Merge pull request cve-search#895 from dbarzin/patch-1

timb-machine-mirrors · Jun 15, 2022 · fed54ae · fed54ae
2 parents b99da1a + 80cc0fd
commit fed54ae
Showing 1 changed file with 33 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -33,6 +33,39 @@ Check the [documentation](https://cve-search.github.io/cve-search/) to get you s
 Usage
 -----
 
+``` 
+usage: search.py [-h] [-q Q] [-p P [P ...]] [--only-if-vulnerable] [--strict_vendor_product] [--lax] [-f F] [-c C] [-o O]
+                 [-l] [-n] [-r] [-a] [-v V] [-s S] [-t T] [-i I]
+
+Search for vulnerabilities in the National Vulnerability DB. Data from http://nvd.nist.org.
+
+options:
+  -h, --help            show this help message and exit
+  -q Q                  Q = search pip requirements file for CVEs, e.g. dep/myreq.txt
+  -p P [P ...]          S = search one or more products, e.g. o:microsoft:windows_7 or o:cisco:ios:12.1 or
+                        o:microsoft:windows_7 o:cisco:ios:12.1. Add --only-if-vulnerable if only vulnerabilities that
+                        directly affect the product are wanted.
+  --only-if-vulnerable  With this option, "-p" will only return vulnerabilities directly assigned to the product. I.e. it
+                        will not consider "windows_7" if it is only mentioned as affected OS in an adobe:reader
+                        vulnerability.
+  --strict_vendor_product
+                        With this option, a strict vendor product search is executed. The values in "-p" should be formatted
+                        as vendor:product, e.g. microsoft:windows_7
+  --lax                 Strict search for software version is disabled. Note that this option only support product
+                        description with numerical values only (of the form cisco:ios:1.2.3)
+  -f F                  F = free text search in vulnerability summary
+  -c C                  search one or more CVE-ID
+  -o O                  O = output format [csv|html|json|xml|cveid]
+  -l                    sort in descending mode
+  -n                    lookup complete cpe (Common Platform Enumeration) name for vulnerable configuration
+  -r                    lookup ranking of vulnerable configuration
+  -a                    Lookup CAPEC for related CWE weaknesses
+  -v V                  vendor name to lookup in reference URLs
+  -s S                  search in summary text
+  -t T                  search in last n day
+  -i I                  Limit output to n elements (default: unlimited)
+```
+
 You can search the database using search.py
 
     ./bin/search.py -p cisco:ios:12.4