github / advisory-database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
☆1,741Updated this week
Related projects ⓘ
Alternatives and complementary repositories for advisory-database
- Open source vulnerability DB and triage service.☆1,540Updated this week
- Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023☆1,349Updated this week
- Binaries for the CodeQL CLI☆750Updated 2 weeks ago
- Open Source Package Analysis☆733Updated 2 weeks ago
- Global Security Database☆309Updated 6 months ago
- CVE cache of the official CVE List in CVE JSON 5 format☆793Updated this week
- This repository is used for the development of the CVE JSON record format. Releases of the CVE JSON record format will also be published …☆258Updated 3 weeks ago
- Semgrep rules registry☆809Updated this week
- Actions for running CodeQL analysis☆1,165Updated this week
- GitHub App to set and enforce security policies☆1,256Updated this week
- Resources related to GitHub Security Lab☆1,415Updated 3 months ago
- An extension for Visual Studio Code that adds rich language support for CodeQL☆427Updated this week
- Starter workspace to use with the CodeQL extension for Visual Studio Code.☆497Updated 2 weeks ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆808Updated last year
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,290Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆4,604Updated this week
- LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Reque…☆1,440Updated 6 months ago
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆458Updated 3 weeks ago
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆6,259Updated this week
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆7,709Updated this week
- Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan☆818Updated this week
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,019Updated this week
- Supply-chain Levels for Software Artifacts☆1,555Updated this week
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆365Updated this week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆6,263Updated this week
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆694Updated last week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆515Updated this week
- Automating situational awareness for cloud penetration tests.☆1,955Updated last month
- The CodeQL extractor and libraries for Go.☆465Updated last year
- Navigate the CVE jungle with ease.☆1,770Updated this week