0 to 2.11.1.

    • Merge pull request #592 from cve-search/dependabot/pip/gevent-21.1.1. [PT]

      Bump gevent from 21.1.0 to 21.1.1

    • Bump gevent from 21.1.0 to 21.1.1. [dependabot[bot]]

      Bumps gevent from 21.1.0 to 21.1.1.

    • Merge pull request #591 from P-T-I/cve-search-587. [PT]

      fix #587; allowing local files to be set in the sources.ini file via …

    • Fix #587; allowing local files to be set in the sources.ini file via a file:///PATH/TO/FILE.json; this is applicable for all different sources; which creates the possibility to update cve-search completely off line. [Paul Tikken Laptop]

    • Merge pull request #590 from cve-search/dependabot/pip/gevent-21.1.0. [PT]

      Bump gevent from 20.12.1 to 21.1.0

    • Bump gevent from 20.12.1 to 21.1.0. [dependabot[bot]]

      Bumps gevent from 20.12.1 to 21.1.0.

    • Merge pull request #589 from cve-search/dependabot/pip/jsonpickle-1.5.0. [PT]

      Bump jsonpickle from 1.4.2 to 1.5.0

    • Bump jsonpickle from 1.4.2 to 1.5.0. [dependabot[bot]]

      Bumps jsonpickle from 1.4.2 to 1.5.0.

    • Merge pull request #588 from cve-search/dependabot/pip/pytest-cov-2.11.0. [PT]

      Bump pytest-cov from 2.10.1 to 2.11.0

    • Bump pytest-cov from 2.10.1 to 2.11.0. [dependabot[bot]]

      Bumps pytest-cov from 2.10.1 to 2.11.0.

    • Merge pull request #584 from cve-search/dependabot/pip/tqdm-4.56.0. [PT]

      Bump tqdm from 4.55.1 to 4.56.0

    • Bump tqdm from 4.55.1 to 4.56.0. [dependabot[bot]]

      Bumps tqdm from 4.55.1 to 4.56.0.

    • Merge pull request #583 from cve-search/dependabot/pip/sphinx-3.4.3. [PT]

      Bump sphinx from 3.4.2 to 3.4.3

    • Bump sphinx from 3.4.2 to 3.4.3. [dependabot[bot]]

      Bumps sphinx from 3.4.2 to 3.4.3.

    • Merge pull request #582 from P-T-I/cve-search-579. [PT]

      added retry policy to request.session() and removed the sys.exit(1) o…

    • Added retry policy to request.session() and removed the sys.exit(1) on error. [Paul Tikken Laptop]

    • Merge pull request #580 from cve-search/dependabot/pip/sphinx-rtd-theme-0.5.1. [PT]

      Bump sphinx-rtd-theme from 0.5.0 to 0.5.1

    • Bump sphinx-rtd-theme from 0.5.0 to 0.5.1. [dependabot[bot]]

      Bumps sphinx-rtd-theme from 0.5.0 to 0.5.1.

    • Merge pull request #581 from cve-search/dependabot/pip/sphinx-3.4.2. [PT]

      Bump sphinx from 3.4.1 to 3.4.2

    • Bump sphinx from 3.4.1 to 3.4.2. [dependabot[bot]]

      Bumps sphinx from 3.4.1 to 3.4.2.

    • Merge pull request #578 from cve-search/dependabot/pip/tqdm-4.55.1. [PT]

      Bump tqdm from 4.55.0 to 4.55.1

    • Bump tqdm from 4.55.0 to 4.55.1. [dependabot[bot]]

      Bumps tqdm from 4.55.0 to 4.55.1.

    • Merge pull request #577 from cve-search/dependabot/pip/gevent-20.12.1. [PT]

      Bump gevent from 20.12.0 to 20.12.1

    • Bump gevent from 20.12.0 to 20.12.1. [dependabot[bot]]

      Bumps gevent from 20.12.0 to 20.12.1.

    • Merge pull request #576 from cve-search/dependabot/pip/tqdm-4.55.0. [PT]

      Bump tqdm from 4.54.1 to 4.55.0

    • Bump tqdm from 4.54.1 to 4.55.0. [dependabot[bot]]

      Bumps tqdm from 4.54.1 to 4.55.0.

    • Merge pull request #575 from cve-search/dependabot/pip/sphinx-3.4.1. [PT]

      Bump sphinx from 3.4.0 to 3.4.1

    • Bump sphinx from 3.4.0 to 3.4.1. [dependabot[bot]]

      Bumps sphinx from 3.4.0 to 3.4.1.

    • Update .schema_version. [PT]

      Update schema for new capec version

    • Merge pull request #574 from P-T-I/new_capec_version. [PT]

      fix #572: parsing new capec version

    • Fix #572: parsing new capec version. [Paul Tikken Laptop]

    • Merge pull request #573 from cve-search/dependabot/pip/gevent-20.12.0. [PT]

      Bump gevent from 20.9.0 to 20.12.0

    • Bump gevent from 20.9.0 to 20.12.0. [dependabot[bot]]

      Bumps gevent from 20.9.0 to 20.12.0.

    • Merge pull request #570 from P-T-I/schema_checker. [PT]

      fix #564; database schema version checker added

    • Fix #564; database schema version checker added. [Paul Tikken Laptop]

    • Merge pull request #569 from P-T-I/cvss_impact_exploit. [PT]

      added exploit and impact scores to api endpoints; cleanup code and re…

    • Added exploit and impact scores to api endpoints; cleanup code and removal of unused functions. [Paul Tikken Laptop]

    • Merge pull request #565 from AZobec/cvssV3. [PT]

      add impactScore and exploitabilityScore for CVSS v3.1

    • Rebase. [AZobec]

    • Add impactScore and exploitabilityScore for CVSS v3.1. [AZobec]

    • Merge pull request #568 from cve-search/dependabot/pip/sphinx-3.4.0. [PT]

      Bump sphinx from 3.3.1 to 3.4.0

    • Bump sphinx from 3.3.1 to 3.4.0. [dependabot[bot]]

      Bumps sphinx from 3.3.1 to 3.4.0.

    • Merge pull request #567 from cve-search/dependabot/pip/flask-socketio-5.0.1. [PT]

      Bump flask-socketio from 5.0.0 to 5.0.1

    • Bump flask-socketio from 5.0.0 to 5.0.1. [dependabot[bot]]

      Bumps flask-socketio from 5.0.0 to 5.0.1.

    • Merge pull request #566 from cve-search/dependabot/pip/codecov-2.1.11. [PT]

      Bump codecov from 2.1.10 to 2.1.11

    • Bump codecov from 2.1.10 to 2.1.11. [dependabot[bot]]

      Bumps codecov from 2.1.10 to 2.1.11.

    • Merge pull request #563 from cve-search/dependabot/pip/requests-2.25.1. [PT]

      Bump requests from 2.25.0 to 2.25.1

    • Bump requests from 2.25.0 to 2.25.1. [dependabot[bot]]

      Bumps requests from 2.25.0 to 2.25.1.

