Tools compared: CVE vulnerability database
Finding the right tool can be difficult. This sheet compares cve-search and vFeed.
cve-search is a security tool to import CVE and CPE data and enable it to be searched. It can be used to detect vulnerabilities on the system.
vFeed is a set of tools around correlated vulnerability and threat intelligence. It provides a database, API, and supporting tools to store vulnerability data.
vFeed consists of a database and utilities to store vulnerability data. It uses third-party references and data, which then can be used to see if a software component has a known vulnerability. The data itself is enriched by cross-checking it and store additional details about the vulnerabilities.
The vFeed tooling has an API available with JSON output. It can be used by security researchers and practitioners to validate vulnerabilities and retrieve all available details.
|Dependencies||click, Flask, flask-login, flask-pymongo, irc, itsdangerous, jinja2, lxml, passlib, pymongo, python-dateutil, pytz, Redis, requests, six, sleekxmpp, tornado, Werkzeug, whoosh, xlrd|
|Strenghts||More than 10 contributors, More than 500 GitHub stars, The source code of this software is available||Commercial support available, The source code of this software is available|
|Tool page (last updated)|
|More information||cve-search review||vFeed review|