Merge branch 'master' of https://github.com/future-architect/vuls

* 'master' of https://github.com/future-architect/vuls: Add Telegram support (#762)
Bump up version
2019-01-23 00:25:54 +09:00 · 2019-01-23 00:25:02 +09:00 · 2019-01-23 00:19:16 +09:00 · 2019-01-19 22:19:06 +09:00 · 2019-01-18 13:13:50 +09:00 · 2019-01-17 16:31:04 +09:00
164 changed files with 37813 additions and 9554 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,7 @@
+.dockerignore
+Dockerfile
+vendor/
+cve.sqlite3*
+oval.sqlite3*
+setup/
+img/
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -0,0 +1,38 @@
+
+# What did you do? (required. The issue will be **closed** when not provided.)
+
+
+# What did you expect to happen?
+
+
+# What happened instead?
+
+* Current Output
+
+Please re-run the command using ```-debug``` and provide the output below.
+
+# Steps to reproduce the behaviour
+
+
+# Configuration (**MUST** fill this out):
+
+* Go version (`go version`):
+
+* Go environment (`go env`):
+
+* Vuls environment:
+
+Hash : ____
+
+To check the commit hash of HEAD
+$ vuls -v
+
+or
+
+$ cd $GOPATH/src/github.com/future-architect/vuls 
+$ git rev-parse --short HEAD 
+
+* config.toml:
+
+* command:
+
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,40 @@
+
+If this Pull Request is work in progress, Add a prefix of “[WIP]” in the title.
+
+# What did you implement:
+
+Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. 
+
+Fixes # (issue)
+
+## Type of change
+
+Please delete options that are not relevant.
+
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] This change requires a documentation update
+
+# How Has This Been Tested?
+
+Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce.
+
+# Checklist:
+You don't have to satisfy all of the following.
+
+- [ ] Write tests
+- [ ] Write documentation
+- [ ] Check that there aren't other open pull requests for the same issue/feature
+- [ ] Format your source code by `make fmt`
+- [ ] Pass the test by `make test`
+- [ ] Provide verification config / commands
+- [ ] Enable "Allow edits from maintainers" for this PR
+- [ ] Update the messages below
+
+***Is this ready for review?:*** NO  
+
+# Reference
+
+* https://blog.github.com/2015-01-21-how-to-write-the-perfect-pull-request/
+
--- a/.gitignore
+++ b/.gitignore
@@ -2,7 +2,9 @@ vuls
 .vscode
 *.txt
 *.json
-*.sqlite3
+*.sqlite3*
+*.db
+tags
 .gitmodules
 coverage.out
 issues/
@@ -10,3 +12,4 @@ vendor/
 log/
 results/
 *config.toml
+!setup/docker/*
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -0,0 +1,24 @@
+project_name: vuls
+release:
+  github:
+    owner: future-architect
+    name: vuls
+builds:
+- goos:
+  - linux
+  goarch:
+  - amd64
+  main: .
+  ldflags: -s -w -X main.version={{.Version}} -X main.revision={{.Commit}}
+  binary: vuls
+archive:
+  format: tar.gz
+  name_template: '{{ .Binary }}_{{.Version}}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{
+    .Arm }}{{ end }}'
+  files:
+  - LICENSE
+  - NOTICE
+  - README*
+  - CHANGELOG.md
+snapshot:
+  name_template: SNAPSHOT-{{ .Commit }}
--- a/.travis.yml
+++ b/.travis.yml
@@ -0,0 +1,7 @@
+language: go
+
+go:
+  - "1.11.x"
+
+after_success:
+  - test -n "$TRAVIS_TAG" && curl -sL https://git.io/goreleaser | bash
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,350 @@
 # Change Log

+## v0.4.1 and later, see [GitHub release](https://github.com/future-architect/vuls/releases)
+
+## [v0.4.0](https://github.com/future-architect/vuls/tree/v0.4.0) (2017-08-25)
+[Full Changelog](https://github.com/future-architect/vuls/compare/v0.3.0...v0.4.0)
+
+**Implemented enhancements:**
+
+- Output changelog in report, TUI and JSON for RHEL [\#367](https://github.com/future-architect/vuls/issues/367)
+- Output changelog in report, TUI and JSON for Amazon Linux [\#366](https://github.com/future-architect/vuls/issues/366)
+- Improve scanning accuracy by checking package versions [\#256](https://github.com/future-architect/vuls/issues/256)
+- Improve SSH [\#415](https://github.com/future-architect/vuls/issues/415)
+- Enable to scan even if target server can not connect to the Internet [\#258](https://github.com/future-architect/vuls/issues/258)
+- SSH Hostkey check [\#417](https://github.com/future-architect/vuls/pull/417) ([kotakanbe](https://github.com/kotakanbe))
+- v0.4.0 [\#449](https://github.com/future-architect/vuls/pull/449) ([kotakanbe](https://github.com/kotakanbe))
+- Change default ssh method from go library to external command [\#416](https://github.com/future-architect/vuls/pull/416) ([kotakanbe](https://github.com/kotakanbe))
+- Add containers-only option to configtest [\#411](https://github.com/future-architect/vuls/pull/411) ([knqyf263](https://github.com/knqyf263))
+
+**Fixed bugs:**
+
+-  Running Vuls tui before vuls report does not show vulnerabilities checked by CPE [\#396](https://github.com/future-architect/vuls/issues/396)
+- With a long package name, Local shell mode \(stty dont' work\) [\#444](https://github.com/future-architect/vuls/issues/444)
+- Improve SSH [\#415](https://github.com/future-architect/vuls/issues/415)
+- Report that a vulnerability exists in the wrong package [\#408](https://github.com/future-architect/vuls/issues/408)
+- With a long package name, a parse error occurs. [\#391](https://github.com/future-architect/vuls/issues/391)
+- Ubuntu failed to scan vulnerable packages [\#205](https://github.com/future-architect/vuls/issues/205)
+- CVE-ID in changelog can't be picked up. [\#154](https://github.com/future-architect/vuls/issues/154)
+- v0.4.0 [\#449](https://github.com/future-architect/vuls/pull/449) ([kotakanbe](https://github.com/kotakanbe))
+- Fix SSH dial error [\#413](https://github.com/future-architect/vuls/pull/413) ([kotakanbe](https://github.com/kotakanbe))
+- Update deps, Change deps tool from glide to dep [\#412](https://github.com/future-architect/vuls/pull/412) ([kotakanbe](https://github.com/kotakanbe))
+- fix report option Loaded error-info [\#406](https://github.com/future-architect/vuls/pull/406) ([hogehogehugahuga](https://github.com/hogehogehugahuga))
+- Add --user root to docker exec command [\#389](https://github.com/future-architect/vuls/pull/389) ([PaulFurtado](https://github.com/PaulFurtado))
+
+**Closed issues:**
+
+- README.md.ja not include "Oracle Linux, FreeBSD"  [\#465](https://github.com/future-architect/vuls/issues/465)
+- Can't scan remote server - \(centos 7 - updated\) [\#451](https://github.com/future-architect/vuls/issues/451)
+- An abnormality in the result of vuls tui [\#439](https://github.com/future-architect/vuls/issues/439)
+- compile faild [\#436](https://github.com/future-architect/vuls/issues/436)
+- Can't install vuls on CentOS 7 [\#432](https://github.com/future-architect/vuls/issues/432)
+- Vuls scan doesn't show severity score in any of the vulnerable packages [\#430](https://github.com/future-architect/vuls/issues/430)
+- Load config failedtoml: cannot load TOML value of type string into a Go slice [\#429](https://github.com/future-architect/vuls/issues/429)
+- vuls scan not running check-update with sudo for Centos 7 [\#428](https://github.com/future-architect/vuls/issues/428)
+- options for configtest not being activated [\#422](https://github.com/future-architect/vuls/issues/422)
+- "could not find project Gopkg.toml, use dep init to initiate a manifest" when installing vuls [\#420](https://github.com/future-architect/vuls/issues/420)
+- go get not get  [\#407](https://github.com/future-architect/vuls/issues/407)
+- Failed to scan via docker. err: Unknown format [\#404](https://github.com/future-architect/vuls/issues/404)
+- Failed to scan - kernel-xxx is an installed security update [\#403](https://github.com/future-architect/vuls/issues/403)
+- 169.254.169.254 port 80: Connection refused [\#402](https://github.com/future-architect/vuls/issues/402)
+- vuls scan --debug cause `invalid memory address` error [\#397](https://github.com/future-architect/vuls/issues/397)
+- Provide a command line flag that will automatically install aptitude on debian? [\#390](https://github.com/future-architect/vuls/issues/390)
+
+**Merged pull requests:**
+
+- export fill cve info [\#467](https://github.com/future-architect/vuls/pull/467) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- add oval docker [\#466](https://github.com/future-architect/vuls/pull/466) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- fix typos in commands. [\#464](https://github.com/future-architect/vuls/pull/464) ([ymomoi](https://github.com/ymomoi))
+- Update README [\#463](https://github.com/future-architect/vuls/pull/463) ([kotakanbe](https://github.com/kotakanbe))
+- export FillWithOval [\#462](https://github.com/future-architect/vuls/pull/462) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- add serveruuid field [\#458](https://github.com/future-architect/vuls/pull/458) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- add s3 dirctory option [\#457](https://github.com/future-architect/vuls/pull/457) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- Extract Advisory.Description on RHEL, Amazon, Oracle [\#450](https://github.com/future-architect/vuls/pull/450) ([kotakanbe](https://github.com/kotakanbe))
+- nosudo on CentOS and Fetch Changelogs on Amazon, RHEL [\#448](https://github.com/future-architect/vuls/pull/448) ([kotakanbe](https://github.com/kotakanbe))
+- change logrus package to lowercase and update other packages [\#446](https://github.com/future-architect/vuls/pull/446) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- add db backend redis [\#445](https://github.com/future-architect/vuls/pull/445) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- fast test [\#435](https://github.com/future-architect/vuls/pull/435) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- fix typo [\#433](https://github.com/future-architect/vuls/pull/433) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- Add support for PostgreSQL as a DB storage back-end [\#431](https://github.com/future-architect/vuls/pull/431) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- typo README.js.md [\#426](https://github.com/future-architect/vuls/pull/426) ([ryurock](https://github.com/ryurock))
+- Add TOC to README [\#425](https://github.com/future-architect/vuls/pull/425) ([kotakanbe](https://github.com/kotakanbe))
+- Fixing \#420 where lock and manifest have moved to TOML [\#421](https://github.com/future-architect/vuls/pull/421) ([elfgoh](https://github.com/elfgoh))
+- Define timeout for vulnerabilities scan and platform detection [\#414](https://github.com/future-architect/vuls/pull/414) ([s7anley](https://github.com/s7anley))
+- Enable -timeout option when detecting OS [\#410](https://github.com/future-architect/vuls/pull/410) ([knqyf263](https://github.com/knqyf263))
+- Remove duplicate command in README [\#401](https://github.com/future-architect/vuls/pull/401) ([knqyf263](https://github.com/knqyf263))
+- Fix to read config.toml at tui [\#441](https://github.com/future-architect/vuls/pull/441) ([usiusi360](https://github.com/usiusi360))
+- Change NVD URL to new one [\#419](https://github.com/future-architect/vuls/pull/419) ([kotakanbe](https://github.com/kotakanbe))
+- Add some testcases [\#418](https://github.com/future-architect/vuls/pull/418) ([kotakanbe](https://github.com/kotakanbe))
+
+## [v0.3.0](https://github.com/future-architect/vuls/tree/v0.3.0) (2017-03-24)
+[Full Changelog](https://github.com/future-architect/vuls/compare/v0.2.0...v0.3.0)
+
+**Implemented enhancements:**
+
+- Changelog parsing fails when package maintainers aren't consistent regarding versions [\#327](https://github.com/future-architect/vuls/issues/327)
+- Docker scan doesn't report image name [\#325](https://github.com/future-architect/vuls/issues/325)
+- vuls report -to-email only one E-Mail [\#295](https://github.com/future-architect/vuls/issues/295)
+- Support RHEL5 [\#286](https://github.com/future-architect/vuls/issues/286)
+- Continue scanning even when some hosts have tech issues? [\#264](https://github.com/future-architect/vuls/issues/264)
+- Normalization of JSON output [\#259](https://github.com/future-architect/vuls/issues/259)
+- Add report subcommand, change scan subcommand options [\#239](https://github.com/future-architect/vuls/issues/239)
+- scan localhost? [\#210](https://github.com/future-architect/vuls/issues/210)
+- Can Vuls show details about updateable packages [\#341](https://github.com/future-architect/vuls/issues/341)
+- Scan all containers except [\#285](https://github.com/future-architect/vuls/issues/285)
+- Notify the difference from the previous scan result [\#255](https://github.com/future-architect/vuls/issues/255)
+- EC2RoleCreds support? [\#250](https://github.com/future-architect/vuls/issues/250)
+- Output confidence score of detection accuracy and detection method to JSON or Reporting [\#350](https://github.com/future-architect/vuls/pull/350) ([kotakanbe](https://github.com/kotakanbe))
+- Avoid null slice being null in JSON [\#345](https://github.com/future-architect/vuls/pull/345) ([kotakanbe](https://github.com/kotakanbe))
+- Add -format-one-email option [\#331](https://github.com/future-architect/vuls/pull/331) ([knqyf263](https://github.com/knqyf263))
+- Support Raspbian [\#330](https://github.com/future-architect/vuls/pull/330) ([knqyf263](https://github.com/knqyf263))
+- Add leniancy to the version matching for debian to account for versio… [\#328](https://github.com/future-architect/vuls/pull/328) ([jsulinski](https://github.com/jsulinski))
+- Add image information for docker containers [\#326](https://github.com/future-architect/vuls/pull/326) ([jsulinski](https://github.com/jsulinski))
+- Continue scanning even when some hosts have tech issues [\#309](https://github.com/future-architect/vuls/pull/309) ([kotakanbe](https://github.com/kotakanbe))
+- Add -log-dir option [\#301](https://github.com/future-architect/vuls/pull/301) ([knqyf263](https://github.com/knqyf263))
+- Use --assumeno option [\#300](https://github.com/future-architect/vuls/pull/300) ([knqyf263](https://github.com/knqyf263))
+- Add local scan mode\(Scan without SSH when target server is localhost\) [\#291](https://github.com/future-architect/vuls/pull/291) ([kotakanbe](https://github.com/kotakanbe))
+- Support RHEL5 [\#289](https://github.com/future-architect/vuls/pull/289) ([kotakanbe](https://github.com/kotakanbe))
+- Add LXD support [\#288](https://github.com/future-architect/vuls/pull/288) ([jiazio](https://github.com/jiazio))
+- Add timeout option to configtest [\#400](https://github.com/future-architect/vuls/pull/400) ([kotakanbe](https://github.com/kotakanbe))
+- Notify the difference from the previous scan result [\#392](https://github.com/future-architect/vuls/pull/392) ([knqyf263](https://github.com/knqyf263))
+- Add Oracle Linux support [\#386](https://github.com/future-architect/vuls/pull/386) ([Djelibeybi](https://github.com/Djelibeybi))
+- Change container scan format in config.toml [\#381](https://github.com/future-architect/vuls/pull/381) ([kotakanbe](https://github.com/kotakanbe))
+- Obsolete CentOS5 support [\#378](https://github.com/future-architect/vuls/pull/378) ([kotakanbe](https://github.com/kotakanbe))
+- Deprecate prepare subcommand to minimize the root authority defined by /etc/sudoers [\#375](https://github.com/future-architect/vuls/pull/375) ([kotakanbe](https://github.com/kotakanbe))
+- Support IAM role for report to S3. [\#370](https://github.com/future-architect/vuls/pull/370) ([ohsawa0515](https://github.com/ohsawa0515))
+- Add .travis.yml [\#363](https://github.com/future-architect/vuls/pull/363) ([knqyf263](https://github.com/knqyf263))
+- Output changelog in report, TUI and JSON for Ubuntu/Debian/CentOS [\#356](https://github.com/future-architect/vuls/pull/356) ([kotakanbe](https://github.com/kotakanbe))
+
+**Fixed bugs:**
+
+- Debian scans failing in docker [\#323](https://github.com/future-architect/vuls/issues/323)
+- Local CVE DB is still checked, even if a CVE Dictionary URL is defined [\#316](https://github.com/future-architect/vuls/issues/316)
+- vuls needs gmake. [\#313](https://github.com/future-architect/vuls/issues/313)
+- patch request for FreeBSD [\#312](https://github.com/future-architect/vuls/issues/312)
+- Report: failed to read from json \(Docker\) [\#294](https://github.com/future-architect/vuls/issues/294)
+- -report-mail option does not output required mail header [\#282](https://github.com/future-architect/vuls/issues/282)
+- PackInfo not found error when vuls scan. [\#281](https://github.com/future-architect/vuls/issues/281)
+- Normalize character set [\#279](https://github.com/future-architect/vuls/issues/279)
+- The number of Updatable Packages is different from the number of yum check-update [\#373](https://github.com/future-architect/vuls/issues/373)
+- sudo is needed when exec yum check-update on RHEL7 [\#371](https://github.com/future-architect/vuls/issues/371)
+- `123-3ubuntu4` should be marked as ChangelogLenientMatch [\#362](https://github.com/future-architect/vuls/issues/362)
+- CentOS  multi package invalid result [\#360](https://github.com/future-architect/vuls/issues/360)
+- Parse error after check-update. \(Unknown format\) [\#359](https://github.com/future-architect/vuls/issues/359)
+- Fix candidate to confidence. [\#354](https://github.com/future-architect/vuls/pull/354) ([kotakanbe](https://github.com/kotakanbe))
+- Bug fix: not send e-mail to cc address [\#346](https://github.com/future-architect/vuls/pull/346) ([knqyf263](https://github.com/knqyf263))
+- Change the command used for os detection from uname to freebsd-version [\#340](https://github.com/future-architect/vuls/pull/340) ([kotakanbe](https://github.com/kotakanbe))
+- Fix error handling of detectOS [\#337](https://github.com/future-architect/vuls/pull/337) ([kotakanbe](https://github.com/kotakanbe))
+- Fix infinite retry at size overrun error in Slack report [\#329](https://github.com/future-architect/vuls/pull/329) ([kotakanbe](https://github.com/kotakanbe))
+- aptitude changelog defaults to using more, which is not interactive a… [\#324](https://github.com/future-architect/vuls/pull/324) ([jsulinski](https://github.com/jsulinski))
+- Do not use sudo when echo [\#322](https://github.com/future-architect/vuls/pull/322) ([knqyf263](https://github.com/knqyf263))
+- Reduce privilege requirements for commands that don't need sudo on Ubuntu/Debian [\#319](https://github.com/future-architect/vuls/pull/319) ([jsulinski](https://github.com/jsulinski))
+- Don't check for a CVE DB when CVE Dictionary URL is defined [\#317](https://github.com/future-architect/vuls/pull/317) ([jsulinski](https://github.com/jsulinski))
+- Fix typo contianer -\> container [\#314](https://github.com/future-architect/vuls/pull/314) ([justyns](https://github.com/justyns))
+- Fix the changelog cache logic for ubuntu/debian [\#305](https://github.com/future-architect/vuls/pull/305) ([kotakanbe](https://github.com/kotakanbe))
+- Fix yum updateinfo options [\#304](https://github.com/future-architect/vuls/pull/304) ([kotakanbe](https://github.com/kotakanbe))
+- Update glide.lock to fix create-log-dir error. [\#303](https://github.com/future-architect/vuls/pull/303) ([kotakanbe](https://github.com/kotakanbe))
+- Fix a bug in logging \(file output\) at scan command [\#302](https://github.com/future-architect/vuls/pull/302) ([kotakanbe](https://github.com/kotakanbe))
+- Add -pipe flag \#294 [\#299](https://github.com/future-architect/vuls/pull/299) ([kotakanbe](https://github.com/kotakanbe))
+- Fix RHEL5 scan stopped halfway [\#293](https://github.com/future-architect/vuls/pull/293) ([kotakanbe](https://github.com/kotakanbe))
+- Fix amazon linux scan stopped halfway [\#292](https://github.com/future-architect/vuls/pull/292) ([kotakanbe](https://github.com/kotakanbe))
+- Fix nil-ponter in TUI [\#388](https://github.com/future-architect/vuls/pull/388) ([kotakanbe](https://github.com/kotakanbe))
+- Fix Bug of Mysql Backend [\#384](https://github.com/future-architect/vuls/pull/384) ([kotakanbe](https://github.com/kotakanbe))
+- Fix scan confidence on Ubuntu/Debian/Raspbian \#362 [\#379](https://github.com/future-architect/vuls/pull/379) ([kotakanbe](https://github.com/kotakanbe))
+- Fix updatalbe packages count \#373 [\#374](https://github.com/future-architect/vuls/pull/374) ([kotakanbe](https://github.com/kotakanbe))
+- sudo yum check-update on RHEL [\#372](https://github.com/future-architect/vuls/pull/372) ([kotakanbe](https://github.com/kotakanbe))
+- Change ssh option from -t to -tt [\#369](https://github.com/future-architect/vuls/pull/369) ([knqyf263](https://github.com/knqyf263))
+- Increase the width of RequestPty [\#364](https://github.com/future-architect/vuls/pull/364) ([knqyf263](https://github.com/knqyf263))
+
+**Closed issues:**
+
+-  vuls configtest --debugがsudoのチェックで止まってしまう [\#395](https://github.com/future-architect/vuls/issues/395)
+- Add support for Oracle Linux [\#385](https://github.com/future-architect/vuls/issues/385)
+- error on install - Ubuntu 16.04 [\#376](https://github.com/future-architect/vuls/issues/376)
+- Unknown OS Type [\#335](https://github.com/future-architect/vuls/issues/335)
+- mac os 10.12.3 make install error [\#334](https://github.com/future-architect/vuls/issues/334)
+- assumeYes doesn't work because there is no else condition [\#320](https://github.com/future-architect/vuls/issues/320)
+- Debian scan uses sudo where unnecessary [\#318](https://github.com/future-architect/vuls/issues/318)
+- Add FreeBSD 11 to supported OS on documents. [\#311](https://github.com/future-architect/vuls/issues/311)
+- docker fetchnvd failing [\#274](https://github.com/future-architect/vuls/issues/274)
+- Latest version of labstack echo breaks installation [\#268](https://github.com/future-architect/vuls/issues/268)
+- fetchnvd Fails using example loop [\#267](https://github.com/future-architect/vuls/issues/267)
+
+**Merged pull requests:**
+
+- fix typo in README.ja.md [\#394](https://github.com/future-architect/vuls/pull/394) ([lv7777](https://github.com/lv7777))
+- Update Tutorial in README [\#387](https://github.com/future-architect/vuls/pull/387) ([kotakanbe](https://github.com/kotakanbe))
+- Fix README [\#383](https://github.com/future-architect/vuls/pull/383) ([usiusi360](https://github.com/usiusi360))
+- s/dictinary/dictionary typo [\#382](https://github.com/future-architect/vuls/pull/382) ([beuno](https://github.com/beuno))
+- Fix Japanese typo [\#377](https://github.com/future-architect/vuls/pull/377) ([IMAI-Yuji](https://github.com/IMAI-Yuji))
+- Improve kanji character [\#351](https://github.com/future-architect/vuls/pull/351) ([hasegawa-tomoki](https://github.com/hasegawa-tomoki))
+- Add PULL\_REQUEST\_TEMPLATE.md [\#348](https://github.com/future-architect/vuls/pull/348) ([knqyf263](https://github.com/knqyf263))
+- Update README [\#347](https://github.com/future-architect/vuls/pull/347) ([knqyf263](https://github.com/knqyf263))
+- Fix test case [\#344](https://github.com/future-architect/vuls/pull/344) ([kotakanbe](https://github.com/kotakanbe))
+- Fix typo [\#343](https://github.com/future-architect/vuls/pull/343) ([knqyf263](https://github.com/knqyf263))
+- Rename Makefile to GNUmakefile \#313 [\#339](https://github.com/future-architect/vuls/pull/339) ([kotakanbe](https://github.com/kotakanbe))
+- Update README [\#338](https://github.com/future-architect/vuls/pull/338) ([kotakanbe](https://github.com/kotakanbe))
+- add error handling [\#332](https://github.com/future-architect/vuls/pull/332) ([kazuminn](https://github.com/kazuminn))
+- Update readme [\#308](https://github.com/future-architect/vuls/pull/308) ([lapthorn](https://github.com/lapthorn))
+- Update glide.lock to fix import error [\#306](https://github.com/future-architect/vuls/pull/306) ([knqyf263](https://github.com/knqyf263))
+- Check whether echo is executable with nopasswd [\#298](https://github.com/future-architect/vuls/pull/298) ([knqyf263](https://github.com/knqyf263))
+- Update docker README [\#297](https://github.com/future-architect/vuls/pull/297) ([knqyf263](https://github.com/knqyf263))
+- update readme [\#296](https://github.com/future-architect/vuls/pull/296) ([galigalikun](https://github.com/galigalikun))
+- remove unused import line. [\#358](https://github.com/future-architect/vuls/pull/358) ([ymomoi](https://github.com/ymomoi))
+
+## [v0.2.0](https://github.com/future-architect/vuls/tree/v0.2.0) (2017-01-10)
+[Full Changelog](https://github.com/future-architect/vuls/compare/v0.1.7...v0.2.0)
+
+**Implemented enhancements:**
+
+- Add report subcommand, change scan options. \#239 [\#270](https://github.com/future-architect/vuls/pull/270) ([kotakanbe](https://github.com/kotakanbe))
+- Add --assume-yes to prepare \#260 [\#266](https://github.com/future-architect/vuls/pull/266) ([Code0x58](https://github.com/Code0x58))
+- Use RFC3339 timestamps in the results [\#265](https://github.com/future-architect/vuls/pull/265) ([Code0x58](https://github.com/Code0x58))
+
+**Fixed bugs:**
+
+- vuls prepare failed to centos7 [\#275](https://github.com/future-architect/vuls/issues/275)
+- Failed to scan on RHEL5 [\#94](https://github.com/future-architect/vuls/issues/94)
+- Fix container os detection [\#287](https://github.com/future-architect/vuls/pull/287) ([jiazio](https://github.com/jiazio))
+- Add date header to report mail. [\#283](https://github.com/future-architect/vuls/pull/283) ([ymomoi](https://github.com/ymomoi))
+- Add Content-Type header to report/mail.go . [\#280](https://github.com/future-architect/vuls/pull/280) ([hogehogehugahuga](https://github.com/hogehogehugahuga))
+- Keep output of "vuls scan -report-\*" to be same every times [\#272](https://github.com/future-architect/vuls/pull/272) ([yoheimuta](https://github.com/yoheimuta))
+- Fix JSON-dir regex pattern \#265 [\#271](https://github.com/future-architect/vuls/pull/271) ([kotakanbe](https://github.com/kotakanbe))
+- Stop quietly ignoring `--ssh-external` on Windows [\#263](https://github.com/future-architect/vuls/pull/263) ([Code0x58](https://github.com/Code0x58))
+- Fix non-interactive `apt-get install` \#251 [\#253](https://github.com/future-architect/vuls/pull/253) ([Code0x58](https://github.com/Code0x58))
+
+**Closed issues:**
+
+- gocui.NewGui now takes a parameter [\#261](https://github.com/future-architect/vuls/issues/261)
+- Add a `--yes` flag to bypass interactive prompt for `vuls prepare` [\#260](https://github.com/future-architect/vuls/issues/260)
+- `vuls prepare` doesn't work on Debian host due to apt-get confirmation prompt [\#251](https://github.com/future-architect/vuls/issues/251)
+
+**Merged pull requests:**
+
+- Fix gocui.NewGui after signature change \#261 [\#262](https://github.com/future-architect/vuls/pull/262) ([Code0x58](https://github.com/Code0x58))
+- Replace inconsistent tabs with spaces [\#254](https://github.com/future-architect/vuls/pull/254) ([Code0x58](https://github.com/Code0x58))
+- Fix README [\#249](https://github.com/future-architect/vuls/pull/249) ([usiusi360](https://github.com/usiusi360))
+
+## [v0.1.7](https://github.com/future-architect/vuls/tree/v0.1.7) (2016-11-08)
+[Full Changelog](https://github.com/future-architect/vuls/compare/v0.1.6...v0.1.7)
+
+**Implemented enhancements:**
+
+- Enable to scan only docker container, without docker host [\#122](https://github.com/future-architect/vuls/issues/122)
+- Add -skip-broken option \[CentOS only\] \#245 [\#248](https://github.com/future-architect/vuls/pull/248) ([kotakanbe](https://github.com/kotakanbe))
+- Display unknown CVEs to TUI [\#244](https://github.com/future-architect/vuls/pull/244) ([kotakanbe](https://github.com/kotakanbe))
+- Add the XML output [\#240](https://github.com/future-architect/vuls/pull/240) ([gleentea](https://github.com/gleentea))
+- add '-ssh-external' option to prepare subcommand [\#234](https://github.com/future-architect/vuls/pull/234) ([mykstmhr](https://github.com/mykstmhr))
+- Integrate OWASP Dependency Check [\#232](https://github.com/future-architect/vuls/pull/232) ([kotakanbe](https://github.com/kotakanbe))
+- Add support for reading CVE data from MySQL. [\#225](https://github.com/future-architect/vuls/pull/225) ([oswell](https://github.com/oswell))
+- Remove base docker image, -v shows commit hash [\#223](https://github.com/future-architect/vuls/pull/223) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- Support ignore CveIDs in config [\#222](https://github.com/future-architect/vuls/pull/222) ([kotakanbe](https://github.com/kotakanbe))
+- Confirm before installing dependencies on prepare [\#219](https://github.com/future-architect/vuls/pull/219) ([kotakanbe](https://github.com/kotakanbe))
+- Remove all.json [\#218](https://github.com/future-architect/vuls/pull/218) ([kotakanbe](https://github.com/kotakanbe))
+- Add GitHub issue template [\#217](https://github.com/future-architect/vuls/pull/217) ([kotakanbe](https://github.com/kotakanbe))
+- Improve makefile, -version shows git hash, fix README [\#216](https://github.com/future-architect/vuls/pull/216) ([kotakanbe](https://github.com/kotakanbe))
+- change e-mail package from gomail to net/smtp [\#211](https://github.com/future-architect/vuls/pull/211) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- Add only-containers option to scan subcommand \#122 [\#190](https://github.com/future-architect/vuls/pull/190) ([kotakanbe](https://github.com/kotakanbe))