    • Update VERSION. [PT]

    Source code(tar.gz)
    Source code(zip)
  • v4.0(Dec 17, 2020)

    cve-search v4.0 (2020-12-17) released with a major change in the web interface, a new ReST API and many many improvements.

    cve-search has been significantly improved and especially the Web interface has been rewritten from scratch. Many additional improvements in the importer script which allow to reimport the full dataset in a fast way. The documentation has been also improved to ease the installation process for new users.

    A huge thanks to all the contributors.

    You can have a look at all the changes on the public instance running at https://cvepremium.circl.lu/ and the API documentation.

    Changes

    • [copyright] add Paul as co-author. [Alexandre Dulaunoy]

    Other

    • Merge pull request #562 from P-T-I/cve-search-560. [PT]

      Cve search 560

    • Added cvss version selector. [Paul Tikken Laptop]

    • Added cvss3 filter logic. [Paul Tikken Laptop]

    • Added data column for cvss3. [Paul Tikken Laptop]

    • Added column for cvss3. [Paul Tikken Laptop]

    • Added index for cvss3. [Paul Tikken Laptop]

    • Merge pull request #561 from P-T-I/cve-search-559. [PT]

      Cve search 559

    • Merge up_master. [Paul Tikken Laptop]

    • Merge pull request #522 from AZobec/cvssV3. [PT]

      Add CVSS v3.1 in db and WebUI

    • Adding conditions if cvssV3 is None. [AZobec]

    • Rebase and adjust web/VERSION. [AZobec]

    • Rebase + adjust web/VERSION. [AZobec]

    • Modify Version. [AZobec]

    • Change version CVSS V3. [AZobec]

    • Remove comments. [AZobec]

    • Merge remote-tracking branch 'upstream/master' [AZobec]

    • CVSSv3 handling - fixing None for absence of V3 score. [AZobec]

    • Fix CVSSv3 Handling. [AZobec]

    • Add CVSS v3.1 handling. [AZobec]

    • Merge pull request #557 from cve-search/dependabot/pip/pytest-6.2.1. [PT]

      Bump pytest from 6.2.0 to 6.2.1

    • Bump pytest from 6.2.0 to 6.2.1. [dependabot[bot]]

      Bumps pytest from 6.2.0 to 6.2.1.

    • Fix #559; added api support for cvssV3 fields. [Paul Tikken Laptop]

    • Merge pull request #556 from P-T-I/cve-search-555. [PT]

      fix #555; Double entries in cwe related_weaknesses field

    • Fix #555; Double entries in cwe related_weaknesses field. [Paul Tikken Laptop]

    • Update query.py. [PT]

    • Update ApiRequests.py. [PT]

    • Merge pull request #552 from cve-search/dependabot/pip/flask- socketio-5.0.0. [PT]

      Bump flask-socketio from 4.3.2 to 5.0.0

    • Bump flask-socketio from 4.3.2 to 5.0.0. [dependabot[bot]]

      Bumps flask-socketio from 4.3.2 to 5.0.0.

    • Merge pull request #553 from cve-search/dependabot/pip/pytest-6.2.0. [PT]

      Bump pytest from 6.1.2 to 6.2.0

    • Bump pytest from 6.1.2 to 6.2.0. [dependabot[bot]]

      Bumps pytest from 6.1.2 to 6.2.0.

    • Merge pull request #551 from RoccovanAsselt/bugfix-search-without- via4. [PT]

      added via4 check in getSearchResults() function

    • Added via4 check. [Rocco van Asselt]

    • Testing auto deploy github pages. [Paul Tikken Laptop]

    • Testing auto deploy github pages. [Paul Tikken Laptop]

    • Testing auto deploy github pages. [Paul Tikken Laptop]

    • Merge pull request #550 from P-T-I/cve-search-548. [PT]

      fix #548; new cwe version release

    • Fix #548; new cwe version release. [Paul Tikken Laptop]

    • Added queues clear to all classes. [Paul Tikken Laptop]

    • Merge pull request #547 from RoccovanAsselt/Clearing_queue. [PT]

      clear queues to prevent duplicates

    • Use self.queue. [RoccovanAsselt]

    • Moved clearing to populate() function. [RoccovanAsselt]

    • Clear queues. [RoccovanAsselt]

    • Merge pull request #549 from P-T-I/docs_updates. [PT]

      Docs updates

    • Minor. [Paul Tikken Laptop]

    • Old doc folder cleanup. [Paul Tikken Laptop]

    • Doc alteration. [Paul Tikken Laptop]

    • Merge pull request #545 from cve-search/dependabot/pip/tqdm-4.54.1. [PT]

      Bump tqdm from 4.54.0 to 4.54.1

    • Bump tqdm from 4.54.0 to 4.54.1. [dependabot[bot]]

      Bumps tqdm from 4.54.0 to 4.54.1.

    • Delete certificate.crt. [PT]

    • Delete certificate.key. [PT]

    • Setting up sphinx docs. [Paul Tikken Laptop]

    • Rebuild pages. [Paul Tikken Laptop]

    • Setting up sphinx docs. [Paul Tikken Laptop]

    • Setting up sphinx docs. [Paul Tikken Laptop]

    • Setting up sphinx docs. [Paul Tikken Laptop]

    • Setting up sphinx docs. [Paul Tikken Laptop]

    • Merge pull request #544 from P-T-I/new_docs. [PT]

      New docs; first setup

    • Setting up sphinx docs. [Paul Tikken Laptop]

    • Merge up_master. [Paul Tikken Laptop]

    • Finished migrating unit tests from travis to github actions. [Paul Tikken Laptop]

    • Merge pull request #543 from P-T-I/master. [PT]

      testing web test default branch

    • Testing web test default branch. [Paul Tikken Laptop]

    • Testing web test default branch. [Paul Tikken Laptop]

    • Merge pull request #542 from P-T-I/master. [PT]

      testing web test default branch

    • Testing web test default branch. [Paul Tikken Laptop]

    • Merge pull request #541 from P-T-I/master. [PT]

      Testing PR

    • Testing web test default branch. [Paul Tikken Laptop]

    • Merge branch 'up_master' [Paul Tikken Laptop]

    • Testing web test default branch. [Paul Tikken Laptop]

    • Testing web test default branch. [Paul Tikken Laptop]

    • Testing web test default branch. [Paul Tikken Laptop]

    • Testing web test default branch. [Paul Tikken Laptop]

    • Setting up web page tests. [Paul Tikken Laptop]

    • Setting up web page tests. [Paul Tikken Laptop]

    • Added gh action badge to README.md. [Paul Tikken Laptop]

    • Splitting build and test. [Paul Tikken Laptop]

    • Testing cache. [Paul Tikken Laptop]

    • Testing cache. [Paul Tikken Laptop]

    • Testing cache. [Paul Tikken Laptop]

    • Testing cache. [Paul Tikken Laptop]

    • Testing cache. [Paul Tikken Laptop]

    • Testing cache. [Paul Tikken Laptop]

    • Testing cache. [Paul Tikken Laptop]

    • Uploading pytest reports to gh actions. [Paul Tikken Laptop]

    • Uploading pytest reports to gh actions. [Paul Tikken Laptop]

    • Splitting build and test jobs. [Paul Tikken Laptop]

    • Splitting build and test jobs. [Paul Tikken Laptop]

    • Splitting build and test jobs. [Paul Tikken Laptop]

    • Splitting build and test jobs. [Paul Tikken Laptop]

    • Splitting build and test jobs. [Paul Tikken Laptop]

    • Splitting build and test jobs. [Paul Tikken Laptop]

    • Splitting build and test jobs. [Paul Tikken Laptop]

    • Splitting build and test jobs. [Paul Tikken Laptop]

    • Splitting build and test jobs. [Paul Tikken Laptop]

    • Merge branch 'master' of https://github.com/cve-search/cve-search into up_master. [Paul Tikken Laptop]

    • Merge pull request #540 from cve-search/dependabot/pip/tqdm-4.54.0. [PT]

      Bump tqdm from 4.50.2 to 4.54.0

    • Bump tqdm from 4.50.2 to 4.54.0. [dependabot[bot]]

      Bumps tqdm from 4.50.2 to 4.54.0.

