Giter VIP home page Giter VIP logo

nvdcve's Introduction

NVD/CVE® as JSON files

Important: this repository is now partially redundant with the CVEProject/cvelist project that allows to explore the CVE®/NVD modification history using git as well as submitting new vulnerabilities using GitHub pull requests. However, this repository is still synchronized with the dictionaries to allow to fetch each vulnerability in JSON format.

About

This repository contains JSON files describing vulnerabilities from the NVD and CVE® dictionaries.

It has two main goals:

  • allow to easilly get the description of a vulnerability in the JSON format (schema)
  • allow to explore CVE®/NVD modification history using git

The JSON files in this repository are generated and updated daily using the NVD's JSON feeds and Travis CI.

Data access: JSON files can also be fetched at https://olbat.github.io/nvdcve/CVE-YYYY-NNNN.json.

Licensing

Common Vulnerabilities and Exposures (CVE®)

The CVE® is maintained by the Mitre Corporation.

The usage of this resource -as well as the JSON files in this repository- is restricted and explained in Mitre CVE®'s Terms of use:

CVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive,
no-charge, royalty-free, irrevocable copyright license to reproduce, prepare
derivative works of, publicly display, publicly perform, sublicense, and
distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for
such purposes is authorized provided that you reproduce MITRE's copyright
designation and this license in any such copy.

National Vulnerabilitiy Database (NVD)

The National Vulnerability Database is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP).

It is a superset of the CVE® dictionary augmented with additional analysis, a database, and a fine-grained search engine.

Usage restrictions of this resource are described in the NVD's FAQ:

All NVD data is freely available from our XML Data Feeds. There are no fees,
licensing restrictions, or even a requirement to register. All NIST
publications are available in the public domain according to Title 17 of the
United States Code. Acknowledgment of the NVD  when using our information is
appreciated. In addition, please email [email protected] to let us know how the
information is being used.

nvdcve's People

Contributors

olbat avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.