+- Fix -results-dir option of scan subcommand [\#185](https://github.com/future-architect/vuls/pull/185) ([kotakanbe](https://github.com/kotakanbe))
+- Show error when no scannable servers are detected. [\#177](https://github.com/future-architect/vuls/pull/177) ([kotakanbe](https://github.com/kotakanbe))
+- Add sudo check to prepare subcommand [\#176](https://github.com/future-architect/vuls/pull/176) ([kotakanbe](https://github.com/kotakanbe))
+- Supports yum --enablerepo option \(supports only base,updates for now\) [\#147](https://github.com/future-architect/vuls/pull/147) ([kotakanbe](https://github.com/kotakanbe))
+
+**Fixed bugs:**
+
+- Debian 8.6 \(jessie\) scan does not show vulnerable packages [\#235](https://github.com/future-architect/vuls/issues/235)
+- panic: runtime error: index out of range - ubuntu 16.04 + vuls history [\#180](https://github.com/future-architect/vuls/issues/180)
+- Moved golang.org/x/net/context to context [\#243](https://github.com/future-architect/vuls/pull/243) ([yoheimuta](https://github.com/yoheimuta))
+- Fix changelog cache bug on Ubuntu and Debian \#235 [\#238](https://github.com/future-architect/vuls/pull/238) ([kotakanbe](https://github.com/kotakanbe))
+- add '-ssh-external' option to prepare subcommand [\#234](https://github.com/future-architect/vuls/pull/234) ([mykstmhr](https://github.com/mykstmhr))
+- Fixed error for the latest version of gocui [\#231](https://github.com/future-architect/vuls/pull/231) ([ymd38](https://github.com/ymd38))
+- Handle the refactored gocui SetCurrentView method. [\#229](https://github.com/future-architect/vuls/pull/229) ([oswell](https://github.com/oswell))
+- Fix locale env var LANG to LANGUAGE [\#215](https://github.com/future-architect/vuls/pull/215) ([kotakanbe](https://github.com/kotakanbe))
+- Fixed bug with parsing update line on CentOS/RHEL [\#206](https://github.com/future-architect/vuls/pull/206) ([andyone](https://github.com/andyone))
+- Fix defer cache.DB.close [\#201](https://github.com/future-architect/vuls/pull/201) ([kotakanbe](https://github.com/kotakanbe))
+- Fix a help message of -report-azure-blob option [\#195](https://github.com/future-architect/vuls/pull/195) ([kotakanbe](https://github.com/kotakanbe))
+- Fix error handling in tui [\#193](https://github.com/future-architect/vuls/pull/193) ([kotakanbe](https://github.com/kotakanbe))
+- Fix not working changelog cache on Container [\#189](https://github.com/future-architect/vuls/pull/189) ([kotakanbe](https://github.com/kotakanbe))
+- Fix release version detection on FreeBSD [\#184](https://github.com/future-architect/vuls/pull/184) ([kotakanbe](https://github.com/kotakanbe))
+- Fix defer cahce.DB.close\(\) [\#183](https://github.com/future-architect/vuls/pull/183) ([kotakanbe](https://github.com/kotakanbe))
+- Fix a mode of files/dir \(report, log\) [\#182](https://github.com/future-architect/vuls/pull/182) ([kotakanbe](https://github.com/kotakanbe))
+- Fix a error when no json dirs are found under results \#180 [\#181](https://github.com/future-architect/vuls/pull/181) ([kotakanbe](https://github.com/kotakanbe))
+- ssh-external option of configtest is not working \#178 [\#179](https://github.com/future-architect/vuls/pull/179) ([kotakanbe](https://github.com/kotakanbe))
+
+**Closed issues:**
+
+- --enable-repos of yum option [\#246](https://github.com/future-architect/vuls/issues/246)
+- --skip-broken at yum option [\#245](https://github.com/future-architect/vuls/issues/245)
+- Recent changes to gobui cause build failures [\#228](https://github.com/future-architect/vuls/issues/228)
+- https://hub.docker.com/r/vuls/go-cve-dictionary/ is empty [\#208](https://github.com/future-architect/vuls/issues/208)
+- Not able to install gomail fails [\#202](https://github.com/future-architect/vuls/issues/202)
+- No results file created - vuls tui failed [\#199](https://github.com/future-architect/vuls/issues/199)
+- Wrong file permissions for results/\*.json in official Docker container [\#197](https://github.com/future-architect/vuls/issues/197)
+- Failed: Unknown OS Type [\#196](https://github.com/future-architect/vuls/issues/196)
+- Segmentation fault with configtest [\#192](https://github.com/future-architect/vuls/issues/192)
+- Failed to scan. err: No server defined. Check the configuration [\#187](https://github.com/future-architect/vuls/issues/187)
+- vuls configtest -ssh-external doesnt work [\#178](https://github.com/future-architect/vuls/issues/178)
+- apt-get update: time out [\#175](https://github.com/future-architect/vuls/issues/175)
+- scanning on Centos6, but vuls recognizes debian. [\#174](https://github.com/future-architect/vuls/issues/174)
+- Fix READMEja  \#164  [\#173](https://github.com/future-architect/vuls/issues/173)
+
+**Merged pull requests:**
+
+- Update README \#225 [\#242](https://github.com/future-architect/vuls/pull/242) ([kotakanbe](https://github.com/kotakanbe))
+- fix readme [\#241](https://github.com/future-architect/vuls/pull/241) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- Fix README \#234 [\#237](https://github.com/future-architect/vuls/pull/237) ([kotakanbe](https://github.com/kotakanbe))
+- Update glide files [\#236](https://github.com/future-architect/vuls/pull/236) ([kotakanbe](https://github.com/kotakanbe))
+- fix README [\#226](https://github.com/future-architect/vuls/pull/226) ([usiusi360](https://github.com/usiusi360))
+- fix some misspelling. [\#221](https://github.com/future-architect/vuls/pull/221) ([ymomoi](https://github.com/ymomoi))
+- fix docker readme [\#214](https://github.com/future-architect/vuls/pull/214) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- Fix ja document about typo [\#213](https://github.com/future-architect/vuls/pull/213) ([shokohara](https://github.com/shokohara))
+- fix readme [\#212](https://github.com/future-architect/vuls/pull/212) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- fix README [\#207](https://github.com/future-architect/vuls/pull/207) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- fix typo [\#204](https://github.com/future-architect/vuls/pull/204) ([usiusi360](https://github.com/usiusi360))
+- fix gitignore [\#191](https://github.com/future-architect/vuls/pull/191) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+- Update glide.lock [\#188](https://github.com/future-architect/vuls/pull/188) ([kotakanbe](https://github.com/kotakanbe))
+- Fix path in setup/docker/README [\#186](https://github.com/future-architect/vuls/pull/186) ([dladuke](https://github.com/dladuke))
+- Vuls and vulsrepo are now separated [\#163](https://github.com/future-architect/vuls/pull/163) ([hikachan](https://github.com/hikachan))
+
+## [v0.1.6](https://github.com/future-architect/vuls/tree/v0.1.6) (2016-09-12)
+[Full Changelog](https://github.com/future-architect/vuls/compare/v0.1.5...v0.1.6)
+
+**Implemented enhancements:**
+
+- High speed scan on Ubuntu/Debian [\#172](https://github.com/future-architect/vuls/pull/172) ([kotakanbe](https://github.com/kotakanbe))
+- Support CWE\(Common Weakness Enumeration\) [\#169](https://github.com/future-architect/vuls/pull/169) ([kotakanbe](https://github.com/kotakanbe))
+- Enable to scan without sudo on amazon linux [\#167](https://github.com/future-architect/vuls/pull/167) ([kotakanbe](https://github.com/kotakanbe))
+- Remove deprecated options -use-unattended-upgrades,-use-yum-plugin-security [\#161](https://github.com/future-architect/vuls/pull/161) ([kotakanbe](https://github.com/kotakanbe))
+- delete sqlite3 [\#152](https://github.com/future-architect/vuls/pull/152) ([sadayuki-matsuno](https://github.com/sadayuki-matsuno))
+
+**Fixed bugs:**
+
+- Failed to setup vuls docker [\#170](https://github.com/future-architect/vuls/issues/170)
+- yum check-update error occurred when no reboot after kernel updating [\#165](https://github.com/future-architect/vuls/issues/165)
+- error thrown from 'docker build .' [\#157](https://github.com/future-architect/vuls/issues/157)
+- CVE-ID is truncated to 4 digits [\#153](https://github.com/future-architect/vuls/issues/153)
+- 'yum update --changelog' stalled in 'vuls scan'. if ssh user is not 'root'. [\#150](https://github.com/future-architect/vuls/issues/150)
+- Panic on packet scan [\#131](https://github.com/future-architect/vuls/issues/131)
+- Update glide.lock \#170 [\#171](https://github.com/future-architect/vuls/pull/171) ([kotakanbe](https://github.com/kotakanbe))
+- Fix detecting a platform on Azure [\#168](https://github.com/future-architect/vuls/pull/168) ([kotakanbe](https://github.com/kotakanbe))
+- Fix parse error for yum check-update \#165 [\#166](https://github.com/future-architect/vuls/pull/166) ([kotakanbe](https://github.com/kotakanbe))
+- Fix bug: Vuls on Docker [\#159](https://github.com/future-architect/vuls/pull/159) ([tjinjin](https://github.com/tjinjin))
+- Fix CVE-ID is truncated to 4 digits [\#155](https://github.com/future-architect/vuls/pull/155) ([usiusi360](https://github.com/usiusi360))
+- Fix yum update --changelog stalled when non-root ssh user on CentOS \#150 [\#151](https://github.com/future-architect/vuls/pull/151) ([kotakanbe](https://github.com/kotakanbe))
+
+**Closed issues:**
+
+- Support su for root privilege escalation [\#44](https://github.com/future-architect/vuls/issues/44)
+- Support FreeBSD [\#34](https://github.com/future-architect/vuls/issues/34)
+
+**Merged pull requests:**
+
+- Change scripts for data fetching from jvn [\#164](https://github.com/future-architect/vuls/pull/164) ([kotakanbe](https://github.com/kotakanbe))
+- Fix: setup vulsrepo [\#162](https://github.com/future-architect/vuls/pull/162) ([tjinjin](https://github.com/tjinjin))
+- Fix-docker-vulsrepo-install [\#160](https://github.com/future-architect/vuls/pull/160) ([usiusi360](https://github.com/usiusi360))
+- Reduce regular expression compilation [\#158](https://github.com/future-architect/vuls/pull/158) ([itchyny](https://github.com/itchyny))
+- Add testcases for \#153 [\#156](https://github.com/future-architect/vuls/pull/156) ([kotakanbe](https://github.com/kotakanbe))
+
 ## [v0.1.5](https://github.com/future-architect/vuls/tree/v0.1.5) (2016-08-16)
 [Full Changelog](https://github.com/future-architect/vuls/compare/v0.1.4...v0.1.5)

@@ -141,7 +486,7 @@
 - Maximum 6 nodes available to scan [\#12](https://github.com/future-architect/vuls/issues/12)
 - panic: runtime error: index out of range [\#5](https://github.com/future-architect/vuls/issues/5)
 - Fix sudo option on RedHat like Linux and change some messages. [\#20](https://github.com/future-architect/vuls/pull/20) ([kotakanbe](https://github.com/kotakanbe))
- Typo fix and updated readme [\#19](https://github.com/future-architect/vuls/pull/19) ([Euan-Kerr](https://github.com/Euan-Kerr))
+- Typo fix and updated readme [\#19](https://github.com/future-architect/vuls/pull/19) ([EuanKerr](https://github.com/EuanKerr))
 - remove a period at the end of error messages. [\#18](https://github.com/future-architect/vuls/pull/18) ([kotakanbe](https://github.com/kotakanbe))
 - fix error while yum updateinfo --security update on rhel@aws [\#17](https://github.com/future-architect/vuls/pull/17) ([kotakanbe](https://github.com/kotakanbe))
 - Fixed typos [\#15](https://github.com/future-architect/vuls/pull/15) ([radarhere](https://github.com/radarhere))
@@ -166,4 +511,4 @@



-\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
+\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
--- a/33
+++ b/33
@@ -0,0 +1,33 @@
+FROM golang:alpine as builder
+
+RUN apk add --no-cache \
+        git \
+        make \
+        gcc \
+        musl-dev
+
+ENV REPOSITORY github.com/future-architect/vuls
+COPY . $GOPATH/src/$REPOSITORY
+RUN cd $GOPATH/src/$REPOSITORY && make install
+
+
+FROM alpine:3.7
+
+MAINTAINER hikachan sadayuki-matsuno
+
+ENV LOGDIR /var/log/vuls
+ENV WORKDIR /vuls
+
+RUN apk add --no-cache \
+        openssh-client \
+        ca-certificates \
+    && mkdir -p $WORKDIR $LOGDIR
+
+COPY --from=builder /go/bin/vuls /usr/local/bin/
+
+VOLUME [$WORKDIR, $LOGDIR]
+WORKDIR $WORKDIR
+ENV PWD $WORKDIR
+
+ENTRYPOINT ["vuls"]
+CMD ["--help"]
--- a/74
+++ b/74
@@ -0,0 +1,74 @@
+.PHONY: \
+	dep \
+	depup \
+	build \
+	install \
+	all \
+	vendor \
+	lint \
+	vet \
+	fmt \
+	fmtcheck \
+	pretest \
+	test \
+	cov \
+	clean
+
+SRCS = $(shell git ls-files '*.go')
+PKGS = $(shell go list ./...)
+VERSION := $(shell git describe --tags --abbrev=0)
+REVISION := $(shell git rev-parse --short HEAD)
+BUILDTIME := $(shell date "+%Y%m%d_%H%M%S")
+LDFLAGS := -X 'github.com/future-architect/vuls/config.Version=$(VERSION)' \
+    -X 'github.com/future-architect/vuls/config.Revision=$(BUILDTIME)_$(REVISION)'
+
+all: dep build
+
+dep:
+	go get -u github.com/golang/dep/...
+	dep ensure -v
+
+depup:
+	go get -u github.com/golang/dep/...
+	dep ensure -update -v
+
+build: main.go dep pretest
+	go build -ldflags "$(LDFLAGS)" -o vuls $<
+
+install: main.go dep pretest
+	go install -ldflags "$(LDFLAGS)"
+
+
+lint:
+	@ go get -v golang.org/x/lint/golint
+	golint $(PKGS)
+
+vet:
+	#  @-go get -v golang.org/x/tools/cmd/vet
+	go vet ./... || exit;
+
+fmt:
+	gofmt -s -w $(SRCS)
+
+mlint:
+	$(foreach file,$(SRCS),gometalinter $(file) || exit;)
+
+fmtcheck:
+	$(foreach file,$(SRCS),gofmt -s -d $(file);)
+
+pretest: lint vet fmtcheck
+
+test: 
+	echo $(PKGS) | xargs go test -cover -v || exit;
+
+unused:
+	$(foreach pkg,$(PKGS),unused $(pkg);)
+
+cov:
+	@ go get -v github.com/axw/gocov/gocov
+	@ go get golang.org/x/tools/cmd/cover
+	gocov test | gocov report
+
+clean:
+	echo $(PKGS) | xargs go clean || exit;
+
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -0,0 +1,969 @@
+# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
+
+
+[[projects]]
+  digest = "1:b92928b73320648b38c93cacb9082c0fe3f8ac3383ad9bd537eef62c380e0e7a"
+  name = "contrib.go.opencensus.io/exporter/ocagent"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "00af367e65149ff1f2f4b93bbfbb84fd9297170d"
+  version = "v0.2.0"
+
+[[projects]]
+  digest = "1:a90dbfc07d4cf47b5f113a2d52227e0b098592b22c0bd7afd731f6cb8bd9d55c"
+  name = "github.com/Azure/azure-sdk-for-go"
+  packages = [
+    "storage",
+    "version",
+  ]
+  pruneopts = "UT"
+  revision = "1951233eb944a49aa5f7278cba8e3e32a8c958af"
+  version = "v24.0.0"
+
+[[projects]]
+  digest = "1:e6c692a2dd5f978216331f2ab41b45dfdf01d5b2a74c596a9f69bcef77b7d67b"
+  name = "github.com/Azure/go-autorest"
+  packages = [
+    "autorest",
+    "autorest/adal",
+    "autorest/azure",
+    "autorest/date",
+    "logger",
