Comments (7)
from developingdataproducts.
Hey,
I understand that the database behind https://kill3rbee.shinyapps.io/vFeedCve/ is outdated.
But for my local installation, I have downloaded the database only 2-3 days ago.
When using the python wrapper on my local install I can view CVE's from 2017:
ssirt@DT-vFeed:/var/www/html/vFeed$ python vfeedcli.py -m get_cve CVE-2017-6666 [ { "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6666", "summary": "A vulnerability in the forwarding component of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic Engineering (TE) tunnels, resulting in a denial of service (DoS) condition. More Information: CSCvd16665. Known Affected Releases: 6.2.11.BASE. Known Fixed Releases: 6.1.3 6.1.2 6.3.1.8i.BASE 6.2.11.8i.BASE 6.2.2.9i.BASE 6.1.32.11i.BASE 6.1.31.10i.BASE 6.1.4.3i.BASE.", "id": "CVE-2017-6666", "modified": "2017-07-07T21:29:15.053-04:00", "published": "2017-06-13T02:29:00.973-04:00" } ]
But when using vFeedCVE which I have installed, it only can return CVE's from 2016 and below (See attachment). I cannot figure out why this is, as the database clearly contains CVE's from 2017.
from developingdataproducts.
@toolswatch ahhh after looking through the code, I completely understand now. Thanks for the help :)
from developingdataproducts.
@Julznova Thanks for the comments. I have not pushed code to github. I need to download latest information and update my data. I am looking at improving visualization soon.
I also want to add some remediation prioritization using some of form of machine learning. I love @toolwatch. I will update the data on the site in a week. its just pushing new rds file.
from developingdataproducts.
We love you too guys :)
You can add a statement for people wanting to run vFeedCVE locally that they must register and download the vFeed CE version. It is FREE !!!
Thanks again for your great job and I already covered about this app last year (https://vfeed.io/exploratory-analysis-of-vfeed-database-using-shiny-app/)
from developingdataproducts.
@toolswatch..Wow i did not know you had written an article about it. You know what, lets work together so that i can get the shiny app to latest data or I could use the vFeed CE version.
I will work on making the visualization much nicer using Sunburst visualization is if I can use it on this type of data.
Let me know any statement you want me to add and will gladly do so. This is what I will do. I will download vFeed CE and get shiny app to read data directly from it. That way anyone who wants to use Shiny app will have to download your free version.
Will keep you posted
from developingdataproducts.
@Julznova I have updated the visualization for the shiny app. It is not completed yet. I have to write comments for help menu as well as verify that all urls are still validate. Was kinda slow in R, so I wrote a python script that will verify all urls shown in Advisory or Remediation column. ExploitDB column, I generate those and they do work. Under visualization tab, I will add Web vulnerability visualization.
https://kill3rbee.shinyapps.io/vFeedCve/
@toolwatch. I signed up to the community database. The documentation is not clear on how updates are received. I had to google and found out that you do send an email once a month when you release update.
from developingdataproducts.
Related Issues (2)
- How do you build this? HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from developingdataproducts.