Alternatives and similar repositories for vulndb

Users that are interested in vulndb are comparing it to the libraries listed below

• ossf / ossf-landscape
  ☆30Updated this week
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆22Updated 3 weeks ago
• anchore / grype-db
  ☆50Updated this week
• anchore / vunnel
  Tool for collecting vulnerability data from various sources (used to build the grype database)
  ☆99Updated this week
• interlynk-io / sbomgr
  SBOM Search - Context aware search in SBOM repositories
  ☆28Updated last week
• ossf / Project-Security-Metrics
  Collect, curate, and communicate relevant security metrics for open source projects.
  ☆63Updated last year
• aquasecurity / trivy-kubernetes
  Trivy kubernetes library
  ☆37Updated last week
• spdx / spdx-to-osv
  Produce an Open Source Vulnerability JSON file based on information in an SPDX document
  ☆64Updated last year
• ossf / toolbelt
  ☆21Updated last month
• anchore / chronicle
  a fast changelog generator sourced from PRs and Issues
  ☆62Updated this week
• sonatype-nexus-community / ahab
  ahab is a tool to check for vulnerabilities in your apt, apk, or yum powered operating systems, powered by Sonatype OSS Index.
  ☆68Updated last year
• CycloneDX / cyclonedx-web-tool
  A web based tool for working with CycloneDX BOMs
  ☆38Updated this week
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆67Updated last month
• ossf / security-insights
  Machine-readable specification for the attestation of security-relevant data.
  ☆59Updated 2 weeks ago
• scanoss / sbom-workbench
  The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.
  ☆56Updated this week
• meta-fun / awesome-software-supply-chain-security
  Sharing software supply chain security open source projects
  ☆50Updated 2 years ago
• kubescape / github-action
  GitHub action to run Kubescape scans
  ☆20Updated 7 months ago
• RedHatGov / ocdb
  OpenControl Database
  ☆11Updated 2 years ago
• praetorian-inc / snowcat
  a tool to audit the istio service mesh
  ☆173Updated 3 years ago
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated last year
• google / container-explorer
  ☆89Updated last month
• elastisys / security-review
  ☆16Updated 2 years ago
• sysdiglabs / terraform-provider-sysdig
  Sysdig Terraform provider. Allow to handle Sysdig Secure policies as code.
  ☆52Updated this week
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆204Updated this week
• cloud-gov / caulking
  Prevent leaks with gitleaks, and use tests to validate
  ☆32Updated last month
• aquasecurity / cfsec
  Static analysis for CloudFormation templates to identify common misconfiguration
  ☆57Updated 3 years ago
• defenseunicorns / go-oscal
  Repository for the generation of OSCAL data types
  ☆24Updated 2 weeks ago
• philips-software / SPDXMerge
  SPDX Merge tool
  ☆45Updated 2 months ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆79Updated 7 months ago
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated last month