+    "tracing",
+  ]
+  pruneopts = "UT"
+  revision = "be17756531f50014397912b7aa557ec335e39b98"
+  version = "v11.3.0"
+
+[[projects]]
+  digest = "1:9f3b30d9f8e0d7040f729b82dcbc8f0dead820a133b3147ce355fc451f32d761"
+  name = "github.com/BurntSushi/toml"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "3012a1dbe2e4bd1391d42b32f0577cb7bbc7f005"
+  version = "v0.3.1"
+
+[[projects]]
+  branch = "master"
+  digest = "1:bb6c15391e666c4f44bdc604772301b93102233ed687be6df6d1c2abbde4f15c"
+  name = "github.com/RackSec/srslog"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "a4725f04ec91af1a91b380da679d6e0c2f061e59"
+
+[[projects]]
+  digest = "1:320e7ead93de9fd2b0e59b50fd92a4d50c1f8ab455d96bc2eb083267453a9709"
+  name = "github.com/asaskevich/govalidator"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "ccb8e960c48f04d6935e72476ae4a51028f9e22f"
+  version = "v9"
+
+[[projects]]
+  digest = "1:5652bf3ce03ccaeb93cd5e11fcaab25467f78275fd9c4b4d1ffe88aae6faed12"
+  name = "github.com/aws/aws-sdk-go"
+  packages = [
+    "aws",
+    "aws/awserr",
+    "aws/awsutil",
+    "aws/client",
+    "aws/client/metadata",
+    "aws/corehandlers",
+    "aws/credentials",
+    "aws/credentials/ec2rolecreds",
+    "aws/credentials/endpointcreds",
+    "aws/credentials/processcreds",
+    "aws/credentials/stscreds",
+    "aws/csm",
+    "aws/defaults",
+    "aws/ec2metadata",
+    "aws/endpoints",
+    "aws/request",
+    "aws/session",
+    "aws/signer/v4",
+    "internal/ini",
+    "internal/s3err",
+    "internal/sdkio",
+    "internal/sdkrand",
+    "internal/sdkuri",
+    "internal/shareddefaults",
+    "private/protocol",
+    "private/protocol/eventstream",
+    "private/protocol/eventstream/eventstreamapi",
+    "private/protocol/query",
+    "private/protocol/query/queryutil",
+    "private/protocol/rest",
+    "private/protocol/restxml",
+    "private/protocol/xml/xmlutil",
+    "service/s3",
+    "service/sts",
+  ]
+  pruneopts = "UT"
+  revision = "aabf189db35ba7eb5a35afe6d681fc0f70954fca"
+  version = "v1.16.18"
+
+[[projects]]
+  digest = "1:0f98f59e9a2f4070d66f0c9c39561f68fcd1dc837b22a852d28d0003aebd1b1e"
+  name = "github.com/boltdb/bolt"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "2f1ce7a837dcb8da3ec595b1dac9d0632f0f99e8"
+  version = "v1.3.1"
+
+[[projects]]
+  digest = "1:166438587ed45ac211dab8a3ecebf4fa0c186d0db63430fb9127bbc2e5fcdc67"
+  name = "github.com/cenkalti/backoff"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "1e4cf3da559842a91afcb6ea6141451e6c30c618"
+  version = "v2.1.1"
+
+[[projects]]
+  digest = "1:65b0d980b428a6ad4425f2df4cd5410edd81f044cf527bd1c345368444649e58"
+  name = "github.com/census-instrumentation/opencensus-proto"
+  packages = [
+    "gen-go/agent/common/v1",
+    "gen-go/agent/trace/v1",
+    "gen-go/resource/v1",
+    "gen-go/trace/v1",
+  ]
+  pruneopts = "UT"
+  revision = "7f2434bc10da710debe5c4315ed6d4df454b4024"
+  version = "v0.1.0"
+
+[[projects]]
+  digest = "1:e04c00d619875ce5fa67180891984a9b1fadcc031af36bcd7a3509cbdad1df15"
+  name = "github.com/cheggaaa/pb"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "c112833d014c77e8bde723fd0158e3156951639f"
+  version = "v2.0.6"
+
+[[projects]]
+  digest = "1:76dc72490af7174349349838f2fe118996381b31ea83243812a97e5a0fd5ed55"
+  name = "github.com/dgrijalva/jwt-go"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e"
+  version = "v3.2.0"
+
+[[projects]]
+  digest = "1:865079840386857c809b72ce300be7580cb50d3d3129ce11bf9aa6ca2bc1934a"
+  name = "github.com/fatih/color"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "5b77d2a35fb0ede96d138fc9a99f5c9b6aef11b4"
+  version = "v1.7.0"
+
+[[projects]]
+  digest = "1:abeb38ade3f32a92943e5be54f55ed6d6e3b6602761d74b4aab4c9dd45c18abd"
+  name = "github.com/fsnotify/fsnotify"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "c2828203cd70a50dcccfb2761f8b1f8ceef9a8e9"
+  version = "v1.4.7"
+
+[[projects]]
+  digest = "1:ad53d1f710522a38d1f0e5e0a55a194b1c6b2cd8e84313568e43523271f0cf62"
+  name = "github.com/go-redis/redis"
+  packages = [
+    ".",
+    "internal",
+    "internal/consistenthash",
+    "internal/hashtag",
+    "internal/pool",
+    "internal/proto",
+    "internal/util",
+  ]
+  pruneopts = "UT"
+  revision = "22be8a3eaf992c828cecb69dc07348313bf08d2e"
+  version = "v6.15.1"
+
+[[projects]]
+  digest = "1:ec6f9bf5e274c833c911923c9193867f3f18788c461f76f05f62bb1510e0ae65"
+  name = "github.com/go-sql-driver/mysql"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "72cd26f257d44c1114970e19afddcd812016007e"
+  version = "v1.4.1"
+
+[[projects]]
+  digest = "1:586ea76dbd0374d6fb649a91d70d652b7fe0ccffb8910a77468e7702e7901f3d"
+  name = "github.com/go-stack/stack"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "2fee6af1a9795aafbe0253a0cfbdf668e1fb8a9a"
+  version = "v1.8.0"
+
+[[projects]]
+  digest = "1:8f0705fa33e8957018611cc81c65cb373b626c092d39931bb86882489fc4c3f4"
+  name = "github.com/golang/protobuf"
+  packages = [
+    "proto",
+    "ptypes",
+    "ptypes/any",
+    "ptypes/duration",
+    "ptypes/timestamp",
+    "ptypes/wrappers",
+  ]
+  pruneopts = "UT"
+  revision = "aa810b61a9c79d51363740d207bb46cf8e620ed5"
+  version = "v1.2.0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:df265b7f54410945dad5cf5979d91461b9fa7ff9b397ab58d2d577002a8a0e24"
+  name = "github.com/google/subcommands"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "46f0354f63152e8801bb460d26f5b6c4c878efbb"
+
+[[projects]]
+  digest = "1:7b5c6e2eeaa9ae5907c391a91c132abfd5c9e8a784a341b5625e750c67e6825d"
+  name = "github.com/gorilla/websocket"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "66b9c49e59c6c48f0ffce28c2d8b8a5678502c6d"
+  version = "v1.4.0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:4e08dc2383a46b3107f0b34ca338c4459e8fc8ee90e46a60e728aa8a2b21d558"
+  name = "github.com/gosuri/uitable"
+  packages = [
+    ".",
+    "util/strutil",
+    "util/wordwrap",
+  ]
+  pruneopts = "UT"
+  revision = "36ee7e946282a3fb1cfecd476ddc9b35d8847e42"
+
+[[projects]]
+  branch = "master"
+  digest = "1:8dbe76014be3c83806abc61befcb5e1789d2d872bc8f98a8fb955405550c63be"
+  name = "github.com/grokify/html-strip-tags-go"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "e9e44961e26f513866063f54bf85070db95600f7"
+
+[[projects]]
+  digest = "1:950caca7dfcf796419232ba996c9c3539d09f26af27ba848c4508e604c13efbb"
+  name = "github.com/hashicorp/go-version"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "d40cf49b3a77bba84a7afdbd7f1dc295d114efb1"
+  version = "v1.1.0"
+
+[[projects]]
+  digest = "1:c0d19ab64b32ce9fe5cf4ddceba78d5bc9807f0016db6b1183599da3dcc24d10"
+  name = "github.com/hashicorp/hcl"
+  packages = [
+    ".",
+    "hcl/ast",
+    "hcl/parser",
+    "hcl/printer",
+    "hcl/scanner",
+    "hcl/strconv",
+    "hcl/token",
+    "json/parser",
+    "json/scanner",
+    "json/token",
+  ]
+  pruneopts = "UT"
+  revision = "8cb6e5b959231cc1119e43259c4a608f9c51a241"
+  version = "v1.0.0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:0f8b63af5601a93b6b6a63a420c857819e98a252369262d8faf66f3566ba294e"
+  name = "github.com/hashicorp/uuid"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "ebb0a03e909c9c642a36d2527729104324c44fdb"
+
+[[projects]]
+  branch = "master"
+  digest = "1:0778dc7fce1b4669a8bfa7ae506ec1f595b6ab0f8989c1c0d22a8ca1144e9972"
+  name = "github.com/howeyc/gopass"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "bf9dde6d0d2c004a008c27aaee91170c786f6db8"
+
+[[projects]]
+  digest = "1:e96640e5b9ce93e2d7ee18f48048483080fd23e72e3c38bc17e9c8b77062031a"
+  name = "github.com/inconshreveable/log15"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "67afb5ed74ec82fd7ac8f49d27c509ac6f991970"
+  version = "v2.14"
+
+[[projects]]
+  digest = "1:ff312c4d510c67954a6fc6a11c9ff72a2b2169584776b7419c7b8c729e2b13ac"
+  name = "github.com/jinzhu/gorm"
+  packages = [
+    ".",
+    "dialects/mysql",
+    "dialects/postgres",
+    "dialects/sqlite",
+  ]
+  pruneopts = "UT"
+  revision = "472c70caa40267cb89fd8facb07fe6454b578626"
+  version = "v1.9.2"
+
+[[projects]]
+  branch = "master"
+  digest = "1:fd97437fbb6b7dce04132cf06775bd258cce305c44add58eb55ca86c6c325160"
+  name = "github.com/jinzhu/inflection"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "04140366298a54a039076d798123ffa108fff46c"
+
+[[projects]]
+  digest = "1:bb81097a5b62634f3e9fec1014657855610c82d19b9a40c17612e32651e35dca"
+  name = "github.com/jmespath/go-jmespath"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "c2b33e84"
+
+[[projects]]
+  digest = "1:114ecad51af93a73ae6781fd0d0bc28e52b433c852b84ab4b4c109c15e6c6b6d"
+  name = "github.com/jroimartin/gocui"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "c055c87ae801372cd74a0839b972db4f7697ae5f"
+  version = "v0.4.0"
+
+[[projects]]
+  digest = "1:16dd6b893b78a50564cdde1d9f7ea67224dece11bb0886bd882f1dc3dc1d440d"
+  name = "github.com/k0kubun/pp"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "027a6d1765d673d337e687394dbe780dd64e2a1e"
+  version = "v2.3.0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:bdf08c9b41c029c60ba5dc99443a3ce74eedad842cf2adf9c255513f432422e2"
+  name = "github.com/knqyf263/go-cpe"
+  packages = [
+    "common",
+    "matching",
+    "naming",
+  ]
+  pruneopts = "UT"
+  revision = "659663f6eca2ff32258e282557e7808115ea498a"
+
+[[projects]]
+  branch = "master"
+  digest = "1:a9955a589c7f6f28bd5a5f69da3f1e2cc857c23c7605c5fa7b605f065ba8f3fe"
+  name = "github.com/knqyf263/go-deb-version"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "9865fe14d09b1c729188ac810466dde90f897ee3"
+
+[[projects]]
+  branch = "master"
+  digest = "1:5734c5362ef66c39ddf1b4a11dfe75fa3c1adb70e78059543c83c0c6e89f2bc0"
+  name = "github.com/knqyf263/go-rpm-version"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "74609b86c936dff800c69ec89fcf4bc52d5f13a4"
+
+[[projects]]
+  branch = "master"
+  digest = "1:acca5c567e76e94e81f8d65893e2a9cd12d914dd688731f461a5ebdb180d4938"
+  name = "github.com/knqyf263/gost"
+  packages = [
+    "config",
+    "db",
+    "models",
+    "util",
+  ]
+  pruneopts = "UT"
+  revision = "5afeda5e8e1f8f3561738d3d6fa6549c88feb31e"
+
+[[projects]]
+  digest = "1:0a69a1c0db3591fcefb47f115b224592c8dfa4368b7ba9fae509d5e16cdc95c8"
+  name = "github.com/konsorten/go-windows-terminal-sequences"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "5c8c8bd35d3832f5d134ae1e1e375b69a4d25242"
+  version = "v1.0.1"
+
+[[projects]]
+  branch = "master"
+  digest = "1:fa59fec07121e6190139b5134524c4fc7a6abe5143a775a0e17313b6997e17a7"
+  name = "github.com/kotakanbe/go-cve-dictionary"
+  packages = [
+    "config",
+    "db",
+    "log",
+    "models",
+  ]
+  pruneopts = "UT"
+  revision = "b083bedef97055c27d1f039428ab183eca7c6450"
+
+[[projects]]
+  digest = "1:54d3c90db1164399906830313a6fce7770917d7e4a12da8f2d8693d18ff5ef27"
+  name = "github.com/kotakanbe/go-pingscanner"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "641dc2cc2d3cbf295dad356667b74c69bcbd6f70"
+  version = "v0.1.0"
+
+[[projects]]
+  digest = "1:8fd95e6bab4d09a0f610bd5c02ef6ec7d0d91da5a72b7cfcbfd67254bcb72b75"
+  name = "github.com/kotakanbe/goval-dictionary"
+  packages = [
+    "config",
+    "db",
+    "db/rdb",
+    "models",
+  ]
+  pruneopts = "UT"
+  revision = "5070051ecafdf15cbe2490e71ec038de7d25b71e"
+  version = "v0.1.1"
+
+[[projects]]
+  branch = "master"
+  digest = "1:0daead102d7ca3af110dfb832e8c14393f197d94e5ffe3f0639f10ea2cc55530"
+  name = "github.com/kotakanbe/logrus-prefixed-formatter"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "928f7356cb964637e2489a6ef37eee55181676c5"
+
+[[projects]]
+  digest = "1:01eb0269028d3c2e21b5b6cd9b1ba81bc4170ab293fcffa84e3aa3a6138a92e8"
+  name = "github.com/labstack/gommon"
+  packages = [
+    "color",
+    "log",
+  ]
+  pruneopts = "UT"
+  revision = "7fd9f68ece0bcb1a905fac8f1549f0083f71c51b"
+  version = "v0.2.8"
+
+[[projects]]
+  digest = "1:b18ffc558326ebaed3b4a175617f1e12ed4e3f53d6ebfe5ba372a3de16d22278"
+  name = "github.com/lib/pq"
+  packages = [
+    ".",
+    "hstore",
+    "oid",
+  ]
+  pruneopts = "UT"
+  revision = "4ded0e9383f75c197b3a2aaa6d590ac52df6fd79"
+  version = "v1.0.0"
+
+[[projects]]
+  digest = "1:c568d7727aa262c32bdf8a3f7db83614f7af0ed661474b24588de635c20024c7"
+  name = "github.com/magiconair/properties"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "c2353362d570a7bfa228149c62842019201cfb71"
+  version = "v1.8.0"
+
+[[projects]]
+  digest = "1:4e878df5f4e9fd625bf9c9aac77ef7cbfa4a74c01265505527c23470c0e40300"
+  name = "github.com/marstr/guid"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "8bd9a64bf37eb297b492a4101fb28e80ac0b290f"
+  version = "v1.1.0"
+
+[[projects]]
+  digest = "1:c658e84ad3916da105a761660dcaeb01e63416c8ec7bc62256a9b411a05fcd67"
+  name = "github.com/mattn/go-colorable"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "167de6bfdfba052fa6b2d3664c8f5272e23c9072"
+  version = "v0.0.9"
+
+[[projects]]
+  digest = "1:0981502f9816113c9c8c4ac301583841855c8cf4da8c72f696b3ebedf6d0e4e5"
+  name = "github.com/mattn/go-isatty"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "6ca4dbf54d38eea1a992b3c722a76a5d1c4cb25c"
+  version = "v0.0.4"
+
+[[projects]]
+  digest = "1:0356f3312c9bd1cbeda81505b7fd437501d8e778ab66998ef69f00d7f9b3a0d7"
+  name = "github.com/mattn/go-runewidth"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "3ee7d812e62a0804a7d0a324e0249ca2db3476d3"
+  version = "v0.0.4"
+
+[[projects]]
+  digest = "1:4a49346ca45376a2bba679ca0e83bec949d780d4e927931317904bad482943ec"
+  name = "github.com/mattn/go-sqlite3"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "c7c4067b79cc51e6dfdcef5c702e74b1e0fa7c75"
+  version = "v1.10.0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:2b32af4d2a529083275afc192d1067d8126b578c7a9613b26600e4df9c735155"
+  name = "github.com/mgutz/ansi"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "9520e82c474b0a04dd04f8a40959027271bab992"
+
+[[projects]]
+  digest = "1:78bbb1ba5b7c3f2ed0ea1eab57bdd3859aec7e177811563edc41198a760b06af"
+  name = "github.com/mitchellh/go-homedir"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "ae18d6b8b3205b561c79e8e5f69bff09736185f4"
+  version = "v1.0.0"
+
+[[projects]]
+  digest = "1:53bc4cd4914cd7cd52139990d5170d6dc99067ae31c56530621b18b35fc30318"
+  name = "github.com/mitchellh/mapstructure"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "3536a929edddb9a5b34bd6861dc4a9647cb459fe"
+  version = "v1.1.2"
+
+[[projects]]
+  digest = "1:7aefb397a53fc437c90f0fdb3e1419c751c5a3a165ced52325d5d797edf1aca6"
+  name = "github.com/moul/http2curl"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "9ac6cf4d929b2fa8fd2d2e6dec5bb0feb4f4911d"
