github / advisory-databaseLinks
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
☆2,134Updated this week
Alternatives and similar repositories for advisory-database
Users that are interested in advisory-database are comparing it to the libraries listed below
Sorting:
- Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023☆1,492Updated 8 months ago
- Open source vulnerability DB and triage service.☆2,468Updated this week
- Open Source Package Analysis☆863Updated 9 months ago
- This repository is used for the development of the CVE JSON record format. Releases of the CVE JSON record format will also be published …☆387Updated last week
- GitHub App to set and enforce security policies☆1,391Updated last week
- Binaries for the CodeQL CLI☆935Updated last week
- Actions for running CodeQL analysis☆1,471Updated this week
- Resources related to GitHub Security Lab☆1,578Updated 2 months ago
- A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.☆1,568Updated 3 years ago
- Global Security Database☆318Updated last year
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,070Updated this week
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,202Updated 2 weeks ago
- A community sourced list of log4j-affected software☆1,122Updated 3 years ago
- Starter workspace to use with the CodeQL extension for Visual Studio Code.☆569Updated this week
- An extension for Visual Studio Code that adds rich language support for CodeQL☆503Updated last week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆863Updated 2 years ago
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆9,191Updated last week
- Supply-chain Levels for Software Artifacts☆1,803Updated this week
- Trojan Source: Invisible Vulnerabilities☆1,276Updated 2 years ago
- CVE cache of the official CVE List in CVE JSON 5 format☆2,458Updated this week
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆960Updated last week
- This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.☆991Updated 2 weeks ago
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆955Updated this week
- LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Reque…☆1,463Updated last year
- Open Source Vulnerability schema.☆230Updated this week
- The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.☆1,972Updated this week
- Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)☆846Updated last year
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆8,416Updated this week
- Operational information regarding the log4shell vulnerabilities in the Log4j logging library.☆1,892Updated 3 years ago
- Vulnerability Intelligence Platform☆2,497Updated 2 weeks ago