<a href="https://colab.research.google.com/github/Tilak202400/CVs/blob/main/Untitled1.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [None]:
import requests
import sqlite3
import datetime

# Define database connection
conn = sqlite3.connect("vulnerabilities.db")
cursor = conn.cursor()

# Drop the existing table if it exists to ensure the correct schema
cursor.execute("DROP TABLE IF EXISTS vulnerabilities")

# Create table with the correct columns
cursor.execute("""
    CREATE TABLE vulnerabilities (
        id TEXT PRIMARY KEY,
        description TEXT,
        cvss_score REAL,
        severity TEXT,
        published_date TEXT  -- This column was missing
    )
""")
conn.commit()

# Function to classify vulnerability severity
def classify_severity(cvss_score):
    if cvss_score >= 9.0:
        return "Critical"
    elif cvss_score >= 7.0:
        return "High"
    elif cvss_score >= 4.0:
        return "Medium"
    else:
        return "Low"

# Get date range for the last month
end_date = datetime.date.today()
start_date = end_date - datetime.timedelta(days=30)  # Last 30 days

# Convert to API date format
start_date_str = start_date.strftime("%Y-%m-%dT00:00:00.000")
end_date_str = end_date.strftime("%Y-%m-%dT23:59:59.999")

# Function to fetch CVEs from NVD API
def fetch_cve_data(start_index=0):
    url = f"https://services.nvd.nist.gov/rest/json/cves/2.0?pubStartDate={start_date_str}&pubEndDate={end_date_str}&startIndex={start_index}"
    print(f"Fetching CVEs from: {url}")

    response = requests.get(url)
    if response.status_code == 200:
        data = response.json()
        return data.get("vulnerabilities", []), data.get("totalResults", 0)
    else:
        print(f"Error fetching data: {response.status_code}")
        return [], 0

# Function to process and store vulnerabilities
def process_and_store_vulnerabilities():
    start_index = 0
    while True:
        vulnerabilities, total_results = fetch_cve_data(start_index)

        if not vulnerabilities:
            break  # Stop if no more data

        for vuln in vulnerabilities:
            cve = vuln.get("cve", {})
            cve_id = cve.get("id", "Unknown ID")

            # Extract description (English preferred)
            descriptions = cve.get("descriptions", [{}])
            description = "No description available"
            for desc in descriptions:
                if desc.get("lang") == "en":
                    description = desc.get("value", description)

            # Extract CVSS score
            cvss_score = None
            metrics = cve.get("metrics", {})
            if "cvssMetricV31" in metrics:
                cvss_score = metrics["cvssMetricV31"][0]["cvssData"]["baseScore"]
            elif "cvssMetricV30" in metrics:
                cvss_score = metrics["cvssMetricV30"][0]["cvssData"]["baseScore"]
            elif "cvssMetricV2" in metrics:
                cvss_score = metrics["cvssMetricV2"][0]["cvssData"]["baseScore"]

            severity = classify_severity(cvss_score or 0.0)

            # Extract published date
            published_date = cve.get("published", "Unknown Date")

            # Store in database
            cursor.execute("INSERT OR IGNORE INTO vulnerabilities VALUES (?, ?, ?, ?, ?)",
                           (cve_id, description, cvss_score or 0.0, severity, published_date))
            conn.commit()

        start_index += len(vulnerabilities)  # Move to next batch
        if start_index >= total_results:
            break  # Stop when all CVEs are fetched

# Run the process
process_and_store_vulnerabilities()

# Retrieve all stored vulnerabilities from last month
cursor.execute("SELECT * FROM vulnerabilities WHERE published_date BETWEEN ? AND ?", (start_date_str, end_date_str))
rows = cursor.fetchall()

# Display results
if rows:
    print("\nStored Vulnerabilities (Last Month):")
    for row in rows:
        print(f"ID: {row[0]}, Description: {row[1]}, CVSS Score: {row[2]}, Severity: {row[3]}, Published Date: {row[4]}")
else:
    print("No CVEs found in the database for the last month.")

# Close connection
conn.close()