+  version = "v1.0.0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:a440c18972e9499a1e8de68915e5a9119008d86efc2a9c6c6edddc323ce6f3ed"
+  name = "github.com/mozqnet/go-exploitdb"
+  packages = [
+    "db",
+    "models",
+    "util",
+  ]
+  pruneopts = "UT"
+  revision = "652ae1f6aa234a4e22c8a6c9566ef4018a1d28c8"
+
+[[projects]]
+  digest = "1:95d38d218bf2290987c6b0e885a9f0f2d3d3239235acaddca01c3fe36e5e5566"
+  name = "github.com/nlopes/slack"
+  packages = [
+    ".",
+    "slackutilsx",
+  ]
+  pruneopts = "UT"
+  revision = "b9033a72a20bf84563485e86a2adbea4bf265804"
+  version = "v0.4.0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:f3fc7efada7606d5abc88372e1f838ed897fa522077957070fbc2207a50d6faa"
+  name = "github.com/nsf/termbox-go"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "0938b5187e61bb8c4dcac2b0a9cf4047d83784fc"
+
+[[projects]]
+  digest = "1:abcdbf03ca6ca13d3697e2186edc1f33863bbdac2b3a44dfa39015e8903f7409"
+  name = "github.com/olekukonko/tablewriter"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "e6d60cf7ba1f42d86d54cdf5508611c4aafb3970"
+  version = "v0.0.1"
+
+[[projects]]
+  digest = "1:d776f3e95774a8719f2e57fabbbb33103035fe072dcf6f1864f33abd17b753e5"
+  name = "github.com/parnurzeal/gorequest"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "a578a48e8d6ca8b01a3b18314c43c6716bb5f5a3"
+  version = "v0.2.15"
+
+[[projects]]
+  digest = "1:95741de3af260a92cc5c7f3f3061e85273f5a81b5db20d4bd68da74bd521675e"
+  name = "github.com/pelletier/go-toml"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "c01d1270ff3e442a8a57cddc1c92dc1138598194"
+  version = "v1.2.0"
+
+[[projects]]
+  digest = "1:cf31692c14422fa27c83a05292eb5cbe0fb2775972e8f1f8446a71549bd8980b"
+  name = "github.com/pkg/errors"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "ba968bfe8b2f7e042a574c888954fccecfa385b4"
+  version = "v0.8.1"
+
+[[projects]]
+  digest = "1:1a23fdd843129ef761ffe7651bc5fe7c5b09fbe933e92783ab06cc11c37b7b37"
+  name = "github.com/rifflock/lfshook"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "b9218ef580f59a2e72dad1aa33d660150445d05a"
+  version = "v2.4"
+
+[[projects]]
+  digest = "1:274f67cb6fed9588ea2521ecdac05a6d62a8c51c074c1fccc6a49a40ba80e925"
+  name = "github.com/satori/go.uuid"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "f58768cc1a7a7e77a3bd49e98cdd21419399b6a3"
+  version = "v1.2.0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:9c3c856c4bd09733de5727aeb85fc484b8b87a6eb9e6a632c47e3f17142757ee"
+  name = "github.com/sirupsen/logrus"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "78fb3852d92683dc28da6cc3d5f965100677c27d"
+
+[[projects]]
+  digest = "1:d707dbc1330c0ed177d4642d6ae102d5e2c847ebd0eb84562d0dc4f024531cfc"
+  name = "github.com/spf13/afero"
+  packages = [
+    ".",
+    "mem",
+  ]
+  pruneopts = "UT"
+  revision = "a5d6946387efe7d64d09dcba68cdd523dc1273a3"
+  version = "v1.2.0"
+
+[[projects]]
+  digest = "1:08d65904057412fc0270fc4812a1c90c594186819243160dc779a402d4b6d0bc"
+  name = "github.com/spf13/cast"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "8c9545af88b134710ab1cd196795e7f2388358d7"
+  version = "v1.3.0"
+
+[[projects]]
+  digest = "1:68ea4e23713989dc20b1bded5d9da2c5f9be14ff9885beef481848edd18c26cb"
+  name = "github.com/spf13/jwalterweatherman"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "4a4406e478ca629068e7768fc33f3f044173c0a6"
+  version = "v1.0.0"
+
+[[projects]]
+  digest = "1:c1b1102241e7f645bc8e0c22ae352e8f0dc6484b6cb4d132fa9f24174e0119e2"
+  name = "github.com/spf13/pflag"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "298182f68c66c05229eb03ac171abe6e309ee79a"
+  version = "v1.0.3"
+
+[[projects]]
+  digest = "1:de37e343c64582d7026bf8ab6ac5b22a72eac54f3a57020db31524affed9f423"
+  name = "github.com/spf13/viper"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "6d33b5a963d922d182c91e8a1c88d81fd150cfd4"
+  version = "v1.3.1"
+
+[[projects]]
+  digest = "1:c468422f334a6b46a19448ad59aaffdfc0a36b08fdcc1c749a0b29b6453d7e59"
+  name = "github.com/valyala/bytebufferpool"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "e746df99fe4a3986f4d4f79e13c1e0117ce9c2f7"
+  version = "v1.0.0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:268b8bce0064e8c057d7b913605459f9a26dcab864c0886a56d196540fbf003f"
+  name = "github.com/valyala/fasttemplate"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "dcecefd839c4193db0d35b88ec65b4c12d360ab0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:0792df7c7ff49b81c7a8c5a2a47aee897c5bab31fb348c8e2f80a560d675f941"
+  name = "github.com/ymomoi/goval-parser"
+  packages = ["oval"]
+  pruneopts = "UT"
+  revision = "0a0be1dd9d0855b50be0be5a10ad3085382b6d59"
+
+[[projects]]
+  digest = "1:2ae8314c44cd413cfdb5b1df082b350116dd8d2fff973e62c01b285b7affd89e"
+  name = "go.opencensus.io"
+  packages = [
+    ".",
+    "exemplar",
+    "internal",
+    "internal/tagencoding",
+    "plugin/ochttp",
+    "plugin/ochttp/propagation/b3",
+    "plugin/ochttp/propagation/tracecontext",
+    "stats",
+    "stats/internal",
+    "stats/view",
+    "tag",
+    "trace",
+    "trace/internal",
+    "trace/propagation",
+    "trace/tracestate",
+  ]
+  pruneopts = "UT"
+  revision = "b7bf3cdb64150a8c8c53b769fdeb2ba581bd4d4b"
+  version = "v0.18.0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:30e9f5bea4df0d1a573ed89a85cc680ab05dfc078f6a21e627db236f29650a11"
+  name = "golang.org/x/crypto"
+  packages = [
+    "curve25519",
+    "ed25519",
+    "ed25519/internal/edwards25519",
+    "internal/chacha20",
+    "internal/subtle",
+    "poly1305",
+    "ssh",
+    "ssh/agent",
+    "ssh/terminal",
+  ]
+  pruneopts = "UT"
+  revision = "ff983b9c42bc9fbf91556e191cc8efb585c16908"
+
+[[projects]]
+  branch = "master"
+  digest = "1:35d68717797810014f26d6a175b0e73bd7fba070c408d443b3fff87a61c8008e"
+  name = "golang.org/x/net"
+  packages = [
+    "context",
+    "http/httpguts",
+    "http2",
+    "http2/hpack",
+    "idna",
+    "internal/timeseries",
+    "publicsuffix",
+    "trace",
+  ]
+  pruneopts = "UT"
+  revision = "915654e7eabcea33ae277abbecf52f0d8b7a9fdc"
+
+[[projects]]
+  branch = "master"
+  digest = "1:75515eedc0dc2cb0b40372008b616fa2841d831c63eedd403285ff286c593295"
+  name = "golang.org/x/sync"
+  packages = ["semaphore"]
+  pruneopts = "UT"
+  revision = "37e7f081c4d4c64e13b10787722085407fe5d15f"
+
+[[projects]]
+  branch = "master"
+  digest = "1:5ee4df7ab18e945607ac822de8d10b180baea263b5e8676a1041727543b9c1e4"
+  name = "golang.org/x/sys"
+  packages = [
+    "unix",
+    "windows",
+  ]
+  pruneopts = "UT"
+  revision = "48ac38b7c8cbedd50b1613c0fccacfc7d88dfcdf"
+
+[[projects]]
+  digest = "1:a2ab62866c75542dd18d2b069fec854577a20211d7c0ea6ae746072a1dccdd18"
+  name = "golang.org/x/text"
+  packages = [
+    "collate",
+    "collate/build",
+    "internal/colltab",
+    "internal/gen",
+    "internal/tag",
+    "internal/triegen",
+    "internal/ucd",
+    "language",
+    "secure/bidirule",
+    "transform",
+    "unicode/bidi",
+    "unicode/cldr",
+    "unicode/norm",
+    "unicode/rangetable",
+  ]
+  pruneopts = "UT"
+  revision = "f21a4dfb5e38f5895301dc265a8def02365cc3d0"
+  version = "v0.3.0"
+
+[[projects]]
+  digest = "1:5f003878aabe31d7f6b842d4de32b41c46c214bb629bb485387dbcce1edf5643"
+  name = "google.golang.org/api"
+  packages = ["support/bundler"]
+  pruneopts = "UT"
+  revision = "19e022d8cf43ce81f046bae8cc18c5397cc7732f"
+  version = "v0.1.0"
+
+[[projects]]
+  digest = "1:c25289f43ac4a68d88b02245742347c94f1e108c534dda442188015ff80669b3"
+  name = "google.golang.org/appengine"
+  packages = ["cloudsql"]
+  pruneopts = "UT"
+  revision = "e9657d882bb81064595ca3b56cbe2546bbabf7b1"
+  version = "v1.4.0"
+
+[[projects]]
+  branch = "master"
+  digest = "1:077c1c599507b3b3e9156d17d36e1e61928ee9b53a5b420f10f28ebd4a0b275c"
+  name = "google.golang.org/genproto"
+  packages = ["googleapis/rpc/status"]
+  pruneopts = "UT"
+  revision = "db91494dd46c1fdcbbde05e5ff5eb56df8f7d79a"
+
+[[projects]]
+  digest = "1:9edd250a3c46675d0679d87540b30c9ed253b19bd1fd1af08f4f5fb3c79fc487"
+  name = "google.golang.org/grpc"
+  packages = [
+    ".",
+    "balancer",
+    "balancer/base",
+    "balancer/roundrobin",
+    "binarylog/grpc_binarylog_v1",
+    "codes",
+    "connectivity",
+    "credentials",
+    "credentials/internal",
+    "encoding",
+    "encoding/proto",
+    "grpclog",
+    "internal",
+    "internal/backoff",
+    "internal/binarylog",
+    "internal/channelz",
+    "internal/envconfig",
+    "internal/grpcrand",
+    "internal/grpcsync",
+    "internal/syscall",
+    "internal/transport",
+    "keepalive",
+    "metadata",
+    "naming",
+    "peer",
+    "resolver",
+    "resolver/dns",
+    "resolver/passthrough",
+    "stats",
+    "status",
+    "tap",
+  ]
+  pruneopts = "UT"
+  revision = "df014850f6dee74ba2fc94874043a9f3f75fbfd8"
+  version = "v1.17.0"
+
+[[projects]]
+  digest = "1:e626376fab8608a972d47e91b3c1bbbddaecaf1d42b82be6dcc52d10a7557893"
+  name = "gopkg.in/VividCortex/ewma.v1"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "b24eb346a94c3ba12c1da1e564dbac1b498a77ce"
+  version = "v1.1.1"
+
+[[projects]]
+  digest = "1:94cad6e2359d57da6652e689189c5b6ef19f99db6304d2c41de54f6632e15143"
+  name = "gopkg.in/cheggaaa/pb.v1"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "1cc5bbe20449079337944d56292c7383510c534c"
+  version = "v1.0.27"
+
+[[projects]]
+  digest = "1:256938e7d43c73bd5e7bb97dd281d1ebe294b2928403ee1fbec96249915d1150"
+  name = "gopkg.in/cheggaaa/pb.v2"
+  packages = ["termutil"]
+  pruneopts = "UT"
+  revision = "c112833d014c77e8bde723fd0158e3156951639f"
+  version = "v2.0.6"
+
+[[projects]]
+  digest = "1:865079840386857c809b72ce300be7580cb50d3d3129ce11bf9aa6ca2bc1934a"
+  name = "gopkg.in/fatih/color.v1"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "5b77d2a35fb0ede96d138fc9a99f5c9b6aef11b4"
+  version = "v1.7.0"
+
+[[projects]]
+  digest = "1:c658e84ad3916da105a761660dcaeb01e63416c8ec7bc62256a9b411a05fcd67"
+  name = "gopkg.in/mattn/go-colorable.v0"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "167de6bfdfba052fa6b2d3664c8f5272e23c9072"
+  version = "v0.0.9"
+
+[[projects]]
+  digest = "1:0981502f9816113c9c8c4ac301583841855c8cf4da8c72f696b3ebedf6d0e4e5"
+  name = "gopkg.in/mattn/go-isatty.v0"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "6ca4dbf54d38eea1a992b3c722a76a5d1c4cb25c"
+  version = "v0.0.4"
+
+[[projects]]
+  digest = "1:0356f3312c9bd1cbeda81505b7fd437501d8e778ab66998ef69f00d7f9b3a0d7"
+  name = "gopkg.in/mattn/go-runewidth.v0"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "3ee7d812e62a0804a7d0a324e0249ca2db3476d3"
+  version = "v0.0.4"
+
+[[projects]]
+  digest = "1:4d2e5a73dc1500038e504a8d78b986630e3626dc027bc030ba5c75da257cdb96"
+  name = "gopkg.in/yaml.v2"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "51d6538a90f86fe93ac480b35f37b2be17fef232"
+  version = "v2.2.2"
+
+[solve-meta]
+  analyzer-name = "dep"
+  analyzer-version = 1
+  input-imports = [
+    "github.com/Azure/azure-sdk-for-go/storage",
+    "github.com/BurntSushi/toml",
+    "github.com/RackSec/srslog",
+    "github.com/asaskevich/govalidator",
+    "github.com/aws/aws-sdk-go/aws",
+    "github.com/aws/aws-sdk-go/aws/credentials",
+    "github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds",
+    "github.com/aws/aws-sdk-go/aws/ec2metadata",
+    "github.com/aws/aws-sdk-go/aws/session",
+    "github.com/aws/aws-sdk-go/service/s3",
+    "github.com/aws/aws-sdk-go/service/sts",
+    "github.com/boltdb/bolt",
+    "github.com/cenkalti/backoff",
+    "github.com/google/subcommands",
+    "github.com/gosuri/uitable",
+    "github.com/hashicorp/uuid",
+    "github.com/howeyc/gopass",
+    "github.com/jroimartin/gocui",
+    "github.com/k0kubun/pp",
+    "github.com/knqyf263/go-cpe/naming",
+    "github.com/knqyf263/go-deb-version",
+    "github.com/knqyf263/go-rpm-version",
+    "github.com/knqyf263/gost/db",
+    "github.com/knqyf263/gost/models",
+    "github.com/kotakanbe/go-cve-dictionary/db",
+    "github.com/kotakanbe/go-cve-dictionary/log",
+    "github.com/kotakanbe/go-cve-dictionary/models",
+    "github.com/kotakanbe/go-pingscanner",
+    "github.com/kotakanbe/goval-dictionary/db",
+    "github.com/kotakanbe/goval-dictionary/models",
+    "github.com/kotakanbe/logrus-prefixed-formatter",
+    "github.com/mitchellh/go-homedir",
+    "github.com/mozqnet/go-exploitdb/db",
+    "github.com/mozqnet/go-exploitdb/models",
+    "github.com/nlopes/slack",
+    "github.com/olekukonko/tablewriter",
+    "github.com/parnurzeal/gorequest",
+    "github.com/pkg/errors",
+    "github.com/rifflock/lfshook",
+    "github.com/sirupsen/logrus",
+    "golang.org/x/crypto/ssh",
+    "golang.org/x/crypto/ssh/agent",
+  ]
+  solver-name = "gps-cdcl"
+  solver-version = 1
--- a/Gopkg.toml
+++ b/Gopkg.toml
@@ -0,0 +1,41 @@
+# Gopkg.toml example
+#
+# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html
+# for detailed Gopkg.toml documentation.
+#
+# required = ["github.com/user/thing/cmd/thing"]
+# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"]
+#
+# [[constraint]]
+#   name = "github.com/user/project"
+#   version = "1.0.0"
+#
+# [[constraint]]
+#   name = "github.com/user/project2"
+#   branch = "dev"
+#   source = "github.com/myfork/project2"
+#
+# [[override]]
+#   name = "github.com/x/y"
+#   version = "2.4.0"
+#
+# [prune]
+#   non-go = false
+#   go-tests = true
+#   unused-packages = true
+
+[[constraint]]
+  name = "github.com/knqyf263/gost"
+  branch = "master"
+
+[[constraint]]
+  name = "github.com/kotakanbe/go-cve-dictionary"
+  branch = "master"
+
+[[constraint]]
+  name = "github.com/mozqnet/go-exploitdb"
+  branch = "master"
+
+[prune]
+  go-tests = true
+  unused-packages = true
--- a/4
+++ b/4
@@ -632,7 +632,7 @@ state the exclusion of warranty; and each file should have at least
 the "copyright" line and a pointer to where the full notice is found.

    Vuls - Vulnerability Scanner
-    Copyright (C) 2016  Future Architect, Inc. Japan.
+    Copyright (C) 2016  Future Corporation , Japan.

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -652,7 +652,7 @@ Also add information on how to contact you by electronic and paper mail.
  If the program does terminal interaction, make it output a short
 notice like this when it starts in an interactive mode:

-    Vuls  Copyright (C) 2016  Future Architect, Inc. Japan.
+    Vuls  Copyright (C) 2016  Future Corporation , Japan.
    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
    This is free software, and you are welcome to redistribute it
    under certain conditions; type `show c' for details.
