Data Feeds of Common Vulnerabilities and Exposures (CVE) with Luxembourgian Ranking

Data Feeds of Common Vulnerabilities and Exposures (CVE) with Luxembourgian Ranking

Back to Services

  1. CIRCL - Common Vulnerabilities and Exposure Database
  2. Luxembourgian Ranking
  3. Who can access the data feed?
  4. Is there a public API to access the CVE dump directly?
  5. Data feed format
  6. Partners already using the common vulnerabilities and exposures data feeds:

You can report incidents via our official contact including e-mail, phone or use the Anonymous reporting form.

Search


CIRCL is accredited TI CIRCL is a FIRST member CIRCL is an OASIS member

CIRCL - Common Vulnerabilities and Exposure Database

CIRCL CVE logo

CIRCL provides a contextual feed containing all software vulnerabilities including visibility ranking in Luxembourg. The data feed originates from the aggregated data-sources of cve.circl.lu including:

Luxembourgian Ranking

The data feed includes a ranking of the likeliness of abuse in Luxembourg, which is based on CIRCL’s incident statistics. The ranking value can vary from unset to 3.

unset
No ranking
1
Vulnerable software used in CIRCL’s constituency
2
Potential or indirect exploitation suspected
3
Successful exploitation has been seen

Such ranking can be used by ICT staff, network, system or security engineer(s) to prioritize system patching or risk assessment of software components.

Who can access the data feed?

Any organization based in Luxembourg that could use the data feeds in order to improve security (for their own benefit or their customers’) can request an access. The data feed is accessible in the JSON format and is updated on a daily basis. An access can be requested by contacting us.

Is there a public API to access the CVE dump directly?

CIRCL CVE services provides a direct access via a Web interface or an API.

Data feed format

The feed is in the JSON format and contain an unique JSON object per CVE reference as seen on cve.circl.lu.

A sample of CVE-2010-3333 output looks like this:

{"Modified": "2011-09-21T23:24:02.867-04:00", "Published":
"2010-11-09T22:00:02.087-05:00", "_id": {"$oid":
"50a0c89fae24ac3f72bc8b4d"}, "cvss": "9.3", "id": "CVE-2010-3333",
"map_cve_bid_bidid": "44652", "map_cve_exploitdb_exploitdbid":
"17474,platforms/windows/local/17474.txt", "map_cve_ms_msid":
"MS10-087", "map_cve_ms_mstitle": "Vulnerabilities in Microsoft Office
Could Allow Remote Code Execution", "map_cve_msf_msf_script_file":
"metasploit-framework/modules/exploits/windows/fileformat/ms10_087_rtf_pfragments_bof.rb",
"map_cve_msf_msf_script_name": "MS10-087 Microsoft Word RTF pFragments
Stack Buffer Overflow (File Format)", "map_cve_msf_msfid":
"ms10_087_rtf_pfragments_bof.rb", "map_cve_mskb_mskbid": "2423930",
"map_cve_mskb_mskbtitle": "Vulnerabilities in Microsoft Office Could
Allow Remote Code Execution", "map_cve_nessus_nessus_script_family":
"Windows : Microsoft Bulletins", "map_cve_nessus_nessus_script_file":
"smb_nt_ms10-087.nasl", "map_cve_nessus_nessus_script_id": "50528",
"map_cve_nessus_nessus_script_name": "MS10-087: Vulnerabilities in
Microsoft Office Could Allow Remote Code Execution (2423930)",
"map_cve_openvas_openvas_script_family": "Windows : Microsoft
Bulletins", "map_cve_openvas_openvas_script_file":
"secpod_ms10-087.nasl", "map_cve_openvas_openvas_script_id": "901166",
"map_cve_openvas_openvas_script_name": "Microsoft Office Remote Code
Execution Vulnerabilites (2423930)", "map_cve_oval_ovalid":
"oval:org.mitre.oval:def:11931", "map_cve_saint_saintexploitid":
"exploit_info/ms_office_rtf_pfragments_property",
"map_cve_saint_saintexploitlink":
"http://www.saintcorporation.com/cgi-bin/exploit_info/ms_office_rtf_pfragments_property",
"map_cve_saint_saintexploittitle": "Microsoft Office RTF pFragments
Property Stack Buffer Overflow",
"map_cve_suricata_suricata_classtype": "attempted-user",
"map_cve_suricata_suricata_id": "sid:2013280",
"map_cve_suricata_suricata_sig": "ET WEB_CLIENT Microsoft Word RTF
pFragments Stack Overflow Attempt", "ranking": [[{"circl": 2}]],
"references": ["http://www.us-cert.gov/cas/techalerts/TA10-313A.html",
"http://www.microsoft.com/technet/security/Bulletin/MS10-087.mspx",
"http://www.vupen.com/english/advisories/2010/2923",
"http://www.securitytracker.com/id?1024705",
"http://www.securityfocus.com/bid/44652",
"http://securityreason.com/securityalert/8293",
"http://secunia.com/advisories/42144",
"http://secunia.com/advisories/38521",
"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=880"],
"summary": "Stack-based buffer overflow in Microsoft Office XP SP3,
Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008
for Mac, Office for Mac 2011, and Open XML File Format Converter for
        Mac allows remote attackers to execute arbitrary code via crafted RTF
        data, aka \"RTF Stack Buffer Overflow Vulnerability.\"",
        "vulnerable_configuration": ["cpe:/a:microsoft:office:xp:sp3",
        "cpe:/a:microsoft:office:2003:sp3",
        "cpe:/a:microsoft:office:2007:sp2", "cpe:/a:microsoft:office:2010",
        "cpe:/a:microsoft:office:2004::mac",
        "cpe:/a:microsoft:office:2008::mac",
        "cpe:/a:microsoft:office:2011::mac",
        "cpe:/a:microsoft:open_xml_file_format_converter:::mac"]}

Partners already using the common vulnerabilities and exposures data feeds: