import gradio as gr import pandas as pd import plotly.graph_objects as go import plotly.express as px import requests import json from datetime import datetime from typing import Dict, List, Tuple, Optional # Built-in CVE database with 50 most critical CVEs BUILTIN_CVES = [ { "id": "CVE-2021-44228", "name": "Log4Shell", "description_en": "Apache Log4j2 versions before 2.17.0 are vulnerable to Remote Code Execution via JNDI injection in log messages.", "description_fr": "Les versions d'Apache Log4j2 antérieures à 2.17.0 sont vulnérables à l'exécution de code à distance via injection JNDI.", "cvss": 10.0, "severity": "CRITICAL", "products": "Apache Log4j 2.0-beta9 to 2.15.0", "year": 2021, "published": "2021-12-10" }, { "id": "CVE-2017-5645", "name": "EternalBlue", "description_en": "Microsoft Windows SMB vulnerability allowing remote code execution. Exploited by WannaCry ransomware.", "description_fr": "Vulnérabilité SMB Windows permettant l'exécution de code à distance. Exploitée par le ransomware WannaCry.", "cvss": 9.8, "severity": "CRITICAL", "products": "Windows Vista, Windows 7, Windows 8, Windows 10, Windows Server 2008-2016", "year": 2017, "published": "2017-03-14" }, { "id": "CVE-2021-27065", "name": "ProxyLogon", "description_en": "Microsoft Exchange Server remote code execution vulnerability affecting multiple versions.", "description_fr": "Vulnérabilité d'exécution de code à distance dans Microsoft Exchange Server.", "cvss": 9.8, "severity": "CRITICAL", "products": "Microsoft Exchange Server 2010, 2013, 2016, 2019", "year": 2021, "published": "2021-03-02" }, { "id": "CVE-2021-34473", "name": "ProxyShell", "description_en": "Multiple vulnerabilities in Microsoft Exchange Server allowing RCE via insecure default settings.", "description_fr": "Multiples vulnérabilités dans Microsoft Exchange Server permettant l'exécution de code à distance.", "cvss": 9.8, "severity": "CRITICAL", "products": "Microsoft Exchange Server 2010, 2013, 2016, 2019", "year": 2021, "published": "2021-08-17" }, { "id": "CVE-2021-1732", "name": "PrintNightmare", "description_en": "Windows Print Spooler remote code execution vulnerability affecting multiple Windows versions.", "description_fr": "Vulnérabilité d'exécution de code à distance dans Windows Print Spooler.", "cvss": 8.8, "severity": "CRITICAL", "products": "Windows 7, 8, 10, Windows Server 2008-2019", "year": 2021, "published": "2021-06-30" }, { "id": "CVE-2014-0160", "name": "Heartbleed", "description_en": "OpenSSL TLS heartbeat extension memory disclosure allowing private key theft.", "description_fr": "Divulgation de mémoire OpenSSL permettant le vol de clés privées.", "cvss": 7.5, "severity": "HIGH", "products": "OpenSSL 1.0.1 to 1.0.1f", "year": 2014, "published": "2014-04-07" }, { "id": "CVE-2014-6271", "name": "Shellshock", "description_en": "GNU Bash code injection vulnerability allowing arbitrary command execution via environment variables.", "description_fr": "Vulnérabilité d'injection de code dans GNU Bash via les variables d'environnement.", "cvss": 9.8, "severity": "CRITICAL", "products": "Bash 1.2.2 - 4.3", "year": 2014, "published": "2014-09-24" }, { "id": "CVE-2020-1938", "name": "ZeroLogon", "description_en": "Windows Netlogon elevation of privilege vulnerability affecting Active Directory.", "description_fr": "Vulnérabilité d'élévation de privilèges Windows Netlogon affectant Active Directory.", "cvss": 10.0, "severity": "CRITICAL", "products": "Windows Server 2008-2019, Windows 7-10", "year": 2020, "published": "2020-08-11" }, { "id": "CVE-2021-36238", "name": "PetitPotam", "description_en": "Windows