    • Merge pull request #539 from cve-search/dependabot/pip/pymongo-3.11.2. [PT]

      Bump pymongo from 3.11.0 to 3.11.2

    • Bump pymongo from 3.11.0 to 3.11.2. [dependabot[bot]]

      Bumps pymongo from 3.11.0 to 3.11.2.

    • Merge pull request #538 from cve- search/dependabot/pip/jsonpickle-1.4.2. [PT]

      Bump jsonpickle from 1.4.1 to 1.4.2

    • Bump jsonpickle from 1.4.1 to 1.4.2. [dependabot[bot]]

      Bumps jsonpickle from 1.4.1 to 1.4.2.

    • Splitting build and test jobs. [Paul Tikken Laptop]

    • Merge branch 'up_master' [Paul Tikken Laptop]

    • Merge branch 'up_master' [Paul Tikken Laptop]

    • Base coverage file. [Paul Tikken Laptop]

    • Working on new_docs. [Paul Tikken Laptop]

    • Merge branch 'up_master' into new_docs. [Paul Tikken Laptop]

    • Merge pull request #537 from cve-search/dependabot/pip/flask-jwt- extended-3.25.0. [PT]

      Bump flask-jwt-extended from 3.24.1 to 3.25.0

    • Bump flask-jwt-extended from 3.24.1 to 3.25.0. [dependabot[bot]]

      Bumps flask-jwt-extended from 3.24.1 to 3.25.0.

    • Merge pull request #535 from cve-search/dependabot/pip/ijson-3.1.3. [PT]

      Bump ijson from 3.1.2 to 3.1.3

    • Bump ijson from 3.1.2 to 3.1.3. [dependabot[bot]]

      Bumps ijson from 3.1.2 to 3.1.3.

    • Merge pull request #536 from cve- search/dependabot/pip/requests-2.25.0. [PT]

      Bump requests from 2.24.0 to 2.25.0

    • Bump requests from 2.24.0 to 2.25.0. [dependabot[bot]]

      Bumps requests from 2.24.0 to 2.25.0.

    • Merge pull request #534 from cve-search/dependabot/pip/pytest-6.1.2. [PT]

      Bump pytest from 6.1.1 to 6.1.2

    • Bump pytest from 6.1.1 to 6.1.2. [dependabot[bot]]

      Bumps pytest from 6.1.1 to 6.1.2.

    • Merge pull request #533 from cve-search/dependabot/pip/flask- socketio-4.3.2. [PT]

      Bump flask-socketio from 4.3.1 to 4.3.2

    • Bump flask-socketio from 4.3.1 to 4.3.2. [dependabot[bot]]

      Bumps flask-socketio from 4.3.1 to 4.3.2.

    • Dependabot. [PT]

    • Merge branch 'up_master' into new_docs. [Paul Tikken Laptop]

    • Cleanup. [Paul Tikken Laptop]

    • Disabling travis ci. [Paul Tikken Laptop]

    • Merge pull request #532 from P-T-I/master. [PT]

      Added base coverage report

    • Merge branch 'master' into new_docs. [Paul Tikken Laptop]

    • Base coverage file. [Paul Tikken Laptop]

    • Merge master. [Paul Tikken Laptop]

    • Merge pull request #531 from P-T-I/code_cov_test. [PT]

      Code cov test

    • Code_cov_test. [Paul Tikken Laptop]

    • Merge branch 'master' into code_cov_test. [Paul Tikken Laptop]

    • Code_cov_test. [Paul Tikken Laptop]

    • Code_cov_test. [Paul Tikken Laptop]

    • Merge pull request #530 from P-T-I/code_cov_test. [PT]

      moved unit tests to github actions

    • Moved unit tests to github actions. [Paul Tikken Laptop]

    • Merge pull request #529 from P-T-I/master. [PT]

      Switched unit tests to github actions

    • Moved unit tests to github actions. [Paul Tikken Laptop]

    • Testing with gh_actions. [Paul Tikken Laptop]

    • Testing with gh_actions. [Paul Tikken Laptop]

    • Testing with gh_actions. [Paul Tikken Laptop]

    • Testing with gh_actions. [Paul Tikken Laptop]

    • Merge pull request #2 from P-T-I/GH_action_test. [PT]

      testing with gh_actions

    • Testing with gh_actions. [Paul Tikken Laptop]

    • Update unit_tests.yml. [PT]

    • Update unit_tests.yml. [PT]

    • Update unit_tests.yml. [PT]

    • Update unit_tests.yml. [PT]

    • Merge pull request #1 from P-T-I/gh_action_test. [PT]

      testing with gh_actions

    • Testing with gh_actions. [Paul Tikken Laptop]

    • Merge branch 'up_master' into new_docs. [Paul Tikken Laptop]

    • Merge pull request #528 from P-T-I/cve-search-523. [PT]

      Duplicate id in cpe collection

    • Fix #523; Duplicate id in cpe collection. [Paul Tikken Laptop]

    • Merge branch 'up_master' [Paul Tikken Laptop]

    • Merge branch 'up_master' [Paul Tikken Laptop]

    • Bump. [Paul Tikken Laptop]

    • Merge pull request #526 from P-T-I/travis_new_test. [PT]

      updated the sleep time for PR

    • Updated the sleep time for PR. [Paul Tikken Laptop]

    • Delete dependabot.yml. [PT]

    • Merge pull request #525 from RoccovanAsselt/set-index-on-populating. [PT]

      new pr: create index on populating cpe and cve

    • Rebase. [RoccovanAsselt]

    • Merge. [RoccovanAsselt]

    • Added functionaly to create index on specific collection and call it on populating cpe and cves. [RoccovanAsselt]

    • Added functionaly to create index on specific collection and call it on populating cpe and cves. [RoccovanAsselt]

    • Merge pull request #519 from P-T-I/travis_test. [PT]

      gevent support checking

    • Setting sleep value higher to allow docker to fully load. [Paul Tikken Laptop]

    • Merge branch 'up_master' into travis_test. [Paul Tikken Laptop]

    • Added logline. [Paul Tikken Laptop]

    • Gevent support checking. [Paul Tikken Laptop]

    • Create dependabot.yml. [PT]

    • Setting up sphinx docs. [Paul Tikken Laptop]

    • Merge branch 'master' into new_docs. [Paul Tikken Laptop]

    • Bump. [Paul Tikken Laptop]

    • Merge pull request #521 from FafnerKeyZee/patch-1. [PT]