--- a/51
+++ b/51
@@ -1,51 +0,0 @@
-.PHONY: \
-	all \
-	vendor \
-	lint \
-	vet \
-	fmt \
-	fmtcheck \
-	pretest \
-	test \
-	cov \
-	clean
-
-SRCS = $(shell git ls-files '*.go')
-PKGS = ./. ./db ./config ./models ./report ./cveapi ./scan ./util ./commands
-
-all: test
-
-#  vendor:
-#          @ go get -v github.com/mjibson/party
-#          party -d external -c -u
-
-lint:
-	@ go get -v github.com/golang/lint/golint
-	$(foreach file,$(SRCS),golint $(file) || exit;)
-
-vet:
-	#  @-go get -v golang.org/x/tools/cmd/vet
-	$(foreach pkg,$(PKGS),go vet $(pkg);)
-
-fmt:
-	gofmt -w $(SRCS)
-
-fmtcheck:
-	$(foreach file,$(SRCS),gofmt -d $(file);)
-
-pretest: lint vet fmtcheck
-
-test: pretest
-	$(foreach pkg,$(PKGS),go test -v $(pkg) || exit;)
-
-unused :
-	$(foreach pkg,$(PKGS),unused $(pkg);)
-
-cov:
-	@ go get -v github.com/axw/gocov/gocov
-	@ go get golang.org/x/tools/cmd/cover
-	gocov test | gocov report
-
-clean:
-	$(foreach pkg,$(PKGS),go clean $(pkg) || exit;)
-
--- a/2
+++ b/2
@@ -1,2 +1,2 @@
-Vuls Copyright (C) 2016  Future Architect, Inc. Japan.
+Vuls Copyright (C) 2016  Future Corporation , Japan.

--- a/README.fr.md
+++ b/README.fr.md
@@ -1,224 +0,0 @@
-
-# Vuls: VULnerability Scanner
-
-[![Slack](https://img.shields.io/badge/slack-join-blue.svg)](http://goo.gl/forms/xm5KFo35tu)
-
-Scanneur de vulnérabilité Linux, sans agent, écrit en golang
-
-Nous avons une équipe Slack. [Rejoignez notre Slack Team](http://goo.gl/forms/xm5KFo35tu)  
-
-[README en English](https://github.com/future-architect/vuls/blob/master/README.md)  
-[README en Japonais](https://github.com/future-architect/vuls/blob/master/README.ja.md)  
-
-[![asciicast](https://asciinema.org/a/3y9zrf950agiko7klg8abvyck.png)](https://asciinema.org/a/3y9zrf950agiko7klg8abvyck)
-
-![Vuls-slack](img/vuls-slack-en.png)
-
-
-
----
-
-# Résumé
-
-Effectuer des recherches de vulnérabilités et des mises à jour quotidiennes peut etre un fardeau pour un administrateur système.
-Afin d'éviter des interruptions systèmes dans un environnement de production, il est fréquent pour un administrateur système de choisir de ne pas utiliser la fonction de mise à jour automatique proposée par le gestionnaire de paquets et d'effecter ces mises à jour manuellement.
-Ce qui implique les problèmes suivants :
- L'administrateur système devra surveiller constamment toutes les nouvelles vulnérabilités dans NVD (National Vulnerability Database) etc.
- Il pourrait être impossible pour un administrateur système de surveiller tous les logiciels installés sur un serveur.
- Il est coûteux d'effectuer une analyse pour déterminer quels sont les serveurs affectés par de nouvelles vulnérabilités. La possibilité de négliger un serveur ou deux est bien présente.
-
-Vuls est un outil crée pour palier aux problèmes listés ci-dessus. Voici ses caractéristiques.
- Informer les utilisateurs des vulnérabilités système.
- Informer les utilisateurs des systèmes concernés. 
- La détection de vulnérabilités est effectuée automatiquement pour éviter toute négligence.
- Les rapports sont générés régulièrement via CRON pour mieux gérer ces vulnérabilités.
-
-![Vuls-Motivation](img/vuls-motivation.png)
-
----
-
-# Caractéristiques principales
-
- Recherche de vulnérabilités sur des serveurs Linux
-    - Supporte Ubuntu, Debian, CentOS, Amazon Linux, RHEL
-    - Cloud, auto-hébergement, Docker
- Scan d'intergiciels non inclus dans le gestionnaire de paquets de l'OS
-    - Scan d'intergiciels, de libraries de language de programmation et framework pour des vulnérabilités
-    - Supporte les logiciels inscrits au CPE
- Architecture sans agent
-    - L'utilisateur doit seulement mettre en place VULS sur une seule machine qui se connectera aux autres via SSH
- Génération automatique des fichiers de configuration
-    - Auto detection de serveurs via CIDR et génération de configuration
- Email et notification Slack possibles (supporte le Japonais) 
- Les résultats d'un scan sont accessibles dans un shell via TUI Viewer terminal.
-
----
-
-# Ce que Vuls ne fait pas
-
- Vuls ne met pas à jour les programmes affectés par les vulnérabilités découvertes.
-
----
-
-# Hello Vuls 
-
-Ce tutoriel décrit la recherche de vulnérabilités sur une machine locale avec Vuls.
-Voici les étapes à suivre. 
-
-1. Démrarrage d'Amazon Linux
-1. Autoriser les connexions SSH depuis localhost
-1. Installation des prérequis
-1. Déploiement de go-cve-dictionary
-1. Deploiement de Vuls
-1. Configuration
-1. Préparation
-1. Scan
-1. TUI(Terminal-Based User Interface)
-
-## Step1. Démrarrage d'Amazon Linux
-
- Nous utilisons dans cette exemple une vieille AMI (amzn-ami-hvm-2015.09.1.x86_64-gp2 - ami-383c1956)
- Taille de l'instance : t2.medium
-    - La première fois, t2.medium et plus sont requis pour la récupération des CVE depuis NVD (2.3GB de mémoire utilisé)
-    - Une fois la récupération initiale des données NVD terminée vous pouvez passer sur une instance t2.nano.
- Ajoutez la configuration suivante au cloud-init, afin d'éviter une mise à jour automatique lors du premier démarrage.
-
-    - [Q: How do I disable the automatic installation of critical and important security updates on initial launch?](https://aws.amazon.com/amazon-linux-ami/faqs/?nc1=h_ls)
-    ```
-    #cloud-config
-    repo_upgrade: none
-    ```
-
-## Step2. Paramètres SSH
-
-Il est obligatoire que le serveur puisse se connecter à son propre serveur SSH
-
-Générez une paire de clés SSH et ajoutez la clé publique dans le fichier authorized_keys
-```bash
-$ ssh-keygen -t rsa
-$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
-$ chmod 600 ~/.ssh/authorized_keys
-```
-
-## Step3. Installation des prérequis
-
-Vuls requiert l'installation des paquets suivants : 
-
- sqlite
- git
- gcc
- go v1.6
-    - https://golang.org/doc/install
-
-```bash
-$ ssh ec2-user@52.100.100.100  -i ~/.ssh/private.pem
-$ sudo yum -y install sqlite git gcc
-$ wget https://storage.googleapis.com/golang/go1.6.linux-amd64.tar.gz
-$ sudo tar -C /usr/local -xzf go1.6.linux-amd64.tar.gz
-$ mkdir $HOME/go
-```
-Ajoutez les lignes suivantes dans /etc/profile.d/goenv.sh
-
-```bash
-export GOROOT=/usr/local/go
-export GOPATH=$HOME/go
-export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
-```
-
-Ajoutons ces nouvelles variables d’environnement au shell
-```bash
-$ source /etc/profile.d/goenv.sh
-```
-
-## Step4. Déploiement de [go-cve-dictionary](https://github.com/kotakanbe/go-cve-dictionary)
-
-go get
-
-```bash
-$ sudo mkdir /var/log/vuls
-$ sudo chown ec2-user /var/log/vuls
-$ sudo chmod 700 /var/log/vuls
-$ go get github.com/kotakanbe/go-cve-dictionary
-```
-
-Démarrez go-cve-dictionary en mode serveur.
-Lors de son premier démarrage go-cve-dictionary récupère la liste des vulnérabilités depuis NVD
-Cette opération prend environ 10 minutes (sur AWS).  
-
-## Step5. Déploiement de Vuls
-
-Ouvrez un second terminal, connectez vous à l'instance ec2 via SSH
-
-go get
-```
-$ go get github.com/future-architect/vuls
-```
-
-## Step6. Configuration
-
-Créez un fichier de configuration (TOML format).
-
-```
-$ cat config.toml
-[servers]
-
-[servers.172-31-4-82]
-host         = "172.31.4.82"
-port        = "22"
-user        = "ec2-user"
-keyPath     = "/home/ec2-user/.ssh/id_rsa"
-```
-
-## Step7. Configuration des serveurs cibles vuls  
-
-```
-$ vuls prepare
-```
-
-## Step8. Scan
-
-```
-$ vuls scan -cve-dictionary-dbpath=$PWD/cve.sqlite3
-INFO[0000] Begin scanning (config: /home/ec2-user/config.toml)
-
-... snip ...
-
-172-31-4-82 (amazon 2015.09)
-============================
-CVE-2016-0494   10.0    Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle
-                        Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to
-                        affect confidentiality, integrity, and availability via unknown vectors related to
-                        2D.
-... snip ...
-
-CVE-2016-0494
-------------
-Score           10.0 (High)
-Vector          (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-Summary         Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105,
-                7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality,
-                integrity, and availability via unknown vectors related to 2D.
-NVD             https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0494
-MITRE           https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494
-CVE Details     http://www.cvedetails.com/cve/CVE-2016-0494
-CVSS Claculator https://nvd.nist.gov/cvss/v2-calculator?name=CVE-2016-0494&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C)
-RHEL-CVE        https://access.redhat.com/security/cve/CVE-2016-0494
-ALAS-2016-643   https://alas.aws.amazon.com/ALAS-2016-643.html
-Package/CPE     java-1.7.0-openjdk-1.7.0.91-2.6.2.2.63.amzn1 -> java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.65.amzn1
-
-```
-
-## Step9. TUI
-
-Les résultats de Vuls peuvent etre affichés dans un Shell via TUI (Terminal-Based User Interface).
-
-```
-$ vuls tui
-```
-
-![Vuls-TUI](img/hello-vuls-tui.png)
-
-
----
-
-For more information see [README in English](https://github.com/future-architect/vuls/blob/master/README.md)  
--- a/README.ja.md
+++ b/README.ja.md
--- a/README.md
+++ b/README.md
--- a/alert/alert_jp.go
+++ b/alert/alert_jp.go
--- a/alert/alert_us.go
+++ b/alert/alert_us.go
@@ -0,0 +1,920 @@
+package alert
+
+// AlertDictEn has USCERT alerts
+var AlertDictEn = map[string]Alert{
+	"https://www.us-cert.gov/ncas/alerts/TA08-352A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA08-352A",
+		Title: `Microsoft Internet Explorer Data Binding Vulnerability`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA08-350A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA08-350A",
+		Title: `Apple Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA08-344A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA08-344A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA08-340A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA08-340A",
+		Title: `Sun Java Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA08-319A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA08-319A",
+		Title: `Mozilla Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-132A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-132A",
+		Title: `Microsoft PowerPoint Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-041A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-041A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-343A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-343A",
+		Title: `Adobe Flash Vulnerabilities Affect Flash Player and Adobe AIR`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-218A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-218A",
+		Title: `Apple Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-195A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-195A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-342A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-342A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-286B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-286B",
+		Title: `Adobe Reader and Acrobat Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-160B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-160B",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-069A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-069A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-223A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-223A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-013A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-013A",
+		Title: `Microsoft Updates for Multiple SMB Protocol Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-294A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-294A",
+		Title: `Oracle Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-020A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-020A",
+		Title: `Microsoft Windows Does Not Disable AutoRun Properly`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-133A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-133A",
+		Title: `Apple Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-022A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-022A",
+		Title: `Apple QuickTime Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-051A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-051A",
+		Title: `Adobe Acrobat and Reader Vulnerability`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-015A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-015A",
+		Title: `Oracle Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-251A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-251A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-209A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-209A",
+		Title: `Microsoft Windows, Internet Explorer, and Active Template Library (ATL) Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-204A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-204A",
+		Title: `Adobe Flash Vulnerability Affects Flash Player and Other Adobe Products`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-161A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-161A",
+		Title: `Adobe Acrobat and Reader Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-133B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-133B",
+		Title: `Adobe Reader and Acrobat JavaScript Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-088A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-088A",
+		Title: `Conficker Worm Targets Microsoft Windows Systems`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-314A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-314A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-105A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-105A",
+		Title: `Oracle Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-104A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-104A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-286A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-286A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA09-187A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA09-187A",
+		Title: `Microsoft Video ActiveX Control Vulnerability`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-238A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-238A",
+		Title: `Microsoft Windows Insecurely Loads Dynamic Libraries`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-159B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-159B",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-103B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-103B",
+		Title: `Oracle Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-021A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-021A",
+		Title: `Microsoft Internet Explorer Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-012A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-012A",
+		Title: `Oracle Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-313A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-313A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-285A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-285A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-263A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-263A",
+		Title: `Adobe Flash Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-103C": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-103C",
+		Title: `Adobe Reader and Acrobat Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-040A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-040A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-194B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-194B",
+		Title: `Oracle Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-194A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-194A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-131A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-131A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-068A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-068A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-348A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-348A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-257A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-257A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-231A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-231A",
+		Title: `Adobe Reader and Acrobat Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-222A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-222A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-162A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-162A",
+		Title: `Adobe Flash and AIR Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-159A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-159A",
+		Title: `Adobe Flash, Reader, and Acrobat Vulnerability`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-089A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-089A",
+		Title: `Microsoft Internet Explorer Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-013A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-013A",
+		Title: `Adobe Reader and Acrobat Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-287A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-287A",
+		Title: `Oracle Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-279A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-279A",
+		Title: `Adobe Reader and Acrobat Affected by Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-223A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-223A",
+		Title: `Adobe Flash and AIR Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA10-012B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA10-012B",
+		Title: `Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-165A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-165A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-067A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-067A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-039A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-039A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-222A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-222A",
+		Title: `Adobe Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-193A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-193A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-201A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-201A",
+		Title: `Oracle Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-166A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-166A",
+		Title: `Adobe Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-130A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-130A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-312A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-312A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-286A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-286A",
+		Title: `Apple Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-350A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-350A",
+		Title: `Adobe Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-221A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-221A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-256A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-256A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-200A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-200A",
+		Title: `Security Recommendations to Prevent Cyber Intrusions`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-102A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-102A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-011A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-011A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-347A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-347A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA11-284A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA11-284A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-262A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-262A",
+		Title: `Microsoft Security Advisory for Internet Explorer Exploit`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-240A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-240A",
+		Title: `Oracle Java 7 Security Manager Bypass Vulnerability`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-227A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-227A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-129A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-129A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-101B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-101B",
+		Title: `Adobe Reader and Acrobat Security Updates and Architectural Improvements`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-010A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-010A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-006A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-006A",
+		Title: `Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-265A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-265A",
+		Title: `Microsoft Releases Patch for Internet Explorer Exploit`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-255A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-255A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-251A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-251A",
+		Title: `Microsoft Update For Minimum Certificate Key Length`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-174A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-174A",
+		Title: `Microsoft XML Core Services Attack Activity`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-164A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-164A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-101A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-101A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-318A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-318A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-283A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-283A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-346A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-346A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-192A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-192A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-073A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-073A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-045A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-045A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA12-024A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA12-024A",
+		Title: `&quot;Anonymous&quot; DDoS Activity`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-134A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-134A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-043B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-043B",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-008A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-008A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-051A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-051A",
+		Title: `Oracle Java Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-043A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-043A",
+		Title: `Adobe Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-225A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-225A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-207A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-207A",
+		Title: `Risks of Using the Intelligent Platform Management Interface (IPMI)`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-141A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-141A",
+		Title: `Washington, DC Radio Station Web Site Compromises`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-175A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-175A",
+		Title: `Risks of Default Passwords on the Internet`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-169A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-169A",
+		Title: `Oracle Releases Updates for Javadoc and Other Java SE Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-168A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-168A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-100A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-100A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-088A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-088A",
+		Title: `DNS Amplification Attacks`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-317A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-317A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-309A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-309A",
+		Title: `CryptoLocker Ransomware Infections`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-288A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-288A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-064A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-064A",
+		Title: `Oracle Java Contains Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-032A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-032A",
+		Title: `Oracle Java Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-024A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-024A",
+		Title: `Content Management Systems Security and Associated Risks`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-107A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-107A",
