opencve VS cvelistV5

Compare opencve vs cvelistV5 and see what are their differences.

opencve

CVE Alerting Platform (by opencve)
Cve Security Vulnerabilities security-tools Nvd Python
Source Code
opencve.io
Suggest alternative
Edit details

cvelistV5

CVE cache of the official CVE List in CVE JSON 5 format (by CVEProject)
Suggest topics
Source Code
Suggest alternative
Edit details
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
opencve cvelistV5
21 5
1,641 502
2.8% 18.3%
4.1 4.8
2 days ago 3 days ago
Python
GNU General Public License v3.0 or later -
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

opencve

Posts with mentions or reviews of opencve. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-12-07.

cvelistV5

Posts with mentions or reviews of cvelistV5. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-08-24.
  • Maccarone: AI-managed code blocks in Python
    2 projects | news.ycombinator.com | 24 Aug 2023
    We, as an industry, didn't stop shipping bugs. (Small example: https://github.com/CVEProject/cvelistV5/releases)

    And that thorough code review prevents bugs is, at best, a debatable assertion. See e.g. https://www.microsoft.com/en-us/research/publication/code-re...

    It finds _some_ bugs. CI/CD, and a massive investment in automated testing has probably had the largest impact in moving software quality forward. (See e.g. "Accelerate", Forsgren, Humble & Kim)

    Code review is an excellent tool to socialize knowledge and train up more junior engineers, but in terms of preventing bugs, it's low-value.

  • "Mirror" of the soon to be deprecated NIST NVD CVE Feeds
    4 projects | /r/netsec | 22 May 2023
    There seems to be new repository in a new JSON format: https://github.com/CVEProject/cvelistV5
  • Please don't use GPT for Security Guidance
    1 project | news.ycombinator.com | 6 Apr 2023
    Meanwhile, over here, I just stare at https://github.com/CVEProject/cvelistV5 and mumble "any reasonable dev, front of mind".
  • On the uselessness of MITRE's CVE List
    1 project | /r/cybersecurity | 29 Apr 2022
    The issues I filed in the cvelistV5 repo are also unanswered, so I guess nobody gives a damn.
  • Rage about CVE dataset quality(?)
    6 projects | /r/cybersecurity | 17 Apr 2022
    118955 entries don't even have an affected vendor/product software field, and neither with a valid version string and/or condition. They only contain plaintext descriptions and no version matching field either. Filed an issue here about it.

What are some alternatives?

When comparing opencve and cvelistV5 you can also consider the following projects:

grype - A vulnerability scanner for container images and filesystems

maccarone - AI-managed code blocks in Python ⏪⏩

vulnix - Vulnerability (CVE) scanner for Nix/NixOS.

Loki - Loki - Simple IOC and YARA Scanner

vulnmine - Vulnmine searches for vulnerable hosts using MS SCCM host / software inventory data with NIST NVD Vulnerability feed data.

cve-schema - This repository is used for the development of the CVE JSON record format. Releases of the CVE JSON record format will also be published here. This repository is managed by the CVE Quality Working Group.

CVE-2021-37740 - PoC for DoS vulnerability CVE-2021-37740 in firmware v3.0.3 of SCN-IP100.03 and SCN-IP000.03 by MDT. The bug has been fixed in firmware v3.0.4.

gsd-tools - Global Security Database Tools

openvas-scanner - This repository contains the scanner component for Greenbone Community Edition.

cvelist - Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023

DependencyCheck - OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

vulnerablecode - A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

opencve vs grype cvelistV5 vs maccarone opencve vs vulnix cvelistV5 vs Loki opencve vs vulnmine cvelistV5 vs cve-schema opencve vs CVE-2021-37740 cvelistV5 vs gsd-tools opencve vs openvas-scanner cvelistV5 vs cvelist opencve vs DependencyCheck opencve vs vulnerablecode