      Starting flask without SSL

    • Starting flask without SSL. [Fafner [KeyZee]]

      Starting flask without SSL

    • Merge pull request #508 from P-T-I/cve-search-399. [Alexandre Dulaunoy]

      Cve search 399

    • Fix #513; added two exception handlers; one for the absence of the last_modified header and one for general download failure which will solve issue 513. [Paul Tikken Laptop]

    • Minor. [Paul Tikken Laptop]

    • Added limit and skip integer checking and exception handling. [Paul Tikken Laptop]

    • Fix for search field. [Paul Tikken Laptop]

    • Added comment. [Paul Tikken Laptop]

    • Removed added additional fields from cve display. [Paul Tikken Laptop]

    • Moved vendor table to DataTable with ajax processing. [Paul Tikken Laptop]

    • Removed websockets. [Paul Tikken Laptop]

    • Added htmlescape function. [Paul Tikken Laptop]

    • Fix for not displaying results on api/cvefor. [Paul Tikken Laptop]

    • Minor. [Paul Tikken Laptop]

    • Query optimalization on cvesForCPE query. [Paul Tikken Laptop]

    • Working on new indexes and import fields. [Paul Tikken Laptop]

    • Possible fix for travis failing to build. [Paul Tikken Laptop]

    • Moved user functions to mongodb.py. [Paul Tikken Laptop]

    • Refactor. [Paul Tikken Laptop]

    • Version bump. [Paul Tikken Laptop]

    • Removed allow_disk_use to query_docs queries. [Paul Tikken Laptop]

    • Added allow_disk_use to query_docs queries. [Paul Tikken Laptop]

    • Disabled loggers. [Paul Tikken Laptop]

    • Fix for python path. [Paul Tikken Laptop]

    • Fix for python path. [Paul Tikken Laptop]

    • Fix for python path. [Paul Tikken Laptop]

    • Merge up_master. [Paul Tikken Laptop]

    • Bump. [Paul Tikken Laptop]

    • Cleanup. [Paul Tikken Laptop]

    • Cleanup & black formatting. [Paul Tikken Laptop]

    • Version bump. [Paul Tikken Laptop]

    • Working on websockets. [Paul Tikken Laptop]

    • Moved to gevent as webserver. [Paul Tikken Laptop]

    • Defined limit and skip as integers. [Paul Tikken Laptop]

    • Version bump. [Paul Tikken Laptop]

    • Moved old files to old folder. [Paul Tikken Laptop]

    • Finished porting admin api to new api. [Paul Tikken Laptop]

    • Finished porting admin api to new api. [Paul Tikken Laptop]

    • Version bump. [Paul Tikken Laptop]

    • Working on admin api. [Paul Tikken Laptop]

    • Working on admin part. [Paul Tikken Laptop]

    • Version bump. [Paul Tikken Laptop]

    • Status adjustments. [Paul Tikken Laptop]

    • Working on admin api. [Paul Tikken Laptop]

    • Reformatted admin, login with local database fixed; working on white and black list handling. [Paul Tikken Laptop]

    • Minor. [Paul Tikken Laptop]

    • Password check fix. [Paul Tikken Laptop]

    • Added sweetalert2.min.js. [Paul Tikken Laptop]

    • Added sweetalert2.min.js. [Paul Tikken Laptop]

    • Bump. [Paul Tikken Laptop]

    • Merge branch 'up_master' into cve-search-399. [Paul Tikken Laptop]

    • Bump. [Paul Tikken Laptop]

    • Minimal setting ignoring admin blueprint. [Paul Tikken Laptop]

    • Login forms formatting. [Paul Tikken Laptop]

    • Version bump. [Paul Tikken Laptop]

    • Minor. [Paul Tikken Laptop]

    • Working on login. [Paul Tikken Laptop]

    • Altered hashing mechanism's. [Paul Tikken Laptop]

    • Renamed master-page to master-page.html. [Paul Tikken Laptop]

    • Added requirements. [Paul Tikken Laptop]

    • Removed clipboard. [Paul Tikken Laptop]

    • Added socket.io scripts. [Paul Tikken Laptop]

    • Version bump. [Paul Tikken Laptop]

    • Reformatting. [Paul Tikken Laptop]

    • Added separate breadcrumbs.html subpage to ease breadcrumbs import into templates. [Paul Tikken Laptop]

    • Alterations made to facilitate port to bootstrap 4. [Paul Tikken Laptop]

    • Reformatted to bootstrap 4. [Paul Tikken Laptop]

    • Working on website restructure. [Paul Tikken Laptop]

    • Typo. [Paul Tikken Laptop]

    • Added api docs link to default menubar. [Paul Tikken Laptop]

    • Req update. [Paul Tikken Laptop]

    • Merge branch 'up_master' into cve-search-399. [Paul Tikken Laptop]

    • Refactor. [Paul Tikken Laptop]

    • Version bump. [Paul Tikken Laptop]

    • Formatted admin page and index page. [Paul Tikken Laptop]

    • Setup logging. [Paul Tikken Laptop]

    • Setup datatables and filtering. [Paul Tikken Laptop]

    • Setup datatables and filtering. [Paul Tikken Laptop]

    • Setup datatables and filtering. [Paul Tikken Laptop]

    • Restructured logging. [Paul Tikken Laptop]

    • Restructured logging. [Paul Tikken Laptop]

    • Restructured logging. [Paul Tikken Laptop]

    • Updated requirements.txt. [Paul Tikken Laptop]

    • Refactor. [Paul Tikken Laptop]

    • Alterations for datatables server side processing. [Paul Tikken Laptop]

    • Added formatting and javascript code. [Paul Tikken Laptop]

    • Version bump. [Paul Tikken Laptop]

    • Rewritten POST query endpoint to make use of the database plugin method instead of a fixed connection to mongodb. [Paul Tikken Laptop]

    • Renamed mongo to database to make it more backend agnostic. [Paul Tikken Laptop]

    • Updated requirements.txt. [Paul Tikken Laptop]

    • Black formatting. [Paul Tikken Laptop]

    • Basic API functionality done. [Paul Tikken Laptop]

    • Working on api. [Paul Tikken Laptop]

    • Moved to old [Paul Tikken Laptop]

    • Working on restructure API. [Paul Tikken Laptop]

    • Working on API. [Paul Tikken Laptop]

    • Working on converting api into a flask-restx documented api. [Paul Tikken Laptop]

    • Updated requirements.txt to latest versions and refactor after changes. [Paul Tikken Laptop]

    • Added cve logo to all versions of web gui. [Paul Tikken Laptop]

    • Restructure of webgui. [Paul Tikken Laptop]

    • New jquery, bootstrap and font-awesome. [Paul Tikken Laptop]

    • Black formatting and swithed to central logging. [Paul Tikken Laptop]

    • Black formatting and swithed to central logging. [Paul Tikken Laptop]

    • Unignored plugin folder in web. [Paul Tikken Laptop]

    • Remodelling web interface to facilitate new api. [Paul Tikken Laptop]

    • Rebase. [Paul Tikken Laptop]

    • Initial setup for a post query endpoint via json body. [Paul Tikken Laptop]

    • Moved update scripts to separate log file handler. [Paul Tikken Laptop]

