Software vulnerabilities and CVE are usually relying on many third-parties sources for cross-references, additional information or validation.

We recently introduced VIA4CVE - Vulnerability Information Aggregator for CVEs.

VIA4CVE is an aggregator of the known vendor vulnerabilities database to support the expansion of information with CVEs. VIA4CVE is a companion to cve-search.

VIA4CVE generates a compiled JSON file containing the CVE which all the known references.

The following references are already included:

A raw feed of VIA4CVE is also available at https://www.cve-search.org/feeds/via4.json.

VIA4CVE is a companion to the cve-search core software.

We welcome software and hardware vendors to inform us about new sources.