Axonius Documentation
  1. Asset Cloud
  2. Exposures
  3. Axonius Vulnerability Score (AVS)

Data Sources and Attributions

EPSS

License: MIT License

Copyright (c) 2022 FIRST.Org, Inc. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

GitHub Advisory Database

License: Creative Commons Attribution 4.0 International (Refer to GitHub's Disclaimer of Warranties)

Source material: GitHub Advisory Database

🚧

Disclaimer

Data is sourced from the GitHub Advisory Database. This data is modified and processed by Axonius for calculation purposes.

OSV (Google)

Copyright [Year] Google. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.

🚧

Disclaimer

Data sourced from OSV is modified and processed by Axonius for calculation purposes.

NVD (NIST)

🚧

Disclaimer

This product uses the NVD API but is not endorsed or certified by the NVD.

VulnCheck KEV

🚧

Disclaimer

This product uses data from the VulnCheck Known Exploited Vulnerabilities catalog.

CISA KEV

🚧

Disclaimer

This product uses data from the CISA Known Exploited Vulnerabilities catalog. When relevant, the CISA fields and information are available for viewing and querying in the Security Findings and Devices modules. Only CVEs that are part of the CISA KEV Catalog are enhanced.

Updated 1 day ago