    • Working on sphinx docs. [Paul Tikken Laptop]

    • Setting up sphinx docs. [Paul Tikken Laptop]

    • Setting up sphinx docs. [Paul Tikken Laptop]

    • Setting up shinx docs. [Paul Tikken Laptop]

    • Setting up shinx docs. [Paul Tikken Laptop]

    • Merge pull request #503 from RoccovanAsselt/getCWEstype. [PT]

      bug - "/api/cwe/int:cwe_id" always returns null

    • Different solution to fix bug. [RoccovanAsselt]

    • Bug fix getCWEs function. [RoccovanAsselt]

    • Merge pull request #502 from hack3r-0m/master. [PT]

      fix #494

    • Update requirements.txt. [hack3r-0m]

      updated PyMongo to 3.11.0 to use allow_disk_use

    • Fixing #494. [hack3r-0m]

      • added allow_disk_use for mongoDB > 4.4
      • changed -1 to pymongo.DESCENDING wherever required
    • Merge pull request #1 from cve-search/master. [hack3r-0m]

      making it up to date

    • Fixed typo when comparing passwords. [PT]

    • Merge pull request #497 from RoccovanAsselt/ConfigBugFix. [Alexandre Dulaunoy]

      Config bug

    • Added reloadConfiguration() function to make sure all configs are reloaded. [RoccovanAsselt]

    • Merge pull request #495 from P-T-I/cve-search-390. [Alexandre Dulaunoy]

      fixes cve-search-390

    • Debugged after failing unit tests. [Paul Tikken Laptop]

    • Fixes cve-search-390. [Paul Tikken Laptop]

    • Merge pull request #493 from P-T-I/cve-search-492. [Alexandre Dulaunoy]

      Fix #cve-search-492; api regex searches

    • Fix #cve-search-492; CVE mathching not returning the correct amount of results. [Paul Tikken Laptop]

    • Merge pull request #491 from P-T-I/unit_tests. [Alexandre Dulaunoy]

      Unit tests

    • Merge master. [Paul Tikken Laptop]

    • Merge pull request #490 from P-T-I/cleanup. [Alexandre Dulaunoy]

      General Cleanup and black formatting

    • Local coverage and test report. [Paul Tikken Laptop]

    • Minor. [Paul Tikken Laptop]

    • Excluded bot's and fulltext from unit_tests. [Paul Tikken Laptop]

    • Reformat and moved cve class from 'last' to CveHandler. [Paul Tikken Laptop]

    • Black formatting. [Paul Tikken Laptop]

    • Black formatting. [Paul Tikken Laptop]

    • Black formatting. [Paul Tikken Laptop]

    • Optimized imports. [Paul Tikken Laptop]

    • Black formatting and removed timing attack on password comparison. [Paul Tikken Laptop]

    • Deleted unused code. [Paul Tikken Laptop]

    • Switched to tqdm instead of custom progressbar. [Paul Tikken Laptop]

    • Merge pull request #489 from P-T-I/cve-search-393. [Alexandre Dulaunoy]

      fix for #cve-search-393; added limit for the cve_for api endpoint

    • Fix for #cve-search-393; added limit for the cve_for api endpoint. [Paul Tikken Laptop]

    • Fix for #cve-search-393; added limit for the cve_for api endpoint. [Paul Tikken Laptop]

    • Added unit_tests. [Paul Tikken Laptop]

    • Local coverage and test report. [Paul Tikken Laptop]

    • Merge branch 'up_master' into unit_tests. [Paul Tikken Laptop]

    • Merge pull request #488 from P-T-I/cve-search-487. [Alexandre Dulaunoy]

      Cve search 487

    • Adjusted methods for capec and cwe retrieval. [Paul Tikken Laptop]

    • Fix #cve-search-487; api endpoint returned the wrong values. Added additional endpoints to request a single capec. [Paul Tikken Laptop]

    • Api documentation update. [Paul Tikken Laptop]

    • Merge branch 'master' into unit_tests. [Paul Tikken Laptop]

    • Merge pull request #486 from P-T-I/readme_update. [Alexandre Dulaunoy]

      update readme

    • Update readme. [Paul Tikken Laptop]

    • Merge branch 'master' into unit_tests. [Paul Tikken Laptop]

    • Merge pull request #485 from P-T-I/travis_test. [Alexandre Dulaunoy]

      possible fix for travis failing on master commit

    • Possible fix for travis failing on master commit. [Paul Tikken Laptop]

    • Possible fix for travis failing on master commit. [Paul Tikken Laptop]

    • Merge pull request #483 from P-T-I/cve-search-462. [Alexandre Dulaunoy]

      Cve search 462

    • Set default cvss score to None instead of 5 when no score is present. [Paul Tikken Laptop]

    • Syntax errors fixed. [Paul Tikken Laptop]

    • Local coverage. [Paul Tikken Laptop]

    • Added .coverage. [Paul Tikken Laptop]

    • Black formatting. [Paul Tikken Laptop]

    • Minor. [Paul Tikken Laptop]

    • Merge pull request #482 from P-T-I/capec_cwe. [Alexandre Dulaunoy]

      Capec cwe

    • Added website entries to capec site for newly parsed entries in capec collection. [Paul Tikken Laptop]

    • [CAPEC] removed unused code; filtered out DEPRECATED entries added additional parsing for mitre attack and execution flow. [Paul Tikken Laptop]

    • [CWE] removed unused code; filtered out DEPRECATED entries and reparsed relationships for categories and weaknesses. [Paul Tikken Laptop]

    • Changed sources to latest versions. [Paul Tikken Laptop]

    Source code(tar.gz)
    Source code(zip)
  • v3.0(Oct 1, 2020)

    cve-search v3.0 (2020-10-01) released with a rewritten import process, unit tests and many bugs fixed.

    Changes

    • [travis] fix to use JSON NVD source + removed unsupported Python version. [Alexandre Dulaunoy]

    • Merge pull request #451 from P-T-I/import_impr. [Alexandre Dulaunoy]

      Initial import restructure

    • Final fix for missing field. [Paul Tikken Laptop]

    • Fix for missing last-modified field in cve documents. [Paul Tikken Laptop]

    • Fix for missing last-modified field in cve documents. [Paul Tikken Laptop]

    • Minor adjustment travis.yml. [Paul Tikken Laptop]

    • Merge from master. [Paul Tikken Laptop]

    • Merge pull request #478 from P-T-I/unit_tests. [Alexandre Dulaunoy]

      Unit tests

    • Added specific parser to BeautifulSoup. [Paul Tikken Laptop]

    • Added build arguments to travis file. [Paul Tikken Laptop]

    • Final travis file. [Paul Tikken Laptop]

    • Working on tests. [Paul Tikken Laptop]

    • Working on tests. [Paul Tikken Laptop]

    • Working on tests. [Paul Tikken Laptop]

    • Working on tests. [Paul Tikken Laptop]

    • Added BeautifulSoup to requirements. [Paul Tikken Laptop]

    • Working on unit tests. [Paul Tikken Laptop]

    • Working on unit tests. [Paul Tikken Laptop]

    • Added dict to xml requirement. [Paul Tikken Laptop]

    • Fix search.py not returning xml. [Paul Tikken Laptop]

