Python 2/3 library for the Vulners Database. It provides search, data retrieval, archive and vulnerability scanning API's for the integration purposes. With this library you can create powerful security tools and get access to the world largest security database.
Library was tested on a python2 and python3.
Package is available with PyPI
You can use pip for the installation
pip install -U vulners
Please, register at Vulners website. Go to the personal menu by clicking at your name at the right top corner. Follow "API KEYS" tab. Generate API key with scope "api" and use it with the library.
All the callable methods are using Vulners REST API.
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
heartbleed_related = vulners_api.find_all("heartbleed", limit=10)
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
CVE_2017_14174 = vulners_api.get_bulletin("CVE-2017-14174")
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
CVE_DATA = vulners_api.get_multiple_bulletins(["CVE-2017-14174", "CVE-2016-1175"])
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
wordpress_exploits = vulners_api.find_exploit_all("wordpress 4.7.0")
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
results = vulners_api.get_software_vulnerabilities("httpd", "1.3")
vulnerabilities_list = [results[key] for key in results if key not in ("info", "blog", "bugbounty")]
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
cpe_results = vulners_api.get_cpe_vulnerabilities("cpe:/a:cybozu:garoon:4.2.1")
cpe_vulnerabilities_list = [cpe_results[key] for key in cpe_results if key not in ("info", "blog", "bugbounty")]
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
references = vulners_api.get_bulletin_references("CVE-2014-0160")
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
# Superseeding information will be returned as a dict
# with two keys: "superseeds" and "parentseeds".
# Superseeds means "what KB are covered by this KB".
# Parentseeds means "what KB are covering this KB".
superseeds = vulners_api.get_kb_seeds("KB4524135")
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
microsoft_updates_for_kb = vulners_api.get_kb_updates("KB4524135")
updates_download_links = [update["href"] for update in microsoft_updates_for_kb]
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
text_ai_score = vulners_api.get_ai_score("My cool vulnerability description")
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
possible_autocomplete = vulners_api.query_autocomplete("heartbleed")
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
all_cve = vulners_api.get_collection("cve")
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
win_vulners = vulners_api.kb_audit(os="Windows Server 2012 R2", kb_list=["KB4072650", "KB2959936", "KB2894856", "KB2896496"])
need_2_install_kb = win_vulners["kbMissed"]
affected_cve = win_vulners["cvelist"]
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
# Example for CentOS 7
# You can use it for any RPM based OS
# Execute command: rpm -qa --qf '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}\\n'
# Use it as package variable input
centos_vulnerabilities = vulners_api.os_audit(os="centos", version="7", packages=["glibc-common-2.17-157.el7_3.5.x86_64"])
vulnerable_packages = centos_vulnerabilities.get("packages")
missed_patches_ids = centos_vulnerabilities.get("vulnerabilities")
cve_list = centos_vulnerabilities.get("cvelist")
how_to_fix = centos_vulnerabilities.get("cumulativeFix")
# Example for Debian 8
# You can use it for any DEB based OS
# Execute command: dpkg-query -W -f='${Package} ${Version} ${Architecture}\\n'
# Use it as package variable input
debian_vulnerabilities = vulners_api.os_audit(os="debian", version="8", packages=['uno-libs3 4.3.3-2+deb8u7 amd64'])
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
# Example for CentOS 7
centos_vulnerabilities_data = vulners_api.get_distributive("CentOS", "7")
import vulners
vulners_api = vulners.VulnersApi(api_key="YOUR_API_KEY_HERE")
rules = vulners_api.get_web_application_rules()
FAQs
Python library and command-line utility for Vulners (https://vulners.com)
We found that vulners demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.