This is the vulnerability database that's being generated by our proprietary Detective and Oversight system.
The data is generated in production mode, which implies that the products and vulnerabilities are used to automatically classify incidents and mitigate package/dependency problems, either by an update or by other strategic measurements.
GitHub forces its users to use Git LFS (Large File Storage), which means that this repository would cost around 50$/month (not including traffic bandwidth) just for the sake of publishing the data publicly. As there is no free plan for Open Source, future releases of this repository might be only available in the releases.
In order to find out what is removed from this mirrored repository, take a look at the .gitignore file.
Due to political concerns, this database dump currently does not contain the automatically generated exploits and classifiers for each vulnerability. At a later point we might try to open source it, once the Russian army stops trying to hack the EU infrastructure (which might also never happen).
- Cached OVAL data for various security trackers that exceed 100MB file size
- Automatically generated pcap streams of incidents (to generate classifiers and exploits)
- Automatically generated exploits (the
aggrevationsfolder) - Automatically generated classifiers (the
mitigationsfolder)
CC BY-SA 3.0