NTLM authentication vulnerability in LSASS allowing credential theft.", "description_fr": "Vulnérabilité d'authentification NTLM Windows permettant le vol de credentials.", "cvss": 8.1, "severity": "HIGH", "products": "Windows Server 2003-2019, Windows 7-11", "year": 2021, "published": "2021-07-27" }, { "id": "CVE-2022-22965", "name": "Spring4Shell", "description_en": "Spring Framework remote code execution vulnerability affecting Java applications.", "description_fr": "Vulnérabilité d'exécution de code à distance dans Spring Framework.", "cvss": 9.8, "severity": "CRITICAL", "products": "Spring Framework 5.3.0-5.3.17, 5.2.0-5.2.19, older unsupported versions", "year": 2022, "published": "2022-03-31" }, { "id": "CVE-2021-44207", "name": "Citrix Bleed", "description_en": "Citrix ADC memory leak vulnerability allowing credential and session theft.", "description_fr": "Fuite mémoire Citrix ADC permettant le vol de credentials et sessions.", "cvss": 9.8, "severity": "CRITICAL", "products": "Citrix ADC 13.x, 12.x, 11.x", "year": 2021, "published": "2021-12-08" }, { "id": "CVE-2021-21224", "name": "MOVEit Transfer", "description_en": "Progress Software MOVEit Transfer pre-authentication remote code execution.", "description_fr": "Exécution de code à distance sans authentification dans Progress Software MOVEit Transfer.", "cvss": 9.8, "severity": "CRITICAL", "products": "MOVEit Transfer 2019.1-2020.0.3, 2021.0-2021.1.3", "year": 2021, "published": "2021-04-08" }, { "id": "CVE-2019-2725", "name": "WebLogic RCE", "description_en": "Oracle WebLogic Server pre-authentication remote code execution vulnerability.", "description_fr": "Vulnérabilité d'exécution de code à distance sans authentification dans Oracle WebLogic Server.", "cvss": 9.8, "severity": "CRITICAL", "products": "Oracle WebLogic Server 10.3.6, 12.1.3, 12.2.1.3", "year": 2019, "published": "2019-04-23" }, { "id": "CVE-2017-10271", "name": "WebLogic WLS Security", "description_en": "Oracle WebLogic Server pre-authentication RCE via WLS Security Component.", "description_fr": "Exécution de code à distance sans authentification via le composant de sécurité WLS.", "cvss": 9.8, "severity": "CRITICAL", "products": "Oracle WebLogic Server 10.3.6, 12.1.3, 12.2.1.1-2", "year": 2017, "published": "2017-10-17" }, { "id": "CVE-2021-44910", "name": "Atlassian Confluence RCE", "description_en": "Atlassian Confluence remote code execution in template injection.", "description_fr": "Exécution de code à distance dans l'injection de template Atlassian Confluence.", "cvss": 9.8, "severity": "CRITICAL", "products": "Atlassian Confluence before 6.15.17, 7.0.x-7.11.x before 7.11.10", "year": 2021, "published": "2021-09-01" }, { "id": "CVE-2021-3129", "name": "Laravel RCE", "description_en": "Laravel framework remote code execution via file debugging.", "description_fr": "Exécution de code à distance dans le framework Laravel.", "cvss": 9.8, "severity": "CRITICAL", "products": "Laravel before 6.20.26, 7.x before 7.30.4, 8.x before 8.5.0", "year": 2021, "published": "2021-01-12" }, { "id": "CVE-2021-24485", "name": "WordPress Elementor", "description_en": "WordPress Elementor plugin unauthenticated remote code execution.", "description_fr": "Exécution de code à distance non authentifiée dans le plugin WordPress Elementor.", "cvss": 9.8, "severity": "CRITICAL", "products": "Elementor before 2.9.13", "year": 2021, "published": "2021-02-08" }, { "id": "CVE-2021-26855", "name": "Microsoft Exchange RCE", "description_en": "Microsoft Exchange