    • Testing_travis. [Paul Tikken Laptop]

    • Testing_travis. [Paul Tikken Laptop]

    • Testing_travis. [Paul Tikken Laptop]

    • Testing_travis. [Paul Tikken Laptop]

    • Testing_travis. [Paul Tikken Laptop]

    • Testing_travis. [Paul Tikken Laptop]

    • Testing_travis. [Paul Tikken Laptop]

    • Testing with travis. [Paul Tikken Laptop]

    • Testing travis file. [Paul Tikken Laptop]

    • Testing travis file. [Paul Tikken Laptop]

    • Testing travis file. [Paul Tikken Laptop]

    • Fixed -p switch travis file. [Paul Tikken Laptop]

    • Change to unit_tests. [Paul Tikken Laptop]

    • Change to unit_tests. [Paul Tikken Laptop]

    • Change to unit_tests. [Paul Tikken Laptop]

    • Change in unit_tests. [Paul Tikken Laptop]

    • Change in unit_tests. [Paul Tikken Laptop]

    • Change in unit_tests. [Paul Tikken Laptop]

    • Requirements.txt fix. [Paul Tikken Laptop]

    • Altered travis for pytest support. [Paul Tikken Laptop]

    • Setup unit testing scripts. [Paul Tikken Laptop]

    • Init files added when needed for unit_tests. [Paul Tikken Laptop]

    • Black formatting. [Paul Tikken Laptop]

    • Added nltk to requirements.txt as it was not covered. [Paul Tikken Laptop]

    • Black formatting. [Paul Tikken Laptop]

    • Config files added for testing. [Paul Tikken Laptop]

    • Added pytest requirements. [Paul Tikken Laptop]

    • Removed old testing file. [Paul Tikken Laptop]

    • Black formatting. [Paul Tikken Laptop]

    • Testing with travis. [Paul Tikken Laptop]

    • Merge remote-tracking branch 'origin/master' [Paul Tikken Laptop]

    • Create stale.yml. [PT]

    • Merge branch 'up_master' into import_impr. [Paul Tikken Laptop]

    • Merge pull request #470 from P-T-I/cve-search-469. [Alexandre Dulaunoy]

      cve-search-469; fix for not deplaying results

    • Cve-search-469; fix for not deplaying results. [Paul Tikken Laptop]

    • Merge branch 'up_master' into import_impr. [Paul Tikken Laptop]

    • Merge pull request #468 from P-T-I/regex_options. [Alexandre Dulaunoy]

      fix #464; corrects bad fix from #465

    • Fix #464; corrects bad fix from #465. [Paul Tikken Laptop]

    • Merging. [Paul Tikken Laptop]

    • Merge pull request #465 from P-T-I/regex_fail. [Alexandre Dulaunoy]

      Regex fail

    • Alter .gitignore. [Paul Tikken]

    • Fixes #464; double options (IGNORE_CASE) declaration for a regex search. [Paul Tikken]

    • Altered .gitignore. [Paul Tikken]

    • Fixed syntax warnings. [Paul Tikken Laptop]

    • Added jsonpickle requirement. [Paul Tikken Laptop]

    • Added auto creation of log dir. [Paul Tikken Laptop]

    • Troubleshooting build error on feedformatter version. [Paul Tikken Laptop]

    • Merge branch 'master' into import_impr. [Paul Tikken Laptop]

    • Merge pull request #459 from P-T-I/docker_version. [Alexandre Dulaunoy]

      fix #205; official dockerized version of CVE-Search added

    • Fix #205; official dockerized version of CVE-Search added. [Paul Tikken Laptop]

    • Merge pull request #460 from P-T-I/cve_search_#395. [Alexandre Dulaunoy]

      fix #395; Fixed warning message Mongoclient create pre-fork

    • Fix #395; Fixed warning message Mongoclient create pre-fork. [Paul Tikken Laptop]

    • Added variable interval counter for debug logging. [Paul Tikken Laptop]

    • Corrected update error. [Paul Tikken Laptop]

    • Rebase. [Paul Tikken Laptop]

    • Merge pull request #456 from P-T-I/syntax_warnings. [Alexandre Dulaunoy]

      Fixed Tornado's syntax warnings

    • Fixed Tornado's syntax warnings. [Paul Tikken Laptop]

    • Merge pull request #454 from P-T-I/cve_search-449. [Alexandre Dulaunoy]

      fix #449; Added stricter regex for matching CVE on CPE

    • Fix #449; added stricter cpe regex when matching CVEs on CPEs. [Paul Tikken Laptop]

    • Refactor. [Paul Tikken Laptop]

    • Refactor. [Paul Tikken Laptop]

    • Refactor. [Paul Tikken Laptop]

    • Merge branch 'master' into cve_search-449. [Paul Tikken Laptop]

    • Merge pull request #453 from P-T-I/doc_update. [Alexandre Dulaunoy]

      fix #452; Documentation update

    • Fix #452; Documentation update to bring the docs in line with the readme.md in the root. [Paul Tikken Laptop]

    • Cleanup. [Paul Tikken Laptop]

    • Black formatting. [Paul Tikken Laptop]

    • Missing sys import and black formatting. [Paul Tikken Laptop]

    • Moved DatabaseIndexer to separate class in Sources_process.py. [Paul Tikken Laptop]

    • Moved DatabaseIndexer to separate class in Sources_process.py. [Paul Tikken Laptop]

    • Added additional log entries. [Paul Tikken Laptop]

    • Changed logger name. [Paul Tikken Laptop]

    • Added description to tqdm progressbar from CPERedisBrowser class. [Paul Tikken Laptop]

    • Unified logging with updater and black formatting. [Paul Tikken Laptop]

    • Import refactor and minor edit. [Paul Tikken Laptop]

    • Set JSON file progress debug logging to every 5000 items. [Paul Tikken Laptop]

    • Moved logic to process class. [Paul Tikken Laptop]

    • Added CPERedisBrowser class. [Paul Tikken Laptop]

    • Added logging and tqdm progressbar. [Paul Tikken Laptop]

    • Added logging. [Paul Tikken Laptop]

    • Fixed misspelled method (getCVEID instead of getCVEIDs) and black formatting. [Paul Tikken Laptop]

    • Added debug counter from processing items from file every 1000 items. [Paul Tikken Laptop]

    • Added debug counter from processing items from file. [Paul Tikken Laptop]

    • Refactor and unified logging with process classes. [Paul Tikken Laptop]

    • Refactor and unified logging with process classes. [Paul Tikken Laptop]

    • Modified update doc versus insert doc. [Paul Tikken Laptop]

    • Moved process classes to separate file. [Paul Tikken Laptop]

    • Refactor. [Paul Tikken Laptop]

    • Separate file for source process classes. [Paul Tikken Laptop]

    • Separate file for xml Content Handlers. [Paul Tikken Laptop]

    • Methods refactor. [Paul Tikken Laptop]

    • Added process methods to class instead. [Paul Tikken Laptop]

    • Changed process_item method. [Paul Tikken Laptop]

    • Added process_item to DownloadHandler class. [Paul Tikken Laptop]

    • Added method to retrieve the entire redis list. [Paul Tikken Laptop]

    • Added process_item to XMLFileHandler class. [Paul Tikken Laptop]

