github / advisory-databaseLinks
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
☆2,001Updated last week
Alternatives and similar repositories for advisory-database
Users that are interested in advisory-database are comparing it to the libraries listed below
Sorting:
- Open source vulnerability DB and triage service.☆1,995Updated this week
- Open Source Package Analysis☆846Updated 5 months ago
- Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023☆1,488Updated 4 months ago
- This repository is used for the development of the CVE JSON record format. Releases of the CVE JSON record format will also be published …☆354Updated last month
- Global Security Database☆316Updated last year
- GitHub App to set and enforce security policies☆1,359Updated 2 weeks ago
- Supply-chain Levels for Software Artifacts☆1,731Updated last week
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,168Updated last month
- Binaries for the CodeQL CLI☆883Updated last week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,409Updated last week
- Actions for running CodeQL analysis☆1,377Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,084Updated this week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆853Updated 2 years ago
- A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.☆1,570Updated 3 years ago
- Open Source Vulnerability schema.☆207Updated last week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆990Updated this week
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆8,763Updated this week
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆503Updated 10 months ago
- Resources related to GitHub Security Lab☆1,532Updated last month
- A repo to conduct vulnerability enrichment.☆685Updated this week
- Helping allocate resources to secure the critical open source projects we all depend on.☆371Updated 4 months ago
- The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnera…☆1,520Updated this week
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆835Updated 2 weeks ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆347Updated this week
- The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.☆1,902Updated this week
- Modern CLI for exploring vulnerability data with powerful search, filtering, and analysis capabilities.☆2,110Updated this week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆580Updated 6 months ago
- Trojan Source: Invisible Vulnerabilities☆1,270Updated 2 years ago
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆634Updated this week
- Starter workspace to use with the CodeQL extension for Visual Studio Code.☆548Updated last week