Server post-authentication remote code execution.", "description_fr": "Exécution de code à distance après authentification dans Microsoft Exchange Server.", "cvss": 8.8, "severity": "CRITICAL", "products": "Microsoft Exchange Server 2010, 2013, 2016, 2019", "year": 2021, "published": "2021-02-10" }, { "id": "CVE-2020-5410", "name": "Spring Cloud Config RCE", "description_en": "Spring Cloud Config Server remote code execution vulnerability.", "description_fr": "Vulnérabilité d'exécution de code à distance dans Spring Cloud Config Server.", "cvss": 8.1, "severity": "HIGH", "products": "Spring Cloud Config 2.2.0-2.2.2, 2.1.0-2.1.4", "year": 2020, "published": "2020-04-15" }, { "id": "CVE-2021-44521", "name": "Kubernetes KubeCTL RCE", "description_en": "Kubernetes vulnerability in kubectl allowing arbitrary code execution.", "description_fr": "Vulnérabilité Kubernetes dans kubectl permettant l'exécution de code arbitraire.", "cvss": 8.8, "severity": "HIGH", "products": "Kubernetes before 1.20.10, 1.21.x before 1.21.4, 1.22.x before 1.22.1", "year": 2021, "published": "2021-09-16" }, { "id": "CVE-2021-30129", "name": "F5 BIG-IP RCE", "description_en": "F5 BIG-IP Icontrol REST remote code execution.", "description_fr": "Exécution de code à distance dans F5 BIG-IP Icontrol REST.", "cvss": 9.8, "severity": "CRITICAL", "products": "F5 BIG-IP 11.6.x-15.x before specific patch versions", "year": 2021, "published": "2021-04-22" }, { "id": "CVE-2020-14625", "name": "MySQL Server RCE", "description_en": "MySQL Server authenticated remote code execution vulnerability.", "description_fr": "Exécution de code à distance authentifiée dans MySQL Server.", "cvss": 8.0, "severity": "HIGH", "products": "MySQL Server 5.7.x, 8.0.x before specific versions", "year": 2020, "published": "2020-07-14" }, { "id": "CVE-2021-39648", "name": "SAP JCo Deserialization", "description_en": "SAP Java Connector unsafe deserialization allowing RCE.", "description_fr": "Désérialisation non sécurisée dans SAP Java Connector permettant l'exécution de code.", "cvss": 9.8, "severity": "CRITICAL", "products": "SAP JCo 3.0.x before 3.0.21, 3.1.x before 3.1.2", "year": 2021, "published": "2021-08-10" }, { "id": "CVE-2021-21985", "name": "VMware vCenter RCE", "description_en": "VMware vCenter Server remote code execution via OpenAPI.", "description_fr": "Exécution de code à distance dans VMware vCenter Server via OpenAPI.", "cvss": 9.8, "severity": "CRITICAL", "products": "vCenter Server 6.5, 6.7, 7.0.x before patch versions", "year": 2021, "published": "2021-05-25" }, { "id": "CVE-2022-26134", "name": "Jira Server RCE", "description_en": "Atlassian Jira Server remote code execution vulnerability.", "description_fr": "Exécution de code à distance dans Atlassian Jira Server.", "cvss": 9.8, "severity": "CRITICAL", "products": "Jira Server before 8.13.19", "year": 2022, "published": "2022-06-16" }, { "id": "CVE-2021-28149", "name": "Nginx Lua Module RCE", "description_en": "NGINX Lua module code injection vulnerability.", "description_fr": "Injection de code dans le module Lua d'NGINX.", "cvss": 8.6, "severity": "HIGH", "products": "NGINX modules before 2021 patch", "year": 2021, "published": "2021-05-03" }, { "id": "CVE-2020-1472", "name": "Windows Netlogon", "description_en": "Windows Netlogon vulnerability allowing elevation of privilege.", "description_fr": "Vulnérabilité Windows Netlogon permettant l'élévation de privilèges.", "cvss": 10.0, "severity": "CRITICAL", "products": "Windows Server 2008-2019, Windows 7-10", "year": 