future-architect/
Vulnerability scanner for Linux/FreeBSD, agentless, written in Go
USD raised
Recent activities
Target OS is SLES variant, so vuls tui failed to fill OVAL information as vuls can't get the os
Support Ubuntu 20.04
ssh from yubikey or similar
support metasploit data (go-exploitdb)
Rejected CVEs are detected
FreeBSD `pkg audit` command needs Internet connection
Need to be able to specify containers when doing reports
Support for FreeBSD jails
Display CERT information to slack notification
Show release dates of the patched packages?
Enable to define scanMode for each container in config.toml
Add Discord reporter
Scan Container Images
OpenSUSE Support
NotFixedYet status on vuls IHM
suspicious append call without element argument
Detect `need-restarting procs` on SUSE
Config.toml no such file or directory in docker
results json displays "rbenv not found"
CVE-2018-14634 Mutagen Astronomy not in vuls report
Centos not supported?
Support go-exploitdb in servermode and slack notification
"merge" json files in current folder
Requesting examples in documentation for Github security alerts and vuls
End of support for Debian 7 wheezy
vuls report failed: too many SQL variable
VulsRepo is giving different number of vulnerabilities than normal report we get
OVAL entries of ubuntu 19.04 are not found. Fetch OVAL before reporting.
Library Vulns Scan doesn't output affectedPackages and confidences attributes.
Inventory notification
Syntaxe error on awk during ps command on container
Unsupport family: centos
Compilation error
Is new the license AGPL-3.0?
Vuls failed to scan updatable packages
limit the number of parallel scans ?
Docker ssh problem
vuls report giving incorrect package version and give cve related to it.
Failed to fill with OVAL:- OVAL entries of ubuntu 17.10 are not found.
Vuls does not find database file
report -diff does not work for multihost sacn results
Add metasploit information to the report
Deploy failed with checksum mismatch error on go version 1.12
Not able to point this db cache location in a flag
Support Debian 10 buster
Support CentOS 8
Installation error
Failed to scan WordPress's poor theme/plugin
Failed to detect OS
Cannot import scan results in elasticsearch
False negatives by Vuls
Vuls reporting vulnerability when it is not affecting that particular OS distributions
Results with "to-http" option is not working
ReportedAt is not written json report that is stored with one-liner scan
Uses obselete/deprecated library "github.com/hashicorp/uuid"
Support CVSS:3.1 for Red Hat OVAL
coreOS is not in Supported OS
vuls docker image can't detect localhost os. (Specify OS in config file?)
Support latest Dependency Check
Support image digest
Update Alpine version in the image.
Add support for `-result-dir` to be a S3 bucket and path for server and scan.
Add vuls site to Wiki
panic: runtime error: invalid memory address or nil pointer dereference
report -to-email smtp not support sslďź
CentOS8 configtest always failed
Panic if no permissions in log directory
docker containers on the local server
Show `fixed` instead of `unknown` for OVAL scan in report
Unsupport(Disable) Conrainer Image Scanning
The OVAL name of the running kernel image is not found
Deep Scan failed when scanned docker container's initial command is not like systemd
Include CWE detailed information in report
Kali-rolling not supported
support kali linux
Support Gentoo Linux
CVE report in Chinese
CVE report in Spanish
Enable to scan specific docker container
Feature request: Sort report by CVE
arch linux support
Vuls not reporting any vulns for FreeBSD
Export Report to XML failing
[Apr 9 01:21:57] ERROR [localhost] Failed to init servers. err: No scannable base servers:
FixedIn version should be integrated to VulsRepo webserver
vuls/vuls:latest (>=0.9.2 db9efcc67b00) : json payload changed in response - notFixedYet field becomes optional
Vuls server not working with empty config anymore
ERRO[0000]
wrong version comparison on alpine packages
looking for composer.json instead of composer.lock
Support to Fedora
Would you consider support for nginx
CVE not detected but present in database
support SUSE distributions
Ubuntu 20 report failing with lastest updates.
