future-architect/
Vulnerability scanner for Linux/FreeBSD, agentless, written in Go
USD raised
Recent activities
Unable to scan and get the report for Oracle Linux server
False Positives in SUSE 12 SP3 Teradata kernels
Collection of licenses of installed packages
[Feature] Support for flatpak and snap
False Positives in Redhat 8.6 EUS
failed to collect modularitylabel
Support for Gentoo Linux
false positive redhat unpatched vulnerability
How is server/json mode expected to work for windows ?
no information in "title" field for vuls scan on ubuntu vm
How to remove password from the logs ?
"Operation not permitted" error while scanning installed packages in MacOS
CVE-2022-3602 false positive on openssl 3.0.9-1
Performance issue
reporting error fixedIn for amazon linux 2023
amazon linux 2022 is identified as amazon linux 2
symlink - current
request: more BOM sources and general CVE scans
Does Vuls match oval and 3rd party repositories?
Add total summary line at the start/end One Line Summary
Sigma rules feed..
NVD will retire its legacy data feeds by September 2023
vuls discover CIDR
Embed friendly license and commercials
Unable to upgrade vuls
Potentially bad TLS connection settings
Failed to NewDB. Since SchemaVersion is incompatible, delete Database and fetch again
Fast scan always failed on RedHat8
Vuls/VulsRepo reporting vulnerabilities that are not on the machine
vuls report -to-localfile not writing
"user" keyword not working in config.toml
Support for Kali based systems
detector.goCveDictClient.fetchCveDetails errors out with too many SQL variables;
Add trickest/cve as a data source for PoC
Failed to check EOL for alpine linux
Support for OSX using command line tools and curl
Add extra flags for external port scanner (nmap)
In WordPress, `vuls report -ignore-unfixed' can't report fixed pkgs .
Vuls vulnerability database upgrade stability and expansion
Support Amazon linux 22
Run command "vuls flags -v" cannot get vuls version
Scan fails for some of the hosts [dnf/yum errors] - result "Failed to scan"
Empty CVE list
Vuls in server mode since v0.15.14: json schema update ?
False positives, when OS version does not match
Package version detection from external repos
DockerHub Automated Builds not working
Add SBOM to binaries
ignore CVEs by pattern-matching in Summary field
server mode doesn't use `default` section ignoreCves/ignorePkgsRegexp
reporting to Google Chat
FreeBSD 13.0 EOL
Using Vuls with a package list
FP in curl CVE-2018-0500
FP CVE-2011-4862
Error in SSH command
Scan OpenWRT-based devices (opkg packages) for vulnerabilities
Add -format-one-http-message option
Unsupported protocol scheme at http reports
trivy-to-vuls doesn't support latest trivy results
jvndb cannot be updated normally from 2021/02/26
I got a error output as the description when running the scan.sh
Integrate with Ansible
Failed to execute tui with "panic: runtime error"
Mail is delivered to To, but mail to Cc is not delivered.
Vuls stop scanning on error with containers !
Scan returns 0 packages installed
Release v0.15.0 ???
The documentation is inaccurate about Fetch OVAL(redhat)
[Feature] Prestashop 1.7.x
security in docker : use an applicative user instead of root to run vuls server
freetaxii client
Impossible to scan a DEBIAN 8
Result as metrics to be able to push to Prometheus
It is not clear how current symlink / scannedAt is working
CPE report is not working
Absolute symlink for 'current' in 'results' dir is wrong while checking on docker host
'.vuls' directory as XDG_CACHE_HOME
CPE update failed
Library (non-OS) Scan Submitted to Vuls in Server Mode Misses Affected Packages
Vuls will have issue #1000 :-)
how to deploy vuls on kubernetes cluster?
scan Wordpress on moving containers
Support for ubuntu based distribs
vuls/vuls:latest (>0.9.2 db9efcc67b00) : json payload changed in response - notFixedYet field becomes optional
[Apr 9 01:21:57] ERROR [localhost] Failed to init servers. err: No scannable base servers:
Panic if no permissions in log directory
Allow printing out report from (curl) one-liner scan with vuls (without need of vulnerabilityDBs)
False negatives by Vuls
Show the public risk, exploit url and mitigation of detected CVEs in US-CERT
Show the skill level to exploit of detected CVEs
VULS in server mode, new issue about OVAL DB docker image which prevents to get json report
Unify reporting or add different reports for email
Specify VOLUME using json syntax
bug(report): Failed to report with CPEName: `cpe:/a:cisco:ios:15.2%282%29eb`
0 CVEs are detected with cve.sqlite3
Report flags to manage content (to-slack)
Fix/upgrade slack.go or pin nlopes/slack to 0.4.0
feat(scan): WordPress Vulnerability Scan (core, plugin, theme)
feat(report): CERT notification to slack
Doc request: add docs related to contributing code
Results current directory is a broken link
Need help: manually define what is missing in the pair of USCERT/PJCERT alert and CVE-ID
Make it easy to deploy to kubernetes
issue after the change in json format and keys
Common SIEM/Logging support.
Support email one-line format
New feature
pull request to add SLES variant OS SLES_SAP support
Enable to define cpeURIs for each container in config.toml
Enable to define ignoreCves for each container in config.toml
Š 2019 BoostIO, Inc.
IssueHunt
