Skip to content

Instantly share code, notes, and snippets.



Created Jul 22, 2015
What would you like to do?
rexec: 19268
DoS: 14849
xss: 9236
memory: 8212
sqlinj: 6230
privilege: 3321
dirtraversal: 2762
arith: 1260
csrf: 1117
from lxml import etree
from collections import defaultdict
import re
ns = {
'cvrf': '',
'vuln': ''
vuln_xpath = '/cvrf:cvrfdoc/vuln:Vulnerability'
desc_xpath = 'vuln:Notes/vuln:Note[@Type="Description"]'
vuln_texts = [
('sqlinj', re.compile(r'SQL injection', re.I)),
('xss', re.compile(r'|script injection', re.I)),
('privilege', re.compile(r'gain privileges|root privileges|dropping privileges|additional privileges|gain additional group privileges', re.I)),
('DoS', re.compile(r'denial of service', re.I)),
('memory', re.compile(r'buffer overflow|double free|stack corruption||ASLR', re.I)),
('csrf', re.compile(r'Cross-site request forgery', re.I)),
('rexec', re.compile(r'remote( code| command)? execution|execute.*?(arbitrary code|programs|command)')),
#('reserved', re.compile(r'^\*\* RESERVED \*\*')),
#('reject', re.compile(r'^\*\* REJECT \*\*')),
#('unspecified', re.compile(r'Unspecified vulnerability', re.I)),
('dirtraversal', re.compile(r'directory traversal', re.I)),
('arith', re.compile(r'Integer overflow|integer underflow|Integer signedness|signed integer', re.I)),
if __name__ == '__main__':
count = defaultdict(int)
tree = etree.parse('allitems-cvrf.xml')
for vuln in tree.xpath(vuln_xpath, namespaces=ns):
description = vuln.xpath(desc_xpath, namespaces=ns)
if not description:
description = description[0].text.replace('\n', ' ')
for typ, regex in vuln_texts:
if, description):
count[typ] += 1
keys = [x[0] for x in vuln_texts]
keys = sorted(keys, key=lambda x:count[x], reverse=True)
for k in keys:
print('%s: %d' % (k, count[k]))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.