Published on February 5th, 2014 | by NJ Ouchn0
vFeed Open Source Aggregated Vulnerability Database v0.4.7 released (support of HP Hotfixes, BID SecurityFocus & New Update method)
vFeed framework is an open source naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML schema.
It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other security references and standards
- Built using open source technologies
- Fully downloadable SQLite local vulnerability database
- Structured new XML format to describe vulnerabilities
- Based on major open standards CVE, CPE, CWE, CVSS..
- Support correlation with 3rd party security references (CVSS, OSVDB, OVAL…)
- Extended to support correlation with security assessment and patch vendors (Nessus, Exploit-DB, Redhat, Microsoft..)
- Simple & ready to use Python module with more than 15 methods
- Refactored the vfeed_update.py script as a separate class vFeedUpdate (vfeedupdate.py). The method update() could be invoked to update the vulnerability database vFeed.db.
- Added the support to HP (Hewlett-Packard) patch ids
- Added the support to BID – SecurityFocus ids
- Updated the Ubuntu, Redhat, CERT-VN mappers. Many new IDs have been added to vFeed.db
- To reflect the newest cross references, the following methods have been added:
- vfeed.db the sqlite opensource cross linked vulnerability database fully regenerated to support the new changes
- Documentation updated accordingly
[stats] 4 HP id(s)
[stats] 1 BID id(s)
[progress 100 %] receiving 49 out of 49 Bytes of update.dat
[info] You have the latest vfeed.db vulnerability database
[info] Cleaning compressed database and update file