cedric

The Global CVE (GCVE) allocation system is a new, decentralized approach to vulnerability identification and numbering, designed to improve flexibility, scalability, and autonomy for participating entities.

While remaining compatible with the traditional CVE system, GCVE introduces GCVE Numbering Authorities (GNAs). GNAs are independent entities that can allocate identifiers without relying on a centralised block distribution system or rigid policy enforcement.

This release of Vulnerability-Lookup includes new features, better monitoring, improvements and fixes.

What's New

Centralized monitoring service

This feature adds log and process heartbeat reporting to a Valkey datastore, enabling centralized monitoring of Vulnerability-Lookup’s system health and its various components.
(#106)

This new feature is essential for monitoring our expanding suite of tools used to collect vulnerability-related information.

It also supports our new email notification service, which alerts platform users about newly discovered vulnerabilities. Additionally, a new admin view has been introduced, allowing real-time monitoring of the collected logs.

CWE and CAPEC

The CAPEC (Common Attack Pattern Enumerations) and CWE (Common Weakness Enumeration) datasets are now accessible through the API. Check out the documentation.
(#98)

Changes

• [API] Added a new 'since' argument to the /api/vunerability/search/<vendor>/<product> endpoint (833d799)
• [Web] Improved administration dashboard (a732ff3, 0258b24, 04f3772)

Fixes

• Missing description on some description from Microsoft feeds (#107)
• Removed duplicate occurences of the string cvssV4_0 in various Jinja filters. (73c4111)
• Few minor fixes.

📂 To see the full rundown of the changes, users can visit the changelog on GitHub: https://github.com/vulnerability-lookup/vulnerability-lookup/releases/tag/v2.6.0

Feedback and Support

If you encounter issues or have suggestions, please feel free to open a ticket on our GitHub repository. Your feedback is invaluable to us!
https://github.com/vulnerability-lookup/vulnerability-lookup/issues/

Follow us on Fediverse/Mastodon

You can follow us on Mastodon and get real time informationa about security advisories:
https://social.circl.lu/@vulnerability_lookup/

You can star the project on GitHub:
https://github.com/vulnerability-lookup/vulnerability-lookup

Or create an account:
https://vulnerability.circl.lu/

cross-posted from: https://lemmy.ml/post/25836770

Just wanted to share my Pixelfed account: @[email protected]

I like so much this network. A lot of awesome artists are sharing their work there. fan of the accounts @[email protected], @[email protected], @[email protected], @[email protected], @[email protected], and so much more!

Just wanted to share my Pixelfed account: @[email protected]

I like so much this network. A lot of awesome artists are sharing their work there. fan of the accounts @[email protected], @[email protected], @[email protected], @[email protected], @[email protected], and so much more!

We're excited to share the latest features designed to make vulnerability tracking even more efficient.

🚀 What's New

🆕 Email Notifications (Product Watch List)

Stay ahead with hourly, daily, or weekly alerts for new or updated vulnerabilities affecting the vendors and products you care about. Notifications come in both HTML and plain text, with CSV attachments detailing vulnerabilities, sightings, and comments. (#101)

The notification management interface

Future releases will allow users to create notifications by specifying just a vendor, optionally a version, and to be notified about new sightings related to a product or vulnerability.

Various email notifications

The screenshot below shows a list of notifications aggregated in an email client. It's easy to aggregate messages by product / vendor.

🆕 Fraunhofer FKIE NVD Feeder

FKIE NVD Feeder is now operating as a standalone source. (b1e86d8)

🆕 Sightings Import/Export

Manage your sightings via the admin interface with new import/export capabilities. (23cfed2)

🆕 New API Endpoint

Quickly retrieve recently added or updated vulnerabilities since a specific date for better automation and integration. (eccd34d)

🛠️ Changes

• Harmonized pagination mechanism of the API and made it more simple to use (using page numbers instead of using offsets) (46ce344)
• The evolution chart is now taking advantage of the pagination in order to get more data (ada62e2)
• Added an input integer slider in order to let the user dynamically set the minimum number of sightings in the evolution table (cea65b7)
• Implemented a function to check if a domain name exists in the block list, as defined in the website's configuration file (a2e04b3)
• Various improvements to the home page (48cbaed)
• log entry when a shutdown key is present on start (fd18d45)
• Various improvements to the API

📂 To see the full rundown of the changes, users can visit the changelog on GitHub: https://github.com/vulnerability-lookup/vulnerability-lookup/releases/tag/v2.5.0

🙏 Thank you very much to all the contributors and testers!

Tips

Filtering your email notifications

Notification emails from Vulnerability-Lookup include custom SMTP headers:

• X-Mailer: Vulnerability-Lookup
• X-Category: Security Advisory

This allows you to easily create rules or filters in your email client, as shown below. Additionally, you can set up more fine-grained rules based on the email subject.