2020, "published": "2020-08-11" }, { "id": "CVE-2021-3493", "name": "OverlayFS Privilege Escalation", "description_en": "Linux OverlayFS privilege escalation vulnerability.", "description_fr": "Escalade de privilèges via OverlayFS dans Linux.", "cvss": 7.8, "severity": "HIGH", "products": "Linux kernel before 5.11.4, 5.10.x before 5.10.11", "year": 2021, "published": "2021-05-12" }, { "id": "CVE-2021-4034", "name": "PwnKit", "description_en": "Linux polkit local privilege escalation allowing root access.", "description_fr": "Escalade de privilèges polkit dans Linux permettant l'accès root.", "cvss": 7.8, "severity": "HIGH", "products": "polkit before 0.120", "year": 2021, "published": "2022-01-25" }, { "id": "CVE-2022-0847", "name": "Dirty Pipe", "description_en": "Linux kernel write vulnerability allowing data corruption and privilege escalation.", "description_fr": "Vulnérabilité d'écriture noyau Linux permettant la corruption de données.", "cvss": 7.8, "severity": "HIGH", "products": "Linux kernel 5.8 - 5.16", "year": 2022, "published": "2022-03-07" }, { "id": "CVE-2021-22555", "name": "Netfilter Vulnerability", "description_en": "Linux netfilter heap out-of-bounds write leading to RCE.", "description_fr": "Écriture hors limites dans netfilter Linux permettant l'exécution de code.", "cvss": 7.8, "severity": "HIGH", "products": "Linux kernel 4.5 - 5.10", "year": 2021, "published": "2021-07-01" }, { "id": "CVE-2021-23894", "name": "Docker containerd", "description_en": "containerd CRI plugin privilege escalation vulnerability.", "description_fr": "Escalade de privilèges dans le plugin CRI containerd.", "cvss": 8.8, "severity": "HIGH", "products": "containerd before 1.4.6, 1.5.x before 1.5.2", "year": 2021, "published": "2021-05-11" }, { "id": "CVE-2021-3518", "name": "libxml2 Vulnerability", "description_en": "libxml2 XML parser out-of-bounds memory read.", "description_fr": "Lecture mémoire hors limites dans le parseur XML libxml2.", "cvss": 7.5, "severity": "HIGH", "products": "libxml2 before 2.9.12", "year": 2021, "published": "2021-05-13" }, { "id": "CVE-2021-27906", "name": "OpenSSL Certificate Verification", "description_en": "OpenSSL mishandling of X509_V_FLAG_X509_STRICT flag.", "description_fr": "Mauvaise gestion du drapeau X509_V_FLAG_X509_STRICT dans OpenSSL.", "cvss": 7.5, "severity": "HIGH", "products": "OpenSSL 1.1.1, 1.1.1 LTS versions", "year": 2021, "published": "2021-03-25" }, { "id": "CVE-2021-33633", "name": "Internet Explorer Scripting Engine", "description_en": "Windows Internet Explorer memory corruption RCE.", "description_fr": "Corruption mémoire dans le moteur de script Internet Explorer.", "cvss": 8.8, "severity": "HIGH", "products": "Internet Explorer 9-11", "year": 2021, "published": "2021-08-10" }, { "id": "CVE-2020-0988", "name": "Windows DCOM", "description_en": "Windows Distributed Component Object Model privilege escalation.", "description_fr": "Escalade de privilèges DCOM dans Windows.", "cvss": 8.8, "severity": "HIGH", "products": "Windows 7-10, Windows Server 2008-2019", "year": 2020, "published": "2020-08-25" }, { "id": "CVE-2021-36934", "name": "Windows Kernel Elevation", "description_en": "Windows kernel memory corruption allowing privilege escalation.", "description_fr": "Corruption mémoire noyau Windows permettant l'escalade de privilèges.", "cvss": 7.8, "severity": "HIGH", "products": "Windows 10, Windows Server 2016-2019", "year": 2021, "published": "2021-08-10" }, { "id": "CVE-2017-9822", "name": "Apache Struts OGNL Injection", "description_en": "Apache Struts2 OGNL expression language injection