Curious about the Chinese vulnerability database? It's now included on https://vulnerability-lookup.org!
Big thanks to @rafi0t for the awesome work and the clever LookyLoo import!
🔗 https://vulnerability.circl.lu/recent#cnvd
#vulnerability #vulnerabilitymanagement #threatintel #cybersecurity #china
@adulau Getting the CNVD DB was a fun task: there is a list of XML weekly dumps we can get from the official website, but it is only accessible once logged in. This list of links doesn't require to be logged in *but* you need to pass a JS challenge[1]. Which is a annoying when you don't want to manually download 540+ files. The solution was to send these URLs to Lookyloo[2] and get the downloaded file[3].
[1] https://www.daehee.com/blog/scrape-cnvd-jsl-clearance-s/
[2] https://lookyloo.circl.lu/capture
[3] https://helga.circl.lu/vulnerability-lookup/CNVD-Dump/src/branch/main/cnvd_dump/cnvd_downloader.py#L35
Aristotelis Tzafalias
Alexandre Dulaunoy
Raphaël Vinot