[]

Creation of a new notification

Example of a notification with sightings

We are glad to announce the immediate availability of vulnerability-related observations from The Shadowserver Foundation within Vulnerability-Lookup.

This milestone wouldn’t have been possible without Piotr Kijewski. We developed a new sighting client, ShadowSight. This new client gathers vulnerability-related data directly from The Shadowserver Foundation, then reports the collected data to the Vulnerability-Lookup API as sightings.

ShadowSight leverages insights on common vulnerabilities and exploited vulnerabilities from Shadowserver’s honeypot source. Source code of ShadowSight is available:

👉 https://github.com/CIRCL/ShadowSight

Explore our sightings collected from this source:

• Exploited vulnerabilities (type: exploited):
  https://vulnerability.circl.lu/sightings/?query=honeypot%2Fexploited-vulnerabilities
• Common vulnerabilities (type: seen):
  https://vulnerability.circl.lu/sightings/?query=honeypot%2Fcommon-vulnerabilities

The Shadowserver Foundation remains a cornerstone resource for security researchers, providing an extensive wealth of data on real-world exploits and their associated vulnerabilities, complete with daily statistics and geographical insights.

Widely used by incident response teams, security researchers, analysts, and other cybersecurity professionals, Shadowserver is recognized as a highly credible and impactful project in the cybersecurity landscape. The Shadowserver Foundation delivers particularly valuable insights into security issues, including vulnerabilities in unpatched IoT devices, various types of internet-facing services, and even services that should not be exposed to the internet.

For us, it has quickly become a reliable sources for sightings. It's also a way to diversify our sources and improve situational awareness.

🔗 Explore all our sighting sources (such as Mastodon, Bluesky, MISP, etc.) and tools here:

👉 https://www.vulnerability-lookup.org/tools/#sightings

📖 References

• https://www.shadowserver.org/
• https://vulnerability.circl.lu/
• https://github.com/cve-search/vulnerability-lookup
• https://github.com/CIRCL/ShadowSight
• https://www.vulnerability-lookup.org/documentation/sightings.html

🤝 Contribute

If you want to benefit from more features of Vulnerability-Lookup like sharing comments, bundles, or sightings, you can create an account to the instance operated by CIRCL:

👉 https://vulnerability.circl.lu/user/signup

We’re really thrilled to unveil Vulnerability-Lookup 2.4.0!

https://www.vulnerability-lookup.org/images/news/2025/2025-01-10-Vulnerability-Lookup-2.4.0.webm

This version includes new features, new importers, improvements and fixes. The key updates are highlighted below.

🔍 New Dashboard: Quickly access the top sighted vulnerabilities from the past month with a real-time, filterable interface.

📊 New Correlations Graph: Visualize relationships between sightings for deeper insights.

📥 New Importers:

• CSAF Microsoft Importer for streamlined CSAF data integration.
• FKIE NVD Importer to incorporate FKIE NVD datasets seamlessly.

📡 RSS/Atom Feeds for Sightings: Stay updated with feeds for specific CPE sightings, sorted and tailored for your needs.

👀 GitHub Gist Sighting Tool: Introducing GistSight for tracking vulnerabilities in GitHub Gists.

💡 Other Updates: We’ve added metadata enrichment capabilities and made significant API improvements to enhance your experience.

Discover more about Vulnerability-Lookup and its capabilities here:
https://vulnerability.circl.lu/

🙏 Thank you very much to all the contributors and testers!

To see the full rundown of the changes, users can visit the changelog on GitHub: https://github.com/cve-search/vulnerability-lookup/releases/tag/v2.4.0

Curious about the latest vulnerability trends, the year's first observations, or historical insights? Our enhanced home page on Vulnerability-Lookup (source code) now lets you filter and explore our growing dataset of sightings with ease. Simply pick the week you want and dive into the data.

Have ideas for improvements? Let us know! https://github.com/cve-search/vulnerability-lookup/issues

Of course you get these sightings via the API: https://vulnerability.circl.lu/api/

You can find various collected status here: https://vulnerability.circl.lu/sightings/?query=bsky.app

Amnesty International identified how Serbian authorities used Cellebrite to exploit a zero-day vulnerability (a software flaw which is not known to the original software developer and for which a software fix is not available) in Android devices to gain privileged access to an environmental activist’s phone. The vulnerability, identified in collaboration with security researchers at Google Project Zero and Threat Analysis Group, affected millions of Android devices worldwide that use the popular Qualcomm chipsets. An update fixing the security issue was released in the October 2024 Qualcomm Security Bulletin.