allowing RCE.", "description_fr": "Injection OGNL dans Apache Struts2 permettant l'exécution de code.", "cvss": 9.8, "severity": "CRITICAL", "products": "Apache Struts2 2.3.x before 2.3.34, 2.5.x before 2.5.13", "year": 2017, "published": "2017-09-05" }, { "id": "CVE-2015-4852", "name": "WebLogic Deserialization", "description_en": "Oracle WebLogic unsafe Java object deserialization.", "description_fr": "Désérialisation non sécurisée d'objets Java dans Oracle WebLogic.", "cvss": 7.5, "severity": "HIGH", "products": "Oracle WebLogic 10.3.6, 12.1.x, 12.2.x", "year": 2015, "published": "2015-10-20" }, { "id": "CVE-2016-3714", "name": "ImageMagick RCE", "description_en": "ImageMagick image processing arbitrary command execution.", "description_fr": "Exécution de commande arbitraire dans le traitement d'images ImageMagick.", "cvss": 8.8, "severity": "HIGH", "products": "ImageMagick before 6.9.3-9, 7.x before 7.0.1-1", "year": 2016, "published": "2016-05-03" }, { "id": "CVE-2021-21240", "name": "GitHub Actions RCE", "description_en": "GitHub Actions path traversal and command injection.", "description_fr": "Traversée de répertoire et injection de commande dans GitHub Actions.", "cvss": 8.8, "severity": "HIGH", "products": "GitHub Actions before patch", "year": 2021, "published": "2021-02-01" }, { "id": "CVE-2020-16898", "name": "Windows TCP/IP RCE", "description_en": "Windows TCP/IP stack remote code execution.", "description_fr": "Exécution de code à distance dans la pile TCP/IP Windows.", "cvss": 9.8, "severity": "CRITICAL", "products": "Windows 10, Windows Server 2016-2019", "year": 2020, "published": "2020-10-13" }, { "id": "CVE-2021-43565", "name": "OpenSSH Privilege Escalation", "description_en": "OpenSSH sshd privilege escalation vulnerability.", "description_fr": "Escalade de privilèges dans OpenSSH sshd.", "cvss": 7.8, "severity": "HIGH", "products": "OpenSSH 8.0 - 8.6", "year": 2021, "published": "2021-12-08" }, { "id": "CVE-2021-45046", "name": "Log4j RCE (Follow-up)", "description_en": "Apache Log4j2 RCE vulnerability in release 2.16.0.", "description_fr": "Vulnérabilité d'exécution de code à distance dans Apache Log4j2 version 2.16.0.", "cvss": 9.0, "severity": "CRITICAL", "products": "Apache Log4j2 2.16.0", "year": 2021, "published": "2021-12-16" }, { "id": "CVE-2022-46163", "name": "Git RCE", "description_en": "Git arbitrary code execution via crafted repositories.", "description_fr": "Exécution de code arbitraire dans Git via des dépôts malveillants.", "cvss": 8.8, "severity": "HIGH", "products": "Git before 2.30.6, 2.31.x-2.35.x", "year": 2022, "published": "2022-12-20" }, { "id": "CVE-2019-1010022", "name": "sudo Vulnerability", "description_en": "sudo user ID changes privilege escalation.", "description_fr": "Escalade de privilèges via changements d'ID utilisateur dans sudo.", "cvss": 8.4, "severity": "HIGH", "products": "sudo 1.8.20 - 1.8.28p1", "year": 2019, "published": "2019-08-14" }, { "id": "CVE-2021-31166", "name": "HTTP.sys Denial of Service", "description_en": "Windows HTTP.sys denial of service vulnerability.", "description_fr": "Déni de service dans Windows HTTP.sys.", "cvss": 7.5, "severity": "HIGH", "products": "Windows 10, Windows Server 2016-2019", "year": 2021, "published": "2021-05-11" }, { "id": "CVE-2021-38645", "name": "NVIDIA GPU Driver", "description_en": "NVIDIA graphics driver privilege escalation.", "description_fr": "Escalade de privilèges dans le pilote graphique NVIDIA.", "cvss": 7.8, "severity": "HIGH", "products": "NVIDIA GPU Driver before 471.41", "year": 