    • Added db (9) for redis queue. [Paul Tikken Laptop]

    • Added RedisQueue. [Paul Tikken Laptop]

    • Moved download_site method to DownloadHandler.py. [Paul Tikken Laptop]

    • Added redis queue as a replacement of multiprocessing queue. [Paul Tikken Laptop]

    • Added database action class. [Paul Tikken Laptop]

    • Refactor. [Paul Tikken Laptop]

    • Added additional logging. [Paul Tikken Laptop]

    • Minor changes. [Paul Tikken Laptop]

    • Reset insert to original. [Paul Tikken Laptop]

    • Added different handlers. [Paul Tikken Laptop]

    • Added different handlers. [Paul Tikken Laptop]

    • Added different handlers. [Paul Tikken Laptop]

    • Minor. [Paul Tikken Laptop]

    • Minor. [Paul Tikken Laptop]

    • Set debug print to every 10 cycles. [Paul Tikken Laptop]

    • Added venv and .idea folders to ignore. [Paul Tikken Laptop]

    • Set exit code on errors to 1. [Paul Tikken Laptop]

    • Added VIADownloads class for update optimalization. [Paul Tikken Laptop]

    • Moved updates of info collection to DownloadHandler. [Paul Tikken Laptop]

    • Added requirements ijson and tqdm. [Paul Tikken Laptop]

    • Added logging and file extension specific classes. [Paul Tikken Laptop]

    • Added tqdm and ijson requirements. [Paul Tikken Laptop]

    • Added queues and multiprocessing. [Paul Tikken Laptop]

    • Added further multiprocessing. [Paul Tikken Laptop]

    • Added speed improvements for initial import. [Paul Tikken Laptop]

    • Black formatting. [Paul Tikken Laptop]

    • Black formatting. [Paul Tikken Laptop]

    • Speed improvements for initial import of data. [Paul Tikken Laptop]

    • Merge pull request #450 from P-T-I/web_impr. [Alexandre Dulaunoy]

      minor admin page gui adjustments

    • Minor admin page gui adjustments. [Paul Tikken Laptop]

    • Merge pull request #448 from P-T-I/query_opt. [Alexandre Dulaunoy]

      small http query optimalization and black formatting

    • Small http query optimalization and black formatting. [Paul Tikken Laptop]

    Source code(tar.gz)
    Source code(zip)
  • v2.9(Jul 29, 2020)

    v2.9 (2020-07-29)

    Changes

    • [doc] reference to the ChangeLog updated. [Alexandre Dulaunoy]

    Other

    • Merge pull request #436 from noraj/patch-2. [Alexandre Dulaunoy]

      add docker ref

    • Update README.md. [Alexandre Dulaunoy]

      Make it more markdown friendly.

    • Add docker ref. [Alexandre ZANNI]

    • Merge pull request #442 from P-T-I/fix_cpe_other. [Alexandre Dulaunoy]

      fix #441

    • Fix #441. [Paul Tikken Laptop]

    • Merge pull request #444 from P-T-I/capec. [Alexandre Dulaunoy]

      fix #443 and #402 and #414

    • Fix #443. [Paul Tikken Laptop]

    • Merge pull request #445 from P-T-I/version_bumps. [Alexandre Dulaunoy]

      version bump of cwe and capec

    • Version bump of cwe. [Paul Tikken Laptop]

    • Merge pull request #438 from AndreC10002/patch-2. [Alexandre Dulaunoy]

      Redis password parameter

    • Redis password parameter. [AndreC10002]

      Redis password parameter

    Source code(tar.gz)
    Source code(zip)
  • v2.8(Jun 3, 2020)

    v2.8 (2020-06-03)

    Changes

    - [source] default to nvd cve 1.1. [Alexandre Dulaunoy]                           
    - [cve source] now officially use nvd 1.1 version. [Alexandre Dulaunoy]           
    - [config] download CVE JSON feed in version 1.1. [Alexandre Dulaunoy]            
    - [DatabaseLayer] access field missing added - Fix #404. [Alexandre               
      Dulaunoy]                                                                       
    - [DatabaseLayer] add missing impact field in the update. [Alexandre              
      Dulaunoy]                                                                       
                                                                                      
      Thanks to the good report in issue #403.                                        
                                                                                      
    Other                                                                             
    ~~~~~                                                                             
    - Merge pull request #429 from tydeu/master. [Alexandre Dulaunoy]                 
                                                                                      
      Drop the `cves` (not the `cve`) collection when repopulating                    
    - Drop  the `cves` (not the `cve`) collection. [Mac Malone]                       
    - Merge branch 'master' of github.com:cve-search/cve-search. [Alexandre           
      Dulaunoy]                                                                       
    - Merge pull request #423 from eaydin/master. [Alexandre Dulaunoy]                
                                                                                      
      Resolve issue #375                                                              
    - Resolve issue #375. [eaydin]                                                    
    - Update README.md. [Pidgey]                                                      
    - Merge pull request #415 from guiguitodelperuu/fix-capec-v3.2.                   
      [Alexandre Dulaunoy]                                                            
                                                                                      
      Add support for the latest CAPEC XML file version (3.2).                        
    - Add support for the lastest CAPEC XML file version (3.2). Issue #414.           
      [Guillaume Petit]                                                               
    - Merge pull request #412 from Schuilnaam/master. [Alexandre Dulaunoy]            
                                                                                      
      notification bug fix                                                            
    - Revert "Update .travis.yml" [rocco]                                             
                                                                                      
      This reverts commit ea3059c7344f76748d42ccd1747b085d736cdfcf.                   
    - Update .travis.yml. [Rocc00]                                                    
                                                                                      
      python 3.3 is not available                                                     
    - Notification bug fix. [rocco]                                                   
    - Merge pull request #409 from jgilman99/jgilman99-patch-1. [Alexandre               
      Dulaunoy]                                                                          
                                                                                         
      Typo - `access` spelled `acccess`                                                  
    - Typo - `access` spelled `acccess` [John]                                           
                                                                                         
    
    Source code(tar.gz)
    Source code(zip)
  • v2.7(Jan 12, 2020)

    Changes

    • [cpe/bulkUpdate] use format instead of concat. [Alexandre Dulaunoy]
    • [db] all regex queries are now case insensitive. [Alexandre Dulaunoy]

    Other

    • Merge pull request #401 from Agh42/feature/improve-bulk-updates. [Alexandre Dulaunoy]

      Speed up bulk update (i.e. CPE update) operations.