When using "Easiest way to setup Vuls-Vulsctl", vuls scan fails.
I want "ProxyJump" to be supported in "config.toml".
Scan results for non-OS packages are incorrect
Scan only specific moving containers
output config.json by discover command
Unable to connect via SSH. Scan with -vvv option to print SSH debugging messages and check SSH settings
libraries section is wrong
Raspbian Pi OS scanning using OVAL DB
Display End-of-life(EOL) information of the scanned OS
Display translated vulnerability summary using Deepl or something like that
CPE update failed
Supporting EC2 Instance Connect
Why the web site is offline ? https://vuls.io/ i
Is there a way to create report in csv format?
vuls report can't send mail to smtp.office365.com
vuls report failed with "Failed to fill with OVAL".
The scan results are incorrect
How can I craft a scan results to generate a report?
Filter Results
CPE report is not working
Duplicate servers in the config have different results.
Display translated vulnerrability summary using Deepl library
Is it possible to scan lock files with pseudo type server
Is there a way to talk to vuls report via API?
alpine sec db deprecated
FreeBSD : Package Not Found
Can ignore APK warning message?
Failed to fetch redhat vulnerability DB
vuls-beats
Vuls in server not outputing the same JSON as local scan
Library Scan Grep Pattern Is Not Exhaustive and Leads to Confusing Errors
Version Mismatches as Version is Hard-Coded and Not Updated
Support One liner scan for Oracle Linux
ssh-key with passphrase not working
Can Vuls be used on a Linux without package manager?
failed to -format-xml option
CVE-2018-5710 exists in vuls report on ubuntu 18.04 LTS bionic with patched packages krb5
Update "WordPress Vulnerability Database" URL
`make install` has failed
invalid escape character
vuls report stop at malformed wordpress plugins/themes...
I'd like to organize the result directory for the tenant.
WARN [localhost] The OVAL name of the running kernel image {Release:3.19.0-25-generic Version: RebootRequired:false} is not found. So vulns of `linux` wll be detected. server: ubuntu
The documentation is inaccurate about Fetch OVAL(redhat)
The document about Fetch OVAL redhat version need add version8
Release v0.15.0 ???
Scan returns 0 packages installed
Failed to check EOL
Failed to execute tui with "panic: runtime error"
"cvss2Severity" and "cvss3Severity" in "redhat" are output in reverse
Old fixed CVE vulnerabilities reported in Centos7.x while running vuls docker
CVE-2020-12762 on ubuntu 20.04: when libjson-c-dev is patched (version 0.13.1+dfsg-7ubuntu0.3), cve continues to be returned by vuls with severity 0
False positive CVE vulnerability (one-liner submission)
Remove -ssh-native-insecure from scan subcommand
I got a error output as the description when running the scan.sh
jvndb cannot be updated normally from 2021/02/26
Avoiding block during scanning
Vuls in server mode: the package order in POST request has an effect on vuls CVE report content
trivy-to-vuls doesn't support latest trivy results
Unsupported protocol scheme at http reports
Vuls having trouble to detect kernel version
gost sqlite connections not closing, causing OOM
TLS InsecureSkipVerify option
Can't report Ubuntu 21.04
Vuls Report not Including Critical values in Total amount of vulnerabilities
Support JAR/WAR/EAR files â
Support Go binaries đŚ
FreeBSD 13.0 EOL
Ubuntu 20.10 End of Life on July 22 2021
reporting to Google Chat
Gost driver w/ SQLite opens file descriptor, fails to close it
OVAL entries of centos 7.9.2009 are not found
DockerHub Automated Builds not working
too many SQL variables
Support works WPScan on Sakura's Rental Server
Empty CVE list
Error in cve_client.go
VulsIO server mode seems broken since 0.18 upgrade.