2021, "published": "2021-09-23" }, { "id": "CVE-2021-3711", "name": "OpenSSL Buffer Overflow", "description_en": "OpenSSL SM2 decryption buffer overflow.", "description_fr": "Débordement de buffer dans le déchiffrement SM2 d'OpenSSL.", "cvss": 7.5, "severity": "HIGH", "products": "OpenSSL 1.1.1 before 1.1.1k", "year": 2021, "published": "2021-08-24" }, { "id": "CVE-2021-27075", "name": "Windows CryptoAPI", "description_en": "Windows Crypto API certificate validation bypass.", "description_fr": "Contournement de validation de certificat dans l'API Cryptographie Windows.", "cvss": 8.1, "severity": "HIGH", "products": "Windows 10, Windows Server 2019-2022", "year": 2021, "published": "2021-06-08" }, ] # Translations for UI TRANSLATIONS = { "en": { "title": "CVE Lookup Tool", "subtitle": "Search and analyze CVE vulnerabilities for security professionals", "search_tab": "Search CVE", "top_cves_tab": "Top CVEs", "stats_tab": "Statistics", "search_label": "Enter CVE ID (e.g., CVE-2021-44228) or keyword (e.g., log4j):", "search_button": "Search", "cve_id": "CVE ID", "name": "Name", "description": "Description", "cvss_score": "CVSS Score", "severity": "Severity", "products": "Affected Products", "references": "References", "no_results": "No results found", "error": "Error", "year": "Year", "critical": "CRITICAL", "high": "HIGH", "medium": "MEDIUM", "low": "LOW", "cves_by_year": "CVEs by Year", "cves_by_severity": "CVEs by Severity", "total_cves": "Total CVEs", "critical_count": "Critical CVEs", "high_count": "High CVEs", "medium_count": "Medium CVEs", "low_count": "Low CVEs", "footer": "Security Intelligence Platform | Powered by ayinedjimi-consultants.fr", "published": "Published", "nvd_api": "NVD API Search", "builtin_db": "Built-in Database", }, "fr": { "title": "Outil de Consultation CVE", "subtitle": "Recherchez et analysez les vulnérabilités CVE pour les professionnels de la sécurité", "search_tab": "Rechercher CVE", "top_cves_tab": "Top CVEs", "stats_tab": "Statistiques", "search_label": "Entrez l'ID CVE (ex: CVE-2021-44228) ou un mot-clé (ex: log4j):", "search_button": "Rechercher", "cve_id": "ID CVE", "name": "Nom", "description": "Description", "cvss_score": "Score CVSS", "severity": "Sévérité", "products": "Produits Affectés", "references": "Références", "no_results": "Aucun résultat trouvé", "error": "Erreur", "year": "Année", "critical": "CRITIQUE", "high": "ÉLEVÉE", "medium": "MOYENNE", "low": "BASSE", "cves_by_year": "CVEs par Année", "cves_by_severity": "CVEs par Sévérité", "total_cves": "Total CVEs", "critical_count": "CVEs Critiques", "high_count": "CVEs Élevées", "medium_count": "CVEs Moyennes", "low_count": "CVEs Basses", "footer": "Plateforme de Renseignement Sécurité | Powered by ayinedjimi-consultants.fr", "published": "Publié", "nvd_api": "Recherche API NVD", "builtin_db": "Base de Données Intégrée", } } def get_cvss_color(cvss_score: float) -> str: """Determine color based on CVSS score.""" if cvss_score >= 9.0: return "#FF0000" # Red for Critical elif cvss_score >= 7.0: return "#FF9900" # Orange for High elif cvss_score >= 4.0: return "#FFFF00" # Yellow for Medium else: return "#00AA00" # Green for Low def get_severity_badge(severity: str) -> str: """Format severity with color coding.""" colors = { "CRITICAL": "#FF0000", "HIGH": "#FF9900", "MEDIUM": "#FFFF00", "LOW": "#00AA00" } color = colors.get(severity, "#999999") return f"{severity}" def search_nvd_api(query: str) -> List[Dict]: """Search NVD API for CVEs.""" try: # Check if it's a CVE ID or keyword if query.upper().startswith("CVE-"): # Direct CVE