nvd

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

CVE Alerting Platform

Integrates Dependency-Check reports into SonarQube

A set of tools to work with the feeds (vulnerabilities, CPE dictionary etc.) distributed by National Vulnerability Database (NVD)

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Original Automated CVE Checking Tool

A simple Java command-line utility to mirror the CVE JSON data from NIST.

vulnerability database spider 爬取NVD、CNVD、CNNVD等漏洞数据库

Red Hat Dependency Analytics extension

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

Simple REST-style web service for the CVE searching

Vulnogram is a tool for creating and editing CVE information in CVE JSON format

IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.

Want to test your applications using the latest OWASP security toolchains and the NIST National Vulnerability Database using Jenkins, Ansible and docker? 🐳 🛡️ 🔒

Vulnerability database and package search for sources such as OSV, NVD, GitHub and npm.

A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIST

A Java library for calculating CVSSv2 and CVSSv3 scores and vectors

【Lazy Artifact】A graphical tool that collects urls in batches, and performs various nday detections on the collected urls in batches. It can be used for src mining, cnvd mining, 0day exploitation, building your own arsenal and other scenarios.

AutoVAS is an automated vulnerability analysis system with a deep learning approach.

☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV); tools to automatically update the data are provided.