github / advisory-databaseLinks
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
☆2,061Updated this week
Alternatives and similar repositories for advisory-database
Users that are interested in advisory-database are comparing it to the libraries listed below
Sorting:
- Open source vulnerability DB and triage service.☆2,405Updated this week
- Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023☆1,491Updated 6 months ago
- Open Source Package Analysis☆857Updated 7 months ago
- Binaries for the CodeQL CLI☆915Updated last week
- Actions for running CodeQL analysis☆1,431Updated last week
- GitHub App to set and enforce security policies☆1,378Updated last week
- This repository is used for the development of the CVE JSON record format. Releases of the CVE JSON record format will also be published …☆374Updated last month
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆9,009Updated this week
- Global Security Database☆315Updated last year
- An extension for Visual Studio Code that adds rich language support for CodeQL☆488Updated this week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,036Updated this week
- Resources related to GitHub Security Lab☆1,558Updated last week
- Supply-chain Levels for Software Artifacts☆1,770Updated 2 weeks ago
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,420Updated last week
- Starter workspace to use with the CodeQL extension for Visual Studio Code.☆560Updated last week
- Vulnerability Intelligence Platform☆2,340Updated this week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆856Updated 2 years ago
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆872Updated this week
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,184Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆422Updated this week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆8,127Updated last week
- A repo to conduct vulnerability enrichment.☆702Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,178Updated this week
- The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnera…☆1,564Updated last week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆449Updated this week
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆512Updated last week
- Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.☆2,185Updated 3 weeks ago
- CVE cache of the official CVE List in CVE JSON 5 format☆2,354Updated this week
- OWASP Foundation main site repository☆615Updated this week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆924Updated this week