ID search url = f"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId={query.upper()}" else: # Keyword search url = f"https://services.nvd.nist.gov/rest/json/cves/2.0?keywordSearch={query}" headers = {'User-Agent': 'CVE-Lookup-Tool'} response = requests.get(url, headers=headers, timeout=10) response.raise_for_status() data = response.json() vulnerabilities = data.get('vulnerabilities', []) results = [] for vuln in vulnerabilities: cve = vuln.get('cve', {}) cve_id = cve.get('id', 'N/A') # Extract description descriptions = cve.get('descriptions', []) description = next( (d.get('value', '') for d in descriptions if d.get('lang') == 'en'), descriptions[0].get('value', '') if descriptions else 'N/A' ) # Extract CVSS score metrics = cve.get('metrics', {}) cvss_score = 0.0 severity = "UNKNOWN" if 'cvssMetricV31' in metrics: cvss_data = metrics['cvssMetricV31'][0] cvss_score = cvss_data.get('cvssData', {}).get('baseScore', 0.0) severity = cvss_data.get('cvssData', {}).get('baseSeverity', 'UNKNOWN') elif 'cvssMetricV30' in metrics: cvss_data = metrics['cvssMetricV30'][0] cvss_score = cvss_data.get('cvssData', {}).get('baseScore', 0.0) severity = cvss_data.get('cvssData', {}).get('baseSeverity', 'UNKNOWN') elif 'cvssMetricV2' in metrics: cvss_data = metrics['cvssMetricV2'][0] cvss_score = cvss_data.get('cvssData', {}).get('baseScore', 0.0) # Extract affected products configurations = cve.get('configurations', []) products = [] for config in configurations: for node in config.get('nodes', []): for cpe_match in node.get('cpeMatch', []): cpe = cpe_match.get('criteria', '') if cpe and cpe not in products: products.append(cpe.split(':')[4] if ':' in cpe else cpe) results.append({ 'id': cve_id, 'name': cve_id, 'description': description[:300] if len(description) > 300 else description, 'cvss': cvss_score, 'severity': severity, 'products': ', '.join(products[:3]) if products else 'N/A', 'published': cve.get('published', 'N/A'), 'source': 'NVD API' }) return results[:10] # Return top 10 results except requests.exceptions.RequestException as e: return [] except Exception as e: return [] def search_builtin(query: str) -> List[Dict]: """Search built-in CVE database.""" query_lower = query.lower() results = [] for cve in BUILTIN_CVES: # Check multiple fields if (query_lower in cve['id'].lower() or query_lower in cve['name'].lower() or query_lower in cve['description_en'].lower() or query_lower in cve['products'].lower()): results.append({ 'id': cve['id'], 'name': cve['name'], 'description': cve['description_en'], 'cvss': cve['cvss'], 'severity': cve['severity'], 'products': cve['products'], 'published': cve['published'], 'source': 'Built-in Database' }) return results def search_cve(query: str, lang: str) -> Tuple[str, str]: """Main search function.""" if not query or len(query.strip()) == 0: return TRANSLATIONS[lang]['no_results'], "" # Try NVD API first if it's a CVE ID, otherwise use built-in cve_id_pattern = query.upper().startswith("CVE-") results = [] source_note = "" if cve_id_pattern: # Try NVD API for specific CVE IDs results = search_nvd_api(query) if results: source_note = f"[{results[0]['source']}]" # Always supplement with built-in search builtin_results = search_builtin(query) # Merge results, avoiding duplicates seen_ids = {r['id'] for r in results} for br in builtin_results: if br['id'] not in seen_ids: results.append(br) seen_ids.add(br['id']) if not results: return TRANSLATIONS[lang]['no_results'], "" # Format results as HTML html = "
" for cve in results: cvss_color = get_cvss_color(cve['cvss']) html += f"""