    • Speed up bulk update operations. [Agh42]

    Source code(tar.gz)
    Source code(zip)
  • v2.6(Jan 12, 2020)

    cve-search v2.6 (2019-11-08) released

    Changes

    • [web] template vulnerable_product and assigner is a default field. [Alexandre Dulaunoy]
    • [sources] revert back CAPEC XML source (parser is broken with recent version) [Alexandre Dulaunoy]
    • [db_mgmt_json] use of format. [Alexandre Dulaunoy]

    Fix

    • [db_mgmt_json] if cpe_name is missing from original CPE then use default cpe23 URI. [Alexandre Dulaunoy]
    • [minimal] link result is now using the proper cve result key. [Alexandre Dulaunoy]

    Other

    • Merge pull request #391 from kairis/master. [Alexandre Dulaunoy]

      CPE and CVE fixes

    • Drop CPE and CVE databases if force populating. [Sami Kairajarvi]

      This is done in db_updater, but if someone calls either CPE or CVE updaters directly with "-pa", it will duplicate the data

    • Change order of updating CVE and CPE. [Sami Kairajarvi]

      CPE needs to be updated first, as CVE uses CPE data

    • Add fields to CVE only if they don't exist already. [Sami Kairajarvi]

    • Fix CPE matching for vulnerable children. [Sami Kairajarvi]

    • Add warning to product search. [Sami Kairajarvi]

    • Remove non_vulnerable_configuration. [Sami Kairajarvi]

    • Add all vulnerable products to vulnerable_products, not only applications. [Sami Kairajarvi]

    • Merge pull request #386 from kairis/master. [Alexandre Dulaunoy]

      Append all items of CVE description field into summary

    • Append all items of CVE description field into summary. [Sami Kairajarvi]

    Source code(tar.gz)
    Source code(zip)
  • v2.5(Oct 29, 2019)

    cve-search v2.5 has been released including bugs fixed and improvement in the CPE/CWE JSON import.

    cve-search is on Twitter. We will publish software updates, projects and activities of cve-search project on our account. Don't hesitate to follow us.

    Thanks a lot to all contributors who helped us by reporting issues, proposing pull-request or supporting us.

    Don't hesitate to review the cve-search Changelog to have a detailed overview of what changes in 2.5.

    Source code(tar.gz)
    Source code(zip)
  • v2.4(Oct 6, 2019)

    cve-search v2.4 has been released including many bugs fixed and improvements to the web interface pagination.

    A huge thank to Ján Doboš for the updates in the web interface pagination. This update was performed during the CyberExchange program where staff exchange within the CSIRTs/CERTs (for this contribution between CIRCL and SK-CERT. This program is funded by the EC under the CEF program (2017-EU-IA-0118).

    cve-search is now on Twitter. We will publish software updates, projects and activities of cve-search project on our account. Don't hesitate to follow us.

    Thanks a lot to all contributors who helped us by reporting issues, proposing pull-request or supporting us.

    Don't hesitate to review the cve-search Changelog to have a detailed overview of what changes in 2.4.

    Source code(tar.gz)
    Source code(zip)
  • v2.3(Sep 18, 2019)

    cve-search v2.3 has been released including many bugs fixed and a new support to the NVD/NIST format in JSON. The new NVD/NIST JSON replaces the XML format which will be deprecated very soon. We welcome feedback or contribution to improve the support of the new JSON format. The current support includes all the original functionality from the original XML format with some improvements.

    Thanks a lot to all contributions who helped us by reporting issues, proposing pull-request or supporting us.

    Don't hesitate to review the cve-search Changelog to have a detailed overview of what changes in 2.3.

    Source code(tar.gz)
    Source code(zip)
  • v2.1(Jun 14, 2016)

  • V1.0(Oct 20, 2015)

Owner
cve-search
Tools to perform local searches for known vulnerabilities
cve-search
Google Drive file searcher

Google Drive file searcher

Hafitz Setya 25 Dec 09, 2022
A fast, efficiency python package for searching and getting search results with many different search engines

search A fast, efficiency python package for searching and getting search results with many different search engines. Installation To install the pack

Neurs 0 Oct 06, 2022
txtai executes machine-learning workflows to transform data and build AI-powered semantic search applications.

txtai executes machine-learning workflows to transform data and build AI-powered semantic search applications.

NeuML 3.1k Dec 31, 2022
PwnWiki 数据库搜索命令行工具;该工具有点像 searchsploit 命令,只是搜索的不是 Exploit Database 而是 PwnWiki 条目

PWSearch PwnWiki 数据库搜索命令行工具。该工具有点像 searchsploit 命令,只是搜索的不是 Exploit Database 而是 PwnWiki 条目。

K4YT3X 72 Dec 20, 2022
A Python web searcher library with different search engines

Robert A simple Python web searcher library with different search engines. Install pip install roberthelper Usage from robert import GoogleSearcher

1 Dec 23, 2021
Eland is a Python Elasticsearch client for exploring and analyzing data in Elasticsearch with a familiar Pandas-compatible API.

Python Client and Toolkit for DataFrames, Big Data, Machine Learning and ETL in Elasticsearch

elastic 463 Dec 30, 2022
This is a Telegram Bot written in Python for searching data on Google Drive.

This is a Telegram Bot written in Python for searching data on Google Drive. Supports multiple Shared Drives (TDs). Manual Guide for deploying the bot

Levi 158 Dec 27, 2022
A simple tool for searching images inside a local folder with text/image input using CLIP

clip-search (WIP) A simple tool for searching images inside a local folder with text/image input using CLIP 10 results for "a blonde woman" in a folde

5 Dec 25, 2022
ForFinder is a search tool for folder and files

ForFinder is a search tool for folder and files. You can use that when you Source Code Analysis at your project's local files or other projects that you are download. Enter a root path and keyword to

Çağrı Aliş 7 Oct 25, 2022
Super Simple Similarities Service

Super Simple Similarities Service

vincent d warmerdam 95 Dec 25, 2022
Reverse-ikea-image-search - A simple image of ikea search using jina.ai

IKEA Reverse Image Search This is a demo project to fetch ikea product images(IK

SOUVIK GHOSH 4 Mar 08, 2022
Jina allows you to build deep learning-powered search-as-a-service in just minutes

Cloud-native neural search framework for any kind of data

Jina AI 17k Dec 31, 2022
Wagtail CLIP allows you to search your Wagtail images using natural language queries.

Wagtail CLIP allows you to search your Wagtail images using natural language queries.

Matt Segal 10 Dec 21, 2022
A search engine to query social media insights with political theme

social-insights Social insights is an open source big data project that generates insights about various interesting topics happening every day. Curre

UMass GDSC 10 Feb 28, 2022
ElasticSearch ODM (Object Document Mapper) for Python - pip install esengine

esengine - The Elasticsearch Object Document Mapper esengine is an ODM (Object Document Mapper) it maps Python classes in to Elasticsearch index/doc_t

SEEK International AI 109 Nov 22, 2022
GitScanner is a script to make it easy to search for Exposed Git through an advanced Google search.

GitScanner Legal disclaimer Usage of GitScanner for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to

Kaio Gomes 3 Oct 28, 2022
A library for fast import of Windows NT Registry(REGF) into Elasticsearch.

A library for fast import of Windows NT Registry(REGF) into Elasticsearch.

S.Nakano 3 Apr 01, 2022
A sentence search engine that fetches examples from trusted news/media organisations. Great for writing better English.

A sentence search engine that fetches examples from trusted news/media websites. Great for improving writing & speaking better English.

Stephen Appiah 1 Apr 04, 2022
Google Search Engine Results Pages (SERP) in locally, no API key, no signup required

Local SERP Google Search Engine Results Pages (SERP) in locally, no API key, no signup required Make sure the chromedriver and required package are in

theblackcat102 4 Jun 29, 2021
Python script for finding duplicate images within a folder.

Python script for finding duplicate images within a folder.

194 Dec 31, 2022