I know that OpenVAS is open source, but i cannot find where is the database of CVEs and their corresponding KB to fix them (obviously it will be different KBs based on windows version).
So where can i find this? I am mainly concerned with Windows vulnerlabilites that have CVE and a corresponding KB.
Tried looking at different repositories of greenbone, but couldn’t find it in any of them?
EDIT: I am trying to write a simple Windows vulerlability checker for windows for a university project.
Basically i just want to write an agent that gathers windows build and installed patches, and based on the CVE/KB dataset, i wiill report to user which CVEs that windows has, and i will also report the corresponding KB that user needs in order to fix it.
So for this problem, where should i start? I started at greenbone because it already has this functionality, but considering it contains many many huge repositories, i didn’t know which repositories/source-codes should i look at.
So i just want to understand how does greenbone does this task and which dataset it is using that gives the user the proper KB it needs based on the CVE? because it seems like a complex thing, considering that the KB number depends on the CVE? Does the database contain the proper KB for different windows builds?