{"id":20135104,"url":"https://github.com/m3n0sd0n4ld/ucve","last_synced_at":"2025-07-31T09:09:27.903Z","repository":{"id":108103488,"uuid":"572968093","full_name":"m3n0sd0n4ld/uCVE","owner":"m3n0sd0n4ld","description":"uCVE is a tool written in GO that allows to extract CVE's related to a specific software and version, obtaining a report in HTML format with the result and/or exporting it to the pentesting report.","archived":false,"fork":false,"pushed_at":"2024-02-23T13:50:25.000Z","size":552,"stargazers_count":35,"open_issues_count":4,"forks_count":6,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-09T17:45:44.358Z","etag":null,"topics":["cve","go","golang","hacking-tool","mitre","nist","report","reporting","vulnerabilities"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/m3n0sd0n4ld.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-12-01T12:22:09.000Z","updated_at":"2025-04-07T15:29:20.000Z","dependencies_parsed_at":null,"dependency_job_id":"65c1b0ba-d8bc-4fca-8c13-29b0500f0423","html_url":"https://github.com/m3n0sd0n4ld/uCVE","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/m3n0sd0n4ld/uCVE","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m3n0sd0n4ld%2FuCVE","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m3n0sd0n4ld%2FuCVE/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m3n0sd0n4ld%2FuCVE/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m3n0sd0n4ld%2FuCVE/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/m3n0sd0n4ld","download_url":"https://codeload.github.com/m3n0sd0n4ld/uCVE/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/m3n0sd0n4ld%2FuCVE/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":268016856,"owners_count":24181656,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-31T02:00:08.723Z","response_time":66,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve","go","golang","hacking-tool","mitre","nist","report","reporting","vulnerabilities"],"created_at":"2024-11-13T21:13:52.733Z","updated_at":"2025-07-31T09:09:27.857Z","avatar_url":"https://github.com/m3n0sd0n4ld.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg width=\"460\" height=\"300\" src=\"images/logo.png\"\u003e\n  \u003cbr\u003e\n  \u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/m3n0sd0n4ld/uCVE/releases/tag/\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/v/release/m3n0sd0n4ld/uCVE?include_prereleases\u0026style=flat-square\"\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/m3n0sd0n4ld/uCVE/issues?q=is%3Aissue+is%3Aopen\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/issues/m3n0sd0n4ld/uCVE?style=flat-square\"\u003e\n  \u003ca href=\"https://github.com/m3n0sd0n4ld/uCVE/commits/master\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/last-commit/m3n0sd0n4ld/uCVE?style=flat-square\"\u003e\n  \u003c/a\u003e\n  \u003ch1 align=\"center\"\u003euCVE - Fast CVE Reporting\u003c/h1\u003e\n  \u003cbr\u003e\n\u003c/p\u003e\n    \n## Description\n**uCVE** is a tool written in GO that allows to extract CVE's related to a specific software and version, obtaining a report in HTML format with the result and/or exporting it to the pentesting report.\n    \n## Download and install\n```\ngit clone https://github.com/m3n0sd0n4ld/uCVE.git\ncd uCVE\ngo build -o uCVE uCVE.go\n```\n### Download the compiled binary for Windows, Linux or MacOS\n[Download the latest version](https://github.com/m3n0sd0n4ld/uCVE/releases)\n    \n### Error: version 'GLIBC_2.32' not found (Any Ubuntu version/Debian/Kali/Parrot OS 64bits)\n```\ngit clone https://github.com/m3n0sd0n4ld/uCVE.git\ncd uCVE\nGOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o uCVE uCVE.go\n``` \n    \n## Use\n### Menu\n```\n\u003e uCVE -h\n\n         ___________    ___________\n  ____  ___  ____/_ |  / /__  ____/\n  _  / / /  /    __ | / /__  __/   \n  / /_/ // /___  __ |/ / _  /___   \n  \\__,_/ \\____/  _____/  /_____/ v.2.0\n  \n          by M3n0sD0n4ld and Siriil\n\n             \nuCVE parameter:\n\n    -cvss: Filter vulnerabilities by CVSS [critical,high,medium,low,none] (default is all)\n    -iJSON: List products with version in JSON file ({Soft1:1.2.1, Soft2:2.1.2, Soft3: 3.0})\n    -lg: Set language of information [en,es] (default is English (en))\n    -lvp: Save list updated of vendors and products (file list.lvp aprox 3' processing)\n    -oCSV: Save CVEs list in CSV file\n    -oHTML: Save CVEs list in HTML file\n    -oJSON: Save CVEs list in JSON file\n    -oSTD: Save CVEs list in Std Out\n    -oXML: Save CVEs list in XML file\n    -p: Search CVEs by product software (required)\n    -spc: Search product software contains in list.lvp (it is required to save this file in the same executation path script)\n    -spl: Search product software literal match in list.lvp (it is required to save this file in the same executation path script)\n    -v: Show version\n    -vp: Set version of product software (required)\n    -vr: Set vendor of product software. if you can set character '*', script will search all vendor by product (required)\n\nUsage:\n    uCVE -vr \u003cvendor\u003e -p \u003cproduct\u003e -vp \u003cversion_product\u003e\n         [-cvss \u003call,critical,high,medium,low,none\u003e] [-lg \u003cen,es\u003e] [-oSTD]\n         [-oHTML|-oCSV|-oJSON|-oXML \u003cfilename\u003e] [-lvp] [-spc|-spl \u003cproduct\u003e]\n\nExamples:\n    uCVE -vr '*' -p jquery_ui -vp 1.12.1\n    uCVE -vr apache -p tomcat -vp 8.5.4 -oSTD\n    uCVE -vr oracle -p \"database server\" -vp 11.2.0.4\n    uCVE -vr oracle -p sunos -vp 5.5.1 -cvss critical,high,medium -lg es -oHTML report -oCSV report\n    uCVE -lvp\n    uCVE -spc jquery\n    uCVE -spl jquery_ui\n```\n\n### CVE's search by default (includes all types of criticality)\n```\n\u003e uCVE -vr eclipse -p jetty -vp 9.3-z -lg es\n\n         ___________    ___________\n  ____  ___  ____/_ |  / /__  ____/\n  _  / / /  /    __ | / /__  __/   \n  / /_/ // /___  __ |/ / _  /___   \n  \\__,_/ \\____/  _____/  /_____/ v.2.0\n  \n          by M3n0sD0n4ld and Siriil\n\n             \n[+] Language selected is Spanish (es)\n\n[!] This could take a few minutes, please wait\n\n[+] 6 results found for vendor eclipse product jetty version 9.3-z\n\n    Fabricante  Producto  Version  Cve             Vulnerabilidad                               Fecha de Publicacion  Puntuacion  Riesgo  Acceso   Complejidad  \n    ----------  --------  -------  ---             --------------                               --------------------  ----------  ------  ------   -----------  \n    eclipse     jetty     9.3-z    CVE-2022-2048   Recurso no Controlado                        07/07/2022            7.5         Alta    Red      Baja         \n    eclipse     jetty     9.3-z    CVE-2022-2047   Validacion Incorrecta de Entrada             07/07/2022            2.7         Baja    Red      Baja         \n    eclipse     jetty     9.3-z    CVE-2021-34428  Sesion sin Expiracion                        22/06/2021            3.5         Baja    Físico  Baja         \n    eclipse     jetty     9.3-z    CVE-2021-28169  Otro                                         08/06/2021            5.3         Media   Red      Baja         \n    eclipse     jetty     9.3-z    CVE-2021-28165  Improper Handling of Exceptional Conditions  01/04/2021            7.5         Alta    Red      Baja         \n    eclipse     jetty     9.3-z    CVE-2020-27216  Otro                                         23/10/2020            7.0         Alta    Local    Alta         \n\n[!] Results will be exported to HTML file by default\n\n[+] Results saved in 'report_jetty_9.3-z_eclipse.html'\n```\n### Search for CVE's by filtering by criticality (separated by commas and without spaces).\n```\n\u003e uCVE -vr eclipse -p jetty -vp 9.3-z -lg es -cvss critical,high\n\n         ___________    ___________\n  ____  ___  ____/_ |  / /__  ____/\n  _  / / /  /    __ | / /__  __/   \n  / /_/ // /___  __ |/ / _  /___   \n  \\__,_/ \\____/  _____/  /_____/ v.2.0\n  \n          by M3n0sD0n4ld and Siriil\n\n             \n[+] Language selected is Spanish (es)\n\n[!] This could take a few minutes, please wait\n\n[+] 3 results found for vendor eclipse product jetty version 9.3-z\n\n    Fabricante  Producto  Version  Cve             Vulnerabilidad                               Fecha de Publicacion  Puntuacion  Riesgo  Acceso  Complejidad  \n    ----------  --------  -------  ---             --------------                               --------------------  ----------  ------  ------  -----------  \n    eclipse     jetty     9.3-z    CVE-2022-2048   Recurso no Controlado                        07/07/2022            7.5         Alta    Red     Baja         \n    eclipse     jetty     9.3-z    CVE-2021-28165  Improper Handling of Exceptional Conditions  01/04/2021            7.5         Alta    Red     Baja         \n    eclipse     jetty     9.3-z    CVE-2020-27216  Otro                                         23/10/2020            7.0         Alta    Local   Alta         \n\n[!] Results will be exported to HTML file by default\n\n[+] Results saved in 'report_jetty_9.3-z_eclipse.html'\n```\n\n### Viewing the report\nuCVE allows you to sort by CVE identifier, date, vulnerability type, score... Ideal for reporting in your pentesting reports!\n\t  \n![Screenshot](images/table-1.png)\n\t  \nIn addition, it also incorporates a search engine to filter by type of vulnerability or attack.\n\t  \n![Screenshot](images/table-2.png)\n\t  \nIf Spanish language is not specified, by default it will generate the report in English (date format included):\n\t  \n![Screenshot](images/table-3.png)\n\t  \n## Credits\n\n###### Authors: \n- [Iván Santos (AKA. Siriil)](https://es.linkedin.com/in/siriil/)\n- [David Utón (AKA. M3n0sd0n4ld)](https://twitter.com/David_Uton)\n    \n## Disclaimer and Acknowledgments\nThe authors of the tool are not responsible for the misuse of the tool, nor are they responsible for errors in the information obtained and shown in the report.\n\nAll information is obtained from the official resource [https://cve.mitre.org](https://cve.mitre.org).\n\nThanks to **MITRE** and the users who use **uCVE**.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fm3n0sd0n4ld%2Fucve","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fm3n0sd0n4ld%2Fucve","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fm3n0sd0n4ld%2Fucve/lists"}