+		Title: `Oracle Has Released Multiple Updates for Java SE`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-071A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-071A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-015A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-015A",
+		Title: `Microsoft Releases Update for Internet Explorer Vulnerability CVE-2012-4792`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-010A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-010A",
+		Title: `Oracle Java 7 Security Manager Bypass Vulnerability`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-253A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-253A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-193A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-193A",
+		Title: `Exploit Tool Targets Vulnerabilities in McAfee ePolicy Orchestrator (ePO)`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA13-190A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA13-190A",
+		Title: `Microsoft Updates for Multiple Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-323A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-323A",
+		Title: `Microsoft Windows Kerberos KDC Remote Privilege Escalation Vulnerability `,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-300A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-300A",
+		Title: `Phishing Campaign Linked with “Dyre” Banking Malware`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-295A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-295A",
+		Title: `Crypto Ransomware`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-318B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-318B",
+		Title: `Microsoft Windows OLE Automation Array Remote Code Execution Vulnerability `,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-317A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-317A",
+		Title: `Apple iOS &#039;Masque Attack&#039; Technique`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-290A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-290A",
+		Title: `SSL 3.0 Protocol Vulnerability and POODLE Attack`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-017A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-017A",
+		Title: `UDP-Based Amplification Attacks`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-002A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-002A",
+		Title: `Malware Targeting Point of Sale Systems`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-318A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-318A",
+		Title: `Microsoft Secure Channel (Schannel) Vulnerability (CVE-2014-6321) `,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-310A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-310A",
+		Title: `Microsoft Ending Support for Windows Server 2003 Operating System`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-268A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-268A",
+		Title: `GNU Bourne-Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277 and CVE 2014-6278) `,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-098A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-098A",
+		Title: `OpenSSL &#039;Heartbleed&#039; vulnerability (CVE-2014-0160)`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-353A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-353A",
+		Title: `Targeted Destructive Malware`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-329A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-329A",
+		Title: `Regin Malware`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-212A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-212A",
+		Title: `Backoff Point-of-Sale Malware`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-150A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-150A",
+		Title: `GameOver Zeus P2P Malware`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA14-013A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA14-013A",
+		Title: `NTP Amplification Attacks Using CVE-2013-5211`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-195A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-195A",
+		Title: `Adobe Flash and Microsoft Windows Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-337A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-337A",
+		Title: `Dorkbot`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-240A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-240A",
+		Title: `Controlling Outbound DNS Access`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-213A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-213A",
+		Title: `Recent Email Phishing Campaigns – Mitigation and Response Recommendations`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-120A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-120A",
+		Title: `Securing End-to-End Communications`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-119A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-119A",
+		Title: `Top 30 Targeted High Risk Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-105A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-105A",
+		Title: `Simda Botnet`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-103A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-103A",
+		Title: `DNS Zone Transfer AXFR Requests May Leak Domain Information`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-098A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-098A",
+		Title: `AAEH`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-314A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-314A",
+		Title: `Compromised Web Servers and Web Shells - Threat Awareness and Guidance `,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-286A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-286A",
+		Title: `Dridex P2P Malware`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA15-051A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA15-051A",
+		Title: `Lenovo Superfish Adware Vulnerable to HTTPS Spoofing`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA16-187A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA16-187A",
+		Title: `Symantec and Norton Security Products Contain Critical Vulnerabilities`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA16-144A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA16-144A",
+		Title: `WPAD Name Collision Vulnerability`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA16-132A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA16-132A",
+		Title: `Exploitation of SAP Business Applications`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA16-105A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA16-105A",
+		Title: `Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA16-091A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA16-091A",
+		Title: `Ransomware and Recent Variants`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA16-336A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA16-336A",
+		Title: `Avalanche (crimeware-as-a-service infrastructure)`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA16-288A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA16-288A",
+		Title: `Heightened DDoS Threat Posed by Mirai and Other Botnets`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA16-250A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA16-250A",
+		Title: `The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA17-117A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA17-117A",
+		Title: `Intrusions Affecting Multiple Victims Across Multiple Sectors`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA17-318B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA17-318B",
+		Title: `HIDDEN COBRA – North Korean Trojan: Volgmer`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA17-318A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA17-318A",
+		Title: `HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA17-181A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA17-181A",
+		Title: `Petya Ransomware `,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA17-132A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA17-132A",
+		Title: `Indicators Associated With WannaCry Ransomware`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA17-075A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA17-075A",
+		Title: `HTTPS Interception Weakens TLS Security`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA17-293A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA17-293A",
+		Title: `Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA17-164A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA17-164A",
+		Title: `HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA17-163A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA17-163A",
+		Title: `CrashOverride Malware`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA17-156A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA17-156A",
+		Title: `Reducing the Risk of SNMP Abuse`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-141A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-141A",
+		Title: `Side-Channel Vulnerability Variants 3a and 4`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-086A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-086A",
+		Title: `Brute Force Attacks Conducted by Cyber Actors `,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-004A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-004A",
+		Title: `Meltdown and Spectre Side-Channel Vulnerability Guidance`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-331A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-331A",
+		Title: `3ve – Major Online Ad Fraud Operation`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/AA18-284A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/AA18-284A",
+		Title: `Publicly Available Tools Seen in Cyber Incidents Worldwide`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-276B": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-276B",
+		Title: `Advanced Persistent Threat Activity Exploiting Managed Service Providers`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-275A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-275A",
+		Title: `HIDDEN COBRA – FASTCash Campaign`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-201A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-201A",
+		Title: `Emotet Malware`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-276A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-276A",
+		Title: `Using Rigorous Credential Control to Mitigate Trusted Network Exploitation`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-149A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-149A",
+		Title: `HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-145A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-145A",
+		Title: `Cyber Actors Target Home and Office Routers and Networked Devices Worldwide`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-106A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-106A",
+		Title: `Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices`,
+		Team:  "us",
+	},
+	"https://www.us-cert.gov/ncas/alerts/TA18-074A": {
+		URL:   "https://www.us-cert.gov/ncas/alerts/TA18-074A",
+		Title: `Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors`,
+		Team:  "us",
+	},
+}
--- a/alert/cve_jp.go
+++ b/alert/cve_jp.go
@@ -0,0 +1,534 @@
+package alert
+
+// CveDictJa has CVE-ID key which included JPCERT alerts
+var CveDictJa = map[string][]string{
+	"CVE-2006-0003":    {"https://www.jpcert.or.jp/at/2007/at070016.html"},
+	"CVE-2006-0005":    {"https://www.jpcert.or.jp/at/2007/at070016.html"},
+	"CVE-2006-1173":    {"https://www.jpcert.or.jp/at/2006/at060008.html"},
+	"CVE-2006-3014":    {"https://www.jpcert.or.jp/at/2006/at060009.html"},
+	"CVE-2006-3059":    {"https://www.jpcert.or.jp/at/2006/at060009.html"},
+	"CVE-2006-3086":    {"https://www.jpcert.or.jp/at/2006/at060009.html"},
+	"CVE-2006-3643":    {"https://www.jpcert.or.jp/at/2007/at070016.html"},
+	"CVE-2006-3730":    {"https://www.jpcert.or.jp/at/2007/at070016.html"},
+	"CVE-2006-3877":    {"https://www.jpcert.or.jp/at/2007/at070005.html"},
+	"CVE-2006-5198":    {"https://www.jpcert.or.jp/at/2007/at070016.html"},
+	"CVE-2006-5745":    {"https://www.jpcert.or.jp/at/2007/at070016.html"},
+	"CVE-2007-0015":    {"https://www.jpcert.or.jp/at/2007/at070016.html"},
+	"CVE-2007-0038":    {"https://www.jpcert.or.jp/at/2007/at070016.html"},
+	"CVE-2008-4609":    {"https://www.jpcert.or.jp/at/2009/at090019.html"},
+	"CVE-2010-0886":    {"https://www.jpcert.or.jp/at/2010/at100010.html"},
+	"CVE-2010-0887":    {"https://www.jpcert.or.jp/at/2010/at100010.html"},
+	"CVE-2011-1910":    {"https://www.jpcert.or.jp/at/2011/at110014.html"},
+	"CVE-2011-2444":    {"https://www.jpcert.or.jp/at/2011/at110026.html"},
+	"CVE-2011-2462":    {"https://www.jpcert.or.jp/at/2011/at110034.html"},
+	"CVE-2011-2465":    {"https://www.jpcert.or.jp/at/2011/at110019.html"},
+	"CVE-2011-3192":    {"https://www.jpcert.or.jp/at/2011/at110023.html"},
+	"CVE-2011-3348":    {"https://www.jpcert.or.jp/at/2011/at110023.html"},
+	"CVE-2011-3544":    {"https://www.jpcert.or.jp/at/2011/at110032.html"},
+	"CVE-2011-4313":    {"https://www.jpcert.or.jp/at/2011/at110031.html"},
+	"CVE-2012-0002":    {"https://www.jpcert.or.jp/at/2012/at120009.html"},
+	"CVE-2012-0507":    {"https://www.jpcert.or.jp/at/2012/at120010.html"},
+	"CVE-2012-0767":    {"https://www.jpcert.or.jp/at/2012/at120006.html"},
+	"CVE-2012-0779":    {"https://www.jpcert.or.jp/at/2012/at120014.html"},
+	"CVE-2012-0830":    {"https://www.jpcert.or.jp/at/2012/at120004.html"},
+	"CVE-2012-2311":    {"https://www.jpcert.or.jp/at/2012/at120016.html"},
+	"CVE-2012-4244":    {"https://www.jpcert.or.jp/at/2012/at120029.html"},
+	"CVE-2012-4681":    {"https://www.jpcert.or.jp/at/2012/at120028.html"},
+	"CVE-2012-4969":    {"https://www.jpcert.or.jp/at/2012/at120030.html"},
+	"CVE-2012-5166":    {"https://www.jpcert.or.jp/at/2012/at120033.html"},
+	"CVE-2013-0422":    {"https://www.jpcert.or.jp/at/2013/at130004.html"},
+	"CVE-2013-1493":    {"https://www.jpcert.or.jp/at/2013/at130014.html"},
+	"CVE-2013-2266":    {"https://www.jpcert.or.jp/at/2013/at130017.html"},
+	"CVE-2013-2494":    {"https://www.jpcert.or.jp/at/2013/at130017.html"},
+	"CVE-2013-3893":    {"https://www.jpcert.or.jp/at/2013/at130040.html", "https://www.jpcert.or.jp/at/2013/at130041.html"},
+	"CVE-2013-3906":    {"https://www.jpcert.or.jp/at/2013/at130044.html"},
+	"CVE-2013-3918":    {"https://www.jpcert.or.jp/at/2013/at130045.html"},
+	"CVE-2013-3919":    {"https://www.jpcert.or.jp/at/2013/at130026.html"},
+	"CVE-2013-4854":    {"https://www.jpcert.or.jp/at/2013/at130034.html"},
+	"CVE-2014-0050":    {"https://www.jpcert.or.jp/at/2014/at140007.html"},
+	"CVE-2014-0160":    {"https://www.jpcert.or.jp/at/2014/at140013.html"},
+	"CVE-2014-0322":    {"https://www.jpcert.or.jp/at/2014/at140009.html"},
+	"CVE-2014-1776":    {"https://www.jpcert.or.jp/at/2014/at140018.html", "https://www.jpcert.or.jp/at/2014/at140020.html"},
+	"CVE-2014-3383":    {"https://www.jpcert.or.jp/at/2015/at150021.html"},
+	"CVE-2014-3859":    {"https://www.jpcert.or.jp/at/2014/at140027.html"},
+	"CVE-2014-4114":    {"https://www.jpcert.or.jp/at/2014/at140039.html"},
+	"CVE-2014-6271":    {"https://www.jpcert.or.jp/at/2014/at140037.html", "https://www.jpcert.or.jp/at/2014/at140038.html"},
+	"CVE-2014-6277":    {"https://www.jpcert.or.jp/at/2014/at140037.html"},
+	"CVE-2014-6278":    {"https://www.jpcert.or.jp/at/2014/at140037.html"},
+	"CVE-2014-6324":    {"https://www.jpcert.or.jp/at/2014/at140048.html"},
+	"CVE-2014-6332":    {"https://www.jpcert.or.jp/at/2015/at150015.html"},
+	"CVE-2014-6352":    {"https://www.jpcert.or.jp/at/2014/at140043.html"},
+	"CVE-2014-7169":    {"https://www.jpcert.or.jp/at/2014/at140037.html"},
+	"CVE-2014-7186":    {"https://www.jpcert.or.jp/at/2014/at140037.html"},
+	"CVE-2014-7187":    {"https://www.jpcert.or.jp/at/2014/at140037.html"},
+	"CVE-2014-8361":    {"https://www.jpcert.or.jp/at/2017/at170049.html"},
+	"CVE-2014-8500":    {"https://www.jpcert.or.jp/at/2014/at140050.html"},
+	"CVE-2014-9163":    {"https://www.jpcert.or.jp/at/2014/at140052.html"},
+	"CVE-2015-0313":    {"https://www.jpcert.or.jp/at/2015/at150015.html"},
+	"CVE-2015-1769":    {"https://www.jpcert.or.jp/at/2015/at150028.html"},
+	"CVE-2015-5119":    {"https://www.jpcert.or.jp/at/2015/at150019.html"},
+	"CVE-2015-5122":    {"https://www.jpcert.or.jp/at/2015/at150020.html"},
+	"CVE-2015-5123":    {"https://www.jpcert.or.jp/at/2015/at150020.html"},
+	"CVE-2015-5477":    {"https://www.jpcert.or.jp/at/2015/at150027.html"},
+	"CVE-2015-5986":    {"https://www.jpcert.or.jp/at/2015/at150031.html"},
+	"CVE-2015-6835":    {"https://www.jpcert.or.jp/at/2016/at160036.html"},
+	"CVE-2015-7547":    {"https://www.jpcert.or.jp/at/2016/at160009.html"},
+	"CVE-2015-7645":    {"https://www.jpcert.or.jp/at/2015/at150036.html", "https://www.jpcert.or.jp/at/2015/at150037.html"},
+	"CVE-2015-8000":    {"https://www.jpcert.or.jp/at/2015/at150043.html"},
+	"CVE-2015-8461":    {"https://www.jpcert.or.jp/at/2015/at150043.html"},
+	"CVE-2015-8562":    {"https://www.jpcert.or.jp/at/2016/at160036.html"},
+	"CVE-2015-8651":    {"https://www.jpcert.or.jp/at/2016/at160001.html"},
+	"CVE-2015-8704":    {"https://www.jpcert.or.jp/at/2016/at160006.html"},
+	"CVE-2015-8705":    {"https://www.jpcert.or.jp/at/2016/at160006.html"},
+	"CVE-2016-0189":    {"https://www.jpcert.or.jp/at/2016/at160022.html"},
+	"CVE-2016-0636":    {"https://www.jpcert.or.jp/at/2016/at160015.html"},
+	"CVE-2016-0800":    {"https://www.jpcert.or.jp/at/2016/at160010.html"},
+	"CVE-2016-1000109": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
+	"CVE-2016-1000110": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
+	"CVE-2016-1010":    {"https://www.jpcert.or.jp/at/2016/at160014.html"},
+	"CVE-2016-1019":    {"https://www.jpcert.or.jp/at/2016/at160016.html"},
+	"CVE-2016-1204":    {"https://www.jpcert.or.jp/at/2016/at160019.html"},
+	"CVE-2016-1286":    {"https://www.jpcert.or.jp/at/2016/at160013.html", "https://www.jpcert.or.jp/at/2016/at160037.html"},
+	"CVE-2016-2776":    {"https://www.jpcert.or.jp/at/2016/at160037.html"},
+	"CVE-2016-3081":    {"https://www.jpcert.or.jp/at/2016/at160020.html"},
+	"CVE-2016-3227":    {"https://www.jpcert.or.jp/at/2016/at160025.html"},
+	"CVE-2016-3714":    {"https://www.jpcert.or.jp/at/2016/at160021.html"},
+	"CVE-2016-3715":    {"https://www.jpcert.or.jp/at/2016/at160021.html"},
+	"CVE-2016-3716":    {"https://www.jpcert.or.jp/at/2016/at160021.html"},
+	"CVE-2016-3717":    {"https://www.jpcert.or.jp/at/2016/at160021.html"},
+	"CVE-2016-3718":    {"https://www.jpcert.or.jp/at/2016/at160021.html"},
+	"CVE-2016-4117":    {"https://www.jpcert.or.jp/at/2016/at160024.html"},
+	"CVE-2016-4171":    {"https://www.jpcert.or.jp/at/2016/at160026.html"},
+	"CVE-2016-4438":    {"https://www.jpcert.or.jp/at/2016/at160027.html"},
+	"CVE-2016-5385":    {"https://www.jpcert.or.jp/at/2016/at160031.html"},
+	"CVE-2016-5386":    {"https://www.jpcert.or.jp/at/2016/at160031.html"},
+	"CVE-2016-5387":    {"https://www.jpcert.or.jp/at/2016/at160031.html"},
+	"CVE-2016-5388":    {"https://www.jpcert.or.jp/at/2016/at160031.html"},
+	"CVE-2016-6307":    {"https://www.jpcert.or.jp/at/2016/at160038.html"},
+	"CVE-2016-6309":    {"https://www.jpcert.or.jp/at/2016/at160038.html"},
+	"CVE-2016-7189":    {"https://www.jpcert.or.jp/at/2016/at160039.html"},
+	"CVE-2016-7836":    {"https://www.jpcert.or.jp/at/2016/at160051.html", "https://www.jpcert.or.jp/at/2017/at170023.html"},
+	"CVE-2016-7855":    {"https://www.jpcert.or.jp/at/2016/at160039.html", "https://www.jpcert.or.jp/at/2016/at160043.html"},
+	"CVE-2016-7892":    {"https://www.jpcert.or.jp/at/2016/at160048.html", "https://www.jpcert.or.jp/at/2016/at160049.html"},
+	"CVE-2016-8864":    {"https://www.jpcert.or.jp/at/2016/at160044.html"},
+	"CVE-2016-9131":    {"https://www.jpcert.or.jp/at/2017/at170004.html"},
+	"CVE-2016-9147":    {"https://www.jpcert.or.jp/at/2017/at170004.html"},
+	"CVE-2016-9444":    {"https://www.jpcert.or.jp/at/2017/at170004.html"},
+	"CVE-2016-9778":    {"https://www.jpcert.or.jp/at/2017/at170004.html"},
+	"CVE-2017-0093":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0106":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0145":    {"https://www.jpcert.or.jp/at/2017/at170020.html"},
+	"CVE-2017-0158":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0160":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0161":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-0162":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0163":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0180":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0181":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0199":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0200":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0201":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0202":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0205":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0210":    {"https://www.jpcert.or.jp/at/2017/at170015.html"},
+	"CVE-2017-0221":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0222":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0224":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0227":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0228":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0229":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0235":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0236":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0240":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0250":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-0261":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0263":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0266":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0272":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0277":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0278":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0279":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0283":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-0290":    {"https://www.jpcert.or.jp/at/2017/at170019.html"},
+	"CVE-2017-0291":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-0292":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-0293":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-0294":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-0781":    {"https://www.jpcert.or.jp/at/2017/at170037.html"},
+	"CVE-2017-0782":    {"https://www.jpcert.or.jp/at/2017/at170037.html"},
+	"CVE-2017-0783":    {"https://www.jpcert.or.jp/at/2017/at170037.html"},
+	"CVE-2017-0785":    {"https://www.jpcert.or.jp/at/2017/at170037.html"},
+	"CVE-2017-1000250": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
+	"CVE-2017-1000251": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
+	"CVE-2017-10271":   {"https://www.jpcert.or.jp/at/2018/at180004.html"},
+	"CVE-2017-10845":   {"https://www.jpcert.or.jp/at/2017/at170034.html"},
+	"CVE-2017-10846":   {"https://www.jpcert.or.jp/at/2017/at170034.html"},
+	"CVE-2017-11223":   {"https://www.jpcert.or.jp/at/2017/at170031.html"},
+	"CVE-2017-11292":   {"https://www.jpcert.or.jp/at/2017/at170040.html"},
+	"CVE-2017-11762":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11763":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11764":   {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-11766":   {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-11771":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11779":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11792":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11793":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11796":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11798":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11799":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11800":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11802":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11804":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11805":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11806":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11807":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11808":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11809":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11810":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11811":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11812":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11813":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11819":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11821":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11822":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11826":   {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-11836":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11837":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11838":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11839":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11840":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11841":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11843":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11845":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11846":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11855":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11856":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11858":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11861":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11862":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11866":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11869":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11870":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11871":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11873":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11882":   {"https://www.jpcert.or.jp/at/2017/at170044.html"},
