Cve Search

cve-search is a vulnerability search engine and database manager designed to index, synchronize, and query CVE and CPE security vulnerability data. It functions as a security data warehouse that imports vulnerability feeds into a local database to enable fast, keyword-based discovery of security flaws.

The project provides a web-based vulnerability browser and a programmatic JSON API for retrieving records and risk scores. It utilizes full-text indexing for vulnerability descriptions and implements an identity-verified security portal using the OpenID Connect standard for user authentication.

The system includes capabilities for incremental data synchronization, in-memory caching of platform enumeration data, and vulnerability filtering by product, vendor, or date. It also features user account management, TLS traffic encryption, and priority ranking based on criticality.

The application is distributed as a containerized deployment via Docker to ensure consistent installation across different environments.

Features

CVE Database Managers - Provides a comprehensive system for importing, indexing, and synchronizing vulnerability feeds into a local database for fast searching.

Security Vulnerabilities - Provides a searchable engine to filter security records by product or vendor to identify risks and attack vectors.

Data Warehousing - Functions as a security data warehouse by importing and indexing large sets of vulnerability information.

Full-Text Search Indexes - Utilizes full-text indexing of vulnerability descriptions to enable efficient keyword-based discovery of security flaws.

Incremental Data Synchronization - Implements incremental synchronization to update the local data store using only changed records from security feeds.

Local Indexes - Maintains local copies of vulnerability records and search indices to allow fast lookups without external API dependencies.

Vulnerability Detail Retrievals - Enables the retrieval of specific CVE details by ID or product name for security analysis.

CVE Vulnerability Search Engines - Implements a searchable database for indexing and querying CVE and CPE security vulnerability data via a web interface and API.

Vulnerability Database Management - Synchronizes and maintains local copies of CVE and CPE security metadata from external feeds.

Vulnerability Data Query Engines - Provides a query engine to identify specific vulnerabilities using product names or unique identifiers.

Vulnerability Browsers - Ships with a graphical web interface for visually exploring recent security entries and detailed vulnerability information.

Vulnerability Database APIs - Provides a programmatic JSON API for retrieving vulnerability records and risk scores for external security platforms.

Vulnerability Data Synchronization - Loads and synchronizes security vulnerability records from remote sources into a local searchable database.

JSON API Servers - Exposes internal vulnerability records through a structured JSON API for integration with external security scanners.

Vulnerability Attribute Filters - Allows filtering of security records by product, vendor, or date to retrieve specific risk scores and attack vectors.

Docker-Based Deployment Tools - Ships as a Docker-based deployment to ensure consistent installation across different environments.

Vulnerability Detail Retrievals - Implements a JSON interface for retrieving detailed records of specific CVEs by their unique identifiers.

OIDC Authentication Plugins - Provides a mechanism to verify user identities via integration with OpenID Connect identity providers.

OIDC Identity Integrations - Delegates user authentication to external identity providers using the OpenID Connect standard.

User Account Management - Provides user account management to control interface access and administrative roles.

cve-searchcve-search

Features

Star history