Cybairsecurity
VulnAirabilityDb โ€” Aviation CVE Intelligence

The vulnerability intelligence no public database will ever contain.

ARINC protocols, avionics buses, and flight-critical communication stacks have a unique threat surface. NVD was not built for them. VulnAirabilityDb was.

Get in Touch
๐Ÿ”’On-Premise Only โ€” Air-Gap Compatible

Critical infrastructure organisations cannot afford to have their threat intelligence pipelines touch external networks. VulnAirabilityDb was designed from day one for closed, air-gapped environments.

Intelligence updates are delivered as signed, verified offline packages โ€” compatible with your existing air-gap transfer procedures. No subscriptions calling home. No telemetry. No exceptions.

Database Entries

Aviation-Only CVEs

Deployment

On-Premise / Air-Gap

Format

DO-326A Structured

Update Method

Offline Packages

Covered Protocols

ARINC 429ARINC 664 (AFDX)MIL-STD-1553ARINC 825 (CAN)ARINC 717ACARSADS-BFMS InternalsAvionics OSIMA Platforms
  • โ€”Aviation-exclusive CVE entries not in NVD or MITRE
  • โ€”ARINC 429, ARINC 664 (AFDX), MIL-STD-1553 coverage
  • โ€”Air-gapped deployment compatible
  • โ€”Structured for DO-326A threat condition mapping
  • โ€”Signed offline intelligence update packages

Sample Entry โ€” VulnAirabilityDb

CVE ID

AVDB-2024-0312

Protocol

ARINC 664 Part 7 (AFDX)

Category

VL Spoofing / Frame Injection

CVSS-A Score

8.7 / CRITICAL

Description

An attacker with physical access to an AFDX network segment can inject frames with spoofed Virtual Link identifiers, bypassing BAG enforcement and causing deterministic bandwidth starvation in safety-critical avionics functions.

DO-326A Mapping

SO-AFDX-007 โ†’ TC-INTEGRITY-HIGH

NVD: not indexed ยท MITRE: not indexed ยท Public match: 0
Get in TouchSee CompliAir โ†’