github / advisory-databaseLinks
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
☆1,902Updated this week
Alternatives and similar repositories for advisory-database
Users that are interested in advisory-database are comparing it to the libraries listed below
Sorting:
- Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023☆1,480Updated 3 weeks ago
- Open source vulnerability DB and triage service.☆1,902Updated this week
- Binaries for the CodeQL CLI☆830Updated 2 weeks ago
- Actions for running CodeQL analysis☆1,285Updated this week
- This repository is used for the development of the CVE JSON record format. Releases of the CVE JSON record format will also be published …☆325Updated last month
- Open Source Package Analysis☆833Updated 2 months ago
- CVE cache of the official CVE List in CVE JSON 5 format☆2,101Updated this week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,373Updated this week
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,125Updated last week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆7,487Updated this week
- Navigate the CVE jungle with ease.☆2,029Updated last week
- Resources related to GitHub Security Lab☆1,492Updated last month
- Supply-chain Levels for Software Artifacts☆1,676Updated this week
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆8,437Updated this week
- GitHub App to set and enforce security policies☆1,335Updated 2 weeks ago
- OpenSSF Scorecard - Security health metrics for Open Source☆4,940Updated this week
- A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.☆1,568Updated 2 years ago
- Global Security Database☆319Updated last year
- An extension for Visual Studio Code that adds rich language support for CodeQL☆458Updated last week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆929Updated this week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆844Updated last year
- RedEye is a visual analytic tool supporting Red & Blue Team operations☆2,723Updated last year
- The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.☆1,816Updated last week
- Resources for the deps.dev API☆325Updated last week
- Open-source CVE monitoring and alerting platform☆2,036Updated last month
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆492Updated 6 months ago
- Open Source Vulnerability schema.☆202Updated 3 weeks ago
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,108Updated last week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆717Updated this week
- NVD, Ubuntu, Alpine☆433Updated this week