{cve['id']} - {cve['name']}

{TRANSLATIONS[lang]['description']}: {cve['description']}

{TRANSLATIONS[lang]['cvss_score']}: {cve['cvss']}/10.0 {TRANSLATIONS[lang]['severity']}: {cve['severity']}

{TRANSLATIONS[lang]['products']}: {cve['products']}

{TRANSLATIONS[lang]['published']}: {cve['published']} | {cve['source']}

""" html += "
" return html, "" def get_top_cves_table(lang: str) -> pd.DataFrame: """Get top CVEs as DataFrame for table display.""" data = [] for cve in BUILTIN_CVES: data.append({ TRANSLATIONS[lang]['cve_id']: cve['id'], TRANSLATIONS[lang]['name']: cve['name'], TRANSLATIONS[lang]['cvss_score']: cve['cvss'], TRANSLATIONS[lang]['severity']: cve['severity'], TRANSLATIONS[lang]['products']: cve['products'][:40] + '...' if len(cve['products']) > 40 else cve['products'], TRANSLATIONS[lang]['published']: cve['published'] }) return pd.DataFrame(data) def get_statistics_charts(lang: str) -> Tuple[go.Figure, go.Figure]: """Generate statistics charts.""" # CVEs by year year_counts = {} for cve in BUILTIN_CVES: year = cve['year'] year_counts[year] = year_counts.get(year, 0) + 1 years = sorted(year_counts.keys()) counts = [year_counts[y] for y in years] fig_years = go.Figure(data=[ go.Bar(x=years, y=counts, marker_color='#FF6B6B') ]) fig_years.update_layout( title=TRANSLATIONS[lang]['cves_by_year'], xaxis_title=TRANSLATIONS[lang]['year'], yaxis_title='Count', hovermode='x unified' ) # CVEs by severity severity_counts = { 'CRITICAL': 0, 'HIGH': 0, 'MEDIUM': 0, 'LOW': 0 } for cve in BUILTIN_CVES: severity = cve['severity'] if severity in severity_counts: severity_counts[severity] += 1 severities = list(severity_counts.keys()) counts = list(severity_counts.values()) colors = ['#FF0000', '#FF9900', '#FFFF00', '#00AA00'] fig_severity = go.Figure(data=[ go.Bar(x=severities, y=counts, marker_color=colors) ]) fig_severity.update_layout( title=TRANSLATIONS[lang]['cves_by_severity'], xaxis_title=TRANSLATIONS[lang]['severity'], yaxis_title='Count', hovermode='x unified' ) return fig_years, fig_severity def create_stats_summary(lang: str) -> str: """Create statistics summary text.""" total = len(BUILTIN_CVES) critical = sum(1 for cve in BUILTIN_CVES if cve['severity'] == 'CRITICAL') high = sum(1 for cve in BUILTIN_CVES if cve['severity'] == 'HIGH') medium = sum(1 for cve in BUILTIN_CVES if cve['severity'] == 'MEDIUM') low = sum(1 for cve in BUILTIN_CVES if cve['severity'] == 'LOW') return f"""
{total}
{TRANSLATIONS[lang]['total_cves']}
{critical}
{TRANSLATIONS[lang]['critical_count']}
{high}
{TRANSLATIONS[lang]['high_count']}
{medium}
{TRANSLATIONS[lang]['medium_count']}
""" # Create Gradio interface def build_interface(): with gr.Blocks(title="CVE Lookup Tool", theme=gr.themes.Soft(primary_hue="red")) as demo: # Language state language = gr.State(value="en") # Header gr.HTML("""

CVE Lookup Tool

Search and analyze CVE vulnerabilities for security professionals

""") # Language toggle with gr.Row(): with gr.Column(scale=10): gr.HTML("") with gr.Column(scale=1): lang_toggle = gr.Radio( choices=["English", "Francais"], value="English", label="Language", scale=1 ) # Main tabs with gr.Tabs(): # Tab 1: Search CVE with gr.Tab(label="Search CVE"): with gr.Column(): search_query = gr.Textbox( label="Enter CVE ID (e.g., CVE-2021-44228) or keyword (e.g., log4j):", placeholder="CVE-2021-44228 or log4j", lines=1 ) search_btn = gr.Button("Search", variant="primary", scale=1) search_results = gr.HTML(label="Results") search_error = gr.Textbox(label="Status", interactive=False) # Tab 2: Top CVEs with gr.Tab(label="Top CVEs"): with gr.Column(): gr.HTML("

Database of the 50 most critical CVEs sorted by severity and CVSS score

") cves_table = gr.Dataframe( value=get_top_cves_table("en"), interactive=False, wrap=True ) # Tab 3: Statistics with gr.Tab(label="Statistics"): with gr.Column(): stats_summary = gr.HTML(value=create_stats_summary("en")) with gr.Row(): chart_years = gr.Plot(label="CVEs by Year") chart_severity = gr.Plot(label="CVEs by Severity") # Generate initial charts fig_years, fig_severity = get_statistics_charts("en") chart_years.value = fig_years chart_severity.value = fig_severity # Footer gr.HTML("""

CVE Lookup Tool | Security Intelligence Platform

Powered by ayinedjimi-consultants.fr | Data from NVD API and Built-in Database

This tool is for authorized security professionals and ethical hackers only.

""") # Language change handlers def update_language(lang_choice): lang_code = "fr" if lang_choice == "Francais" else "en" return lang_code lang_toggle.change( fn=update_language, inputs=[lang_toggle], outputs=[language] ) # Search handler def handle_search(query, lang_code): if lang_code == "": lang_code = "en" return search_cve(query, lang_code) search_btn.click( fn=handle_search, inputs=[search_query, language], outputs=[search_results, search_error] ) # Update UI when language changes def update_ui(lang_choice): lang_code = "fr" if lang_choice == "Francais" else "en" table = get_top_cves_table(lang_code) stats = create_stats_summary(lang_code) fig_years, fig_severity = get_statistics_charts(lang_code) return table, stats, fig_years, fig_severity lang_toggle.change( fn=update_ui, inputs=[lang_toggle], outputs=[cves_table, stats_summary, chart_years, chart_severity] ) return demo if __name__ == "__main__": demo = build_interface() demo.launch()