AppThreat / vulnerability-db
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.
☆96Updated this week
Related projects ⓘ
Alternatives and complementary repositories for vulnerability-db
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆141Updated 7 months ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆139Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆247Updated this week
- A community collection of security reviews of open source software components.☆92Updated 8 months ago
- A comprehensive list of software composition analysis tools.☆123Updated 5 months ago
- Manager of third-party sources of Semgrep rules 🗂☆76Updated 3 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆125Updated 9 months ago
- Tool to guess CPE name based on common software name☆76Updated 6 months ago
- Sharing software supply chain security open source projects☆39Updated last year
- Atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆49Updated last month
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆86Updated 9 months ago
- Dependency Combobulator☆88Updated 9 months ago
- A source code static analysis platform for AppSec enthusiasts.☆203Updated last month
- Open Source Vulnerability schema.☆184Updated this week
- Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endo…☆112Updated this week
- OSS-Fuzz vulnerabilities for OSV.☆132Updated this week
- ☆173Updated 3 weeks ago
- FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)☆39Updated 2 months ago
- ☆109Updated last year
- Vulnogram is a tool for creating and editing CVE information in CVE JSON format☆161Updated last week
- OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.☆16Updated this week
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆55Updated 2 months ago
- A Python library and command line interface for CVE Services.☆58Updated last week
- VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…☆59Updated last week
- Fast, simple library in Go to fetch CVEs from the National Vulnerability Database feeds☆25Updated last year
- Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code securi…☆73Updated 2 months ago
- Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks☆57Updated 2 years ago
- Static Token And Credential Scanner☆95Updated last year
- ☆45Updated this week
- CVSS v4.0 calculator☆24Updated 2 months ago