Tools compared: CVE vulnerability database

Finding the right tool can be difficult. This sheet compares cve-search and vFeed.

cve-searchvFeed
Description

cve-search is a security tool to import CVE and CPE data and enable it to be searched. It can be used to detect vulnerabilities on the system.

vFeed is a set of tools around correlated vulnerability and threat intelligence. It provides a database, API, and supporting tools to store vulnerability data.

Tool details

vFeed consists of a database and utilities to store vulnerability data. It uses third-party references and data, which then can be used to see if a software component has a known vulnerability. The data itself is enriched by cross-checking it and store additional details about the vulnerabilities.

The vFeed tooling has an API available with JSON output. It can be used by security researchers and practitioners to validate vulnerabilities and retrieve all available details.

Dependenciesclick, Flask, flask-login, flask-pymongo, irc, itsdangerous, jinja2, lxml, passlib, pymongo, python-dateutil, pytz, Redis, requests, six, sleekxmpp, tornado, Werkzeug, whoosh, xlrd
StrenghtsMore than 10 contributors, More than 500 GitHub stars, The source code of this software is availableCommercial support available, The source code of this software is available
Weaknesses
Programming language(s)PythonPython
Last release

2.1 (2016-06-14)

0.7.2 (2017-06-16)

Tool page (last updated)

2017-09-17

2017-09-24

Tool score
74
100
DownloadProject websiteDownload
More informationcve-search reviewvFeed review