Source Intelligence

ADQE-scored vulnerability source domains aggregated from NVD, advisory registries, GitHub exploits, and CISA KEV. Understand source reliability for CVE intelligence.

-
Total Domains
-
High Trust Sources
-
Total References
-
Avg ADQE Score

Source Domains

DOMAIN The root domain of the vulnerability source. Sources are aggregated from NVD references, advisory registries, GitHub exploits, and CISA KEV.
CATEGORY Source classification: Government (official), Vendor (PSIRT), Research (security firms), Exploit/PoC (proof-of-concept), News (media coverage), or Curated DB.
RELIABILITY Source reliability based on ADQE score: High (60-100), Medium (40-59), Low (0-39). Higher = more authoritative source.
REFERENCES Total number of CVE references from this domain across NVD, advisory registries, GitHub exploits, and CISA KEV catalog.
TRUST High Trust: Official vendor/government sources with verified accuracy. PoC: Sources that publish exploit code or proof-of-concept.
ACTIONS
Vote & Save
Loading source data...

Understanding Source Scoring & Trust Levels

ADQE Scoring System

Each source domain is scored 0-100 using the ADQE formula, which evaluates four key factors:

A - Authority 0-40
D - Disclosure Quality 0-25
Q - Data Quality 0-20
E - Exploitation Intel 0-15

Formula: ADQE = A + D + Q + E (max 100)

Reliability Levels

Sources are classified into reliability levels based on their ADQE score:

  • HIGH (60-100) - Government agencies, major vendors, verified CNAs, and established security firms
  • MEDIUM (40-59) - Research blogs, community sources, security news outlets
  • LOW (0-39) - Unverified sources, unknown domains, limited track record

Reliability is determined by ADQE scoring and may be adjusted by admin overrides.

Trust Levels

Sources are classified into trust levels based on their origin and verification status:

  • High Trust: Official vendor PSIRTs, government agencies (CISA, NIST), and verified CNAs. These sources are authoritative for their products.
  • PoC Source: Domains that publish proof-of-concept exploit code (e.g., GitHub, Exploit-DB). Valuable for exploitation intelligence.
  • Standard: General security research, news, and community sources.

Source Categories

Domains are categorized by their primary function:

  • Government: Official agencies (CISA, CERT, NCSC)
  • Vendor Advisory: Product security teams (Microsoft, Cisco, Oracle PSIRTs)
  • Curated DB: Vulnerability databases (NVD, VulnDB, OSV)
  • Research: Security firms and researchers
  • Exploit/PoC: Exploit repositories and PoC publishers
  • News/Media: Security news and publications
  • Telemetry: Threat intelligence feeds

Community Contributions

Registered users can help improve source intelligence:

  • Upvote/Downvote: Rate source reliability based on your experience. Provide reasons to help others understand your assessment.
  • Save Sources: Bookmark domains you frequently reference for quick access.
  • Suggest Domains: Propose new vulnerability sources for inclusion. Suggestions are reviewed by admins before being added.

Community votes influence visibility but don't directly change ADQE scores.

Data Aggregation

Reference counts are aggregated from multiple authoritative sources:

  • NVD: NIST National Vulnerability Database references
  • Advisory Registry: Phoenix curated advisory links
  • GitHub: Exploit and PoC repositories
  • CISA KEV: Known Exploited Vulnerabilities catalog

Data is refreshed daily during the build process.