Create SECURITY.md
Debian (and likely, ubuntu) oval do not seem to be parsed correctly for "patch" entries
Support Amazon linux 22
ssh-key with passphrase not working in vulsctl docker env
Too hard to install
Can I use vuls to see if a server has CVE-2021-44228 â Log4j
linux packages searched when ospkg is not specified in scanModule
Update license to Apache 2.0?
ERROR: syntax error at or near \".\" (SQLSTATE 42601)
Getting error while fetching nvdcve jsons during installation.
Failed to check EOL for alpine linux
What is the utility of the X-Vuls-Kernel-Version header when debian?
configtest and scan Failed
vuls fails to detect OS on CentOS Stream 8 host
detector.goCveDictClient.fetchCveDetails errors out with too many SQL variables;
can vuls find jar files in the filesystem when using `lockfile` module
parse error with redis kevuln
Product bugs encountered during scanning
github.com/boltdb/bolt switch to github.com/etcd-io/bbolt?
vuls report -to-localfile not writing
Vuls/VulsRepo reporting vulnerabilities that are not on the machine
'vuls tui' and 'vuls report' output different vulnerabilities
Scan only software and libraries
Fast scan always failed on RedHat8
Failed to NewDB. Since SchemaVersion is incompatible, delete Database and fetch again
Failed to validate database path when reporting using docker
Unable to upgrade vuls
NVD will retire its legacy data feeds by September 2023
Ubuntu kernel detection
Email summary doesn't include criticals
Required go versin in Install Manually
Reporting multiple hosts results with ignore options to telegram doesn't work
Scan says 0 packages with CVE, OVAL says 261
Question: Difference between redhat and redhat_api
Support to upload report to custom S3 (minio)
[vulsctl on host] no cve results on debian 9
List of CVEs to ignore
Failed to configtest and scan
symlink - current
False Positive in Packages in ubuntu after moving to gost instead of oval
amazon linux 2022 is identified as amazon linux 2
reporting error fixedIn for amazon linux 2023
vuls scan -cvss-over does not work
Support for Grafana or Kibana
too long for Unix domain socket (SSH ControlPath)
Skip OVAL and Scan with gost alone
goval-dictionary : Failed to fetch redhat 8
`future-vuls upload` command doesn't have `--upload` flag in v0.23.4
Vulsctl - Quickest Vuls setup
Skip OVAL and Scan with gost alone & False Positive in ubuntu 20.04
Errors when running a scan of a Windows machine from a Linux machine
Error on make install
Package for debian 12
FreeBSD 14 scanning target support?
vuls in server mode with sqlite3 DBs (nvd + goval), no CVE in report from an http request with curl: "Skip OVAL and Scan with gost alone." ": 0 CVEs are detected with OVAL" ": 0 CVEs are detected with gost" ": total 0 CVEs detected"
Having redhat section when scanning ubuntu vm
Question: Heatmap Category Count
Windows not shown in supported OS list
Support for Fedora is not working
Remote scan from Linux to Windows fails
Results of the scan & report seem odd
Issue in trivy to vuls convertor
Error on json report : err: json: cannot unmarshal object into Go struct field Nvd.Cvss2 of type
A lot of bugs are there
severity is different for each scan on debian
failed to get modularitylabel on RedHat
Enhanced kernel package check with multiple versions installed
The enhancement of the amount of cveContents information included in trivy-to-vuls
Difference in cve contents between vuls report and trivy-to-vuls
Support for alpine is not actually in place despite the OS being listed as supported
Multiple versions are detected in some packages on Debian-based distributions
vuls report fails when openSUSE Leap 15.6 host is added to config
openSUSE Leap 15.6: zypper -q lu Unknown format
The Ubuntu OVAL link in the README is dead
Known Host Error does not properly explain issues
Remove replace directive in go.mod for open-policy-agent/opa
Is there a way to scan Ubuntu machines with OVAL
Unable to scan and get the report for Oracle Linux server
Š 2019 BoostIO, Inc.
IssueHunt
