Browse CVEs by vendor, product and sector
The big cleanup that turned messy affected-data into clean, browsable hubs
Raw vulnerability data is a mess. The same vendor shows up spelled five different ways. A single product is scattered across dozens of near-duplicate version strings. Ask a simple question — "show me everything affecting this product" — and the data fights you. So we did the unglamorous work: we cleaned it up across the whole catalogue. Here's what changed, and what you can now do with it.
What was wrong
Every CVE carries a list of affected entries — vendor, product, version. Those come straight from advisories, and advisories don't agree with each other:
- Vendors spelled many ways —
Microsoft,Microsoft Corp.,microsoft_corporationare all the same company, but counted as three. - Products fragmented by version —
Windows 10,Windows 10 21H2,Windows 10 22H2are forty rows where you wanted one product. - No way to slice by what you run — you couldn't reliably ask "all the CVEs touching this product family" or "how exposed is my industry," because the names didn't line up.
What we did
We built a deterministic normalizer that maps every raw (vendor, product) string to a canonical vendor and product — collapsing the version twins into one product family — and tags it with an industry sector. Then we ran it across the entire catalogue. No guesswork at read time: the cleanup is baked into the data, so browsing and filtering are fast and consistent.
From raw advisory data to browsable hubs
- Raw affected entries — Vendor / product / version, as advisories wrote them
- Normalize — Canonical vendor + product, version twins collapsed
- Tag a sector — Map the product to an industry
- Hubs, filters and search — /vendors · /products · /sectors · product filter
What you can do now
- Vendor hubs — head to /vendors to see vulnerabilities grouped by the company behind the product, names finally deduplicated.
- Product hubs — /products collects CVEs by product family, so one page covers a product instead of forty version rows.
- Sector view — /sectors rolls everything up into 15 industry sectors: see how exposure distributes across healthcare, networking, industrial and the rest.
- Filter by product family — once you're signed in, the CVE list lets you narrow the whole catalogue to a single product family in a click.
Try it
Start from your stack: open a product hub for something you run, or zoom out to your industry sector to see the bigger picture.
Spot a vendor or product we've mislabelled? Tell us — the normalizer improves every time someone flags an edge case.