+	"CVE-2017-11886":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11888":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11889":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11890":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11893":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11894":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11895":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11901":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11903":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11905":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11907":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11908":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11909":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11910":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11911":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11912":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11914":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11918":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11930":   {"https://www.jpcert.or.jp/at/2017/at170048.html"},
+	"CVE-2017-11937":   {"https://www.jpcert.or.jp/at/2017/at170046.html"},
+	"CVE-2017-12615":   {"https://www.jpcert.or.jp/at/2017/at170038.html"},
+	"CVE-2017-12616":   {"https://www.jpcert.or.jp/at/2017/at170038.html"},
+	"CVE-2017-12617":   {"https://www.jpcert.or.jp/at/2017/at170038.html"},
+	"CVE-2017-13872":   {"https://www.jpcert.or.jp/at/2017/at170045.html"},
+	"CVE-2017-14315":   {"https://www.jpcert.or.jp/at/2017/at170037.html"},
+	"CVE-2017-3135":    {"https://www.jpcert.or.jp/at/2017/at170007.html"},
+	"CVE-2017-3136":    {"https://www.jpcert.or.jp/at/2017/at170016.html"},
+	"CVE-2017-3137":    {"https://www.jpcert.or.jp/at/2017/at170016.html"},
+	"CVE-2017-3138":    {"https://www.jpcert.or.jp/at/2017/at170016.html"},
+	"CVE-2017-3142":    {"https://www.jpcert.or.jp/at/2017/at170024.html"},
+	"CVE-2017-3143":    {"https://www.jpcert.or.jp/at/2017/at170024.html"},
+	"CVE-2017-3145":    {"https://www.jpcert.or.jp/at/2018/at180005.html"},
+	"CVE-2017-5638":    {"https://www.jpcert.or.jp/at/2017/at170009.html"},
+	"CVE-2017-6753":    {"https://www.jpcert.or.jp/at/2017/at170028.html"},
+	"CVE-2017-8463":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8464":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8496":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8497":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8499":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8517":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8520":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8522":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8524":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8527":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8528":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8543":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8548":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8549":    {"https://www.jpcert.or.jp/at/2017/at170022.html"},
+	"CVE-2017-8584":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8589":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8591":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8594":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8595":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8596":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8598":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8601":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8603":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8604":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8605":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8606":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8607":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8608":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8609":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8610":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8617":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8618":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8619":    {"https://www.jpcert.or.jp/at/2017/at170027.html"},
+	"CVE-2017-8620":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8622":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8628":    {"https://www.jpcert.or.jp/at/2017/at170037.html"},
+	"CVE-2017-8634":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8635":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8636":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8638":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8639":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8640":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8641":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8645":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8646":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8647":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8649":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8653":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8655":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8656":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8657":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8660":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8661":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8669":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8670":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8671":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8672":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8674":    {"https://www.jpcert.or.jp/at/2017/at170032.html"},
+	"CVE-2017-8676":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8682":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8686":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8696":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8727":    {"https://www.jpcert.or.jp/at/2017/at170039.html"},
+	"CVE-2017-8728":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8729":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8731":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8734":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8737":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8738":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8740":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8741":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8747":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8748":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8749":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8750":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8751":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8752":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8753":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8755":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8756":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8757":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-8759":    {"https://www.jpcert.or.jp/at/2017/at170036.html"},
+	"CVE-2017-9791":    {"https://www.jpcert.or.jp/at/2017/at170025.html"},
+	"CVE-2017-9805":    {"https://www.jpcert.or.jp/at/2017/at170033.html"},
+	"CVE-2018-0171":    {"https://www.jpcert.or.jp/at/2018/at180013.html"},
+	"CVE-2018-0758":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0762":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0763":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0767":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0769":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0770":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0772":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0773":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0774":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0775":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0776":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0777":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0778":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0780":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0781":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0797":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0800":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0802":    {"https://www.jpcert.or.jp/at/2018/at180002.html"},
+	"CVE-2018-0825":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0834":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0835":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0837":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0838":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0840":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0852":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0856":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0857":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0859":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0860":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0861":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-0870":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-0872":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0874":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0876":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0889":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0893":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0930":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0931":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0932":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0933":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0934":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0936":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0937":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0939":    {"https://www.jpcert.or.jp/at/2018/at180011.html"},
+	"CVE-2018-0943":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-0945":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-0946":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-0950":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-0951":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-0953":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-0954":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-0955":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-0959":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-0961":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-0965":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-0979":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-0980":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-0981":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-0988":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-0990":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-0991":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-0993":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-0994":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-0995":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-0996":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-1000":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-1004":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-1010":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-1012":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-1013":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-1015":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-1016":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-1018":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-1019":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-1020":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-1022":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-1023":    {"https://www.jpcert.or.jp/at/2018/at180016.html"},
+	"CVE-2018-11776":   {"https://www.jpcert.or.jp/at/2018/at180036.html"},
+	"CVE-2018-1270":    {"https://www.jpcert.or.jp/at/2018/at180014.html"},
+	"CVE-2018-1271":    {"https://www.jpcert.or.jp/at/2018/at180014.html"},
+	"CVE-2018-1272":    {"https://www.jpcert.or.jp/at/2018/at180014.html"},
+	"CVE-2018-1273":    {"https://www.jpcert.or.jp/at/2018/at180017.html"},
+	"CVE-2018-1274":    {"https://www.jpcert.or.jp/at/2018/at180017.html"},
+	"CVE-2018-1275":    {"https://www.jpcert.or.jp/at/2018/at180014.html"},
+	"CVE-2018-12794":   {"https://www.jpcert.or.jp/at/2018/at180039.html"},
+	"CVE-2018-1336":    {"https://www.jpcert.or.jp/at/2018/at180030.html"},
+	"CVE-2018-15442":   {"https://www.jpcert.or.jp/at/2018/at180043.html"},
+	"CVE-2018-15979":   {"https://www.jpcert.or.jp/at/2018/at180045.html"},
+	"CVE-2018-2628":    {"https://www.jpcert.or.jp/at/2018/at180029.html"},
+	"CVE-2018-2893":    {"https://www.jpcert.or.jp/at/2018/at180029.html"},
+	"CVE-2018-2894":    {"https://www.jpcert.or.jp/at/2018/at180029.html"},
+	"CVE-2018-2933":    {"https://www.jpcert.or.jp/at/2018/at180029.html"},
+	"CVE-2018-2983":    {"https://www.jpcert.or.jp/at/2018/at180029.html"},
+	"CVE-2018-2998":    {"https://www.jpcert.or.jp/at/2018/at180029.html"},
+	"CVE-2018-4877":    {"https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-4878":    {"https://www.jpcert.or.jp/at/2018/at180006.html", "https://www.jpcert.or.jp/at/2018/at180008.html"},
+	"CVE-2018-4945":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-5000":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-5001":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-5002":    {"https://www.jpcert.or.jp/at/2018/at180024.html", "https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-5740":    {"https://www.jpcert.or.jp/at/2018/at180031.html"},
+	"CVE-2018-7600":    {"https://www.jpcert.or.jp/at/2018/at180012.html"},
+	"CVE-2018-7602":    {"https://www.jpcert.or.jp/at/2018/at180019.html"},
+	"CVE-2018-8034":    {"https://www.jpcert.or.jp/at/2018/at180030.html"},
+	"CVE-2018-8037":    {"https://www.jpcert.or.jp/at/2018/at180030.html"},
+	"CVE-2018-8110":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-8111":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-8114":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-8120":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-8122":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-8128":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-8130":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-8133":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-8137":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-8139":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-8154":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-8174":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-8178":    {"https://www.jpcert.or.jp/at/2018/at180021.html"},
+	"CVE-2018-8213":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-8225":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-8229":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-8231":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-8236":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-8242":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8249":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-8251":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-8262":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8266":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8267":    {"https://www.jpcert.or.jp/at/2018/at180025.html"},
+	"CVE-2018-8273":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8274":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8275":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8279":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8280":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8286":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8288":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8290":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8291":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8294":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8296":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8301":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8302":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8324":    {"https://www.jpcert.or.jp/at/2018/at180028.html"},
+	"CVE-2018-8332":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8344":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8345":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8350":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8355":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8367":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8371":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8372":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8373":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8377":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8380":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8381":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8385":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8387":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8390":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8397":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8403":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8414":    {"https://www.jpcert.or.jp/at/2018/at180034.html"},
+	"CVE-2018-8420":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8421":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8439":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8440":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8447":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8453":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8456":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8457":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8459":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8460":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8461":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8464":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8465":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8466":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8467":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8473":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8475":    {"https://www.jpcert.or.jp/at/2018/at180038.html"},
+	"CVE-2018-8476":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8489":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8490":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8491":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8494":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8505":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8509":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8510":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8511":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8513":    {"https://www.jpcert.or.jp/at/2018/at180041.html"},
+	"CVE-2018-8541":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8542":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8543":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8544":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8551":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8553":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8555":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8556":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8557":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8588":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8589":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+	"CVE-2018-8609":    {"https://www.jpcert.or.jp/at/2018/at180046.html"},
+}
--- a/alert/cve_us.go
+++ b/alert/cve_us.go
@@ -0,0 +1,96 @@
+package alert
+
+// CveDictEn has CVE-ID key which included USCERT alerts
+var CveDictEn = map[string][]string{
+	"CVE-1999-0532": {"https://www.us-cert.gov/ncas/alerts/TA15-103A"},
+	"CVE-2006-3227": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2008-0015": {"https://www.us-cert.gov/ncas/alerts/TA09-195A", "https://www.us-cert.gov/ncas/alerts/TA09-209A"},
+	"CVE-2008-2244": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2009-0658": {"https://www.us-cert.gov/ncas/alerts/TA09-051A"},
+	"CVE-2009-0927": {"https://www.us-cert.gov/ncas/alerts/TA13-141A"},
+	"CVE-2009-1492": {"https://www.us-cert.gov/ncas/alerts/TA09-133B"},
+	"CVE-2009-1493": {"https://www.us-cert.gov/ncas/alerts/TA09-133B"},
+	"CVE-2009-1537": {"https://www.us-cert.gov/ncas/alerts/TA09-195A"},
+	"CVE-2009-3103": {"https://www.us-cert.gov/ncas/alerts/TA17-181A"},
+	"CVE-2009-3129": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2009-3674": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2009-3953": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2010-0018": {"https://www.us-cert.gov/ncas/alerts/TA10-012B"},
+	"CVE-2010-0188": {"https://www.us-cert.gov/ncas/alerts/TA13-141A", "https://www.us-cert.gov/ncas/alerts/TA14-300A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2010-0806": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2010-1297": {"https://www.us-cert.gov/ncas/alerts/TA10-162A", "https://www.us-cert.gov/ncas/alerts/TA10-159A"},
+	"CVE-2010-2883": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2010-3333": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2011-0101": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2011-0611": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2011-2462": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2012-0158": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2012-1723": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2012-1856": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2012-1889": {"https://www.us-cert.gov/ncas/alerts/TA12-174A"},
+	"CVE-2012-3174": {"https://www.us-cert.gov/ncas/alerts/TA13-010A"},
+	"CVE-2012-4681": {"https://www.us-cert.gov/ncas/alerts/TA12-240A"},
+	"CVE-2012-4792": {"https://www.us-cert.gov/ncas/alerts/TA13-015A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2013-0074": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2013-0140": {"https://www.us-cert.gov/ncas/alerts/TA13-193A"},
+	"CVE-2013-0141": {"https://www.us-cert.gov/ncas/alerts/TA13-193A"},
+	"CVE-2013-0422": {"https://www.us-cert.gov/ncas/alerts/TA13-141A", "https://www.us-cert.gov/ncas/alerts/TA13-010A"},
+	"CVE-2013-0625": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2013-0632": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2013-0809": {"https://www.us-cert.gov/ncas/alerts/TA13-064A"},
+	"CVE-2013-1347": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2013-1493": {"https://www.us-cert.gov/ncas/alerts/TA13-064A"},
+	"CVE-2013-1571": {"https://www.us-cert.gov/ncas/alerts/TA13-169A"},
+	"CVE-2013-2465": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2013-2729": {"https://www.us-cert.gov/ncas/alerts/TA14-300A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2013-3336": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2013-5211": {"https://www.us-cert.gov/ncas/alerts/TA14-017A", "https://www.us-cert.gov/ncas/alerts/TA14-013A"},
+	"CVE-2013-5326": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2014-0160": {"https://www.us-cert.gov/ncas/alerts/TA14-098A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2014-0322": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2014-0564": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2014-1761": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2014-1776": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2014-3393": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
+	"CVE-2014-3566": {"https://www.us-cert.gov/ncas/alerts/TA14-290A", "https://www.us-cert.gov/ncas/alerts/TA15-120A"},
+	"CVE-2014-4114": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
+	"CVE-2014-6271": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
+	"CVE-2014-6277": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
+	"CVE-2014-6278": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
+	"CVE-2014-6321": {"https://www.us-cert.gov/ncas/alerts/TA14-318A"},
+	"CVE-2014-6332": {"https://www.us-cert.gov/ncas/alerts/TA14-318B"},
+	"CVE-2014-7169": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
+	"CVE-2014-7186": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
+	"CVE-2014-7187": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
+	"CVE-2014-8730": {"https://www.us-cert.gov/ncas/alerts/TA14-290A"},
+	"CVE-2015-2387": {"https://www.us-cert.gov/ncas/alerts/TA15-195A"},
+	"CVE-2015-5119": {"https://www.us-cert.gov/ncas/alerts/TA15-195A", "https://www.us-cert.gov/ncas/alerts/TA15-213A"},
+	"CVE-2015-5122": {"https://www.us-cert.gov/ncas/alerts/TA15-195A"},
+	"CVE-2015-5123": {"https://www.us-cert.gov/ncas/alerts/TA15-195A"},
+	"CVE-2015-6585": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
+	"CVE-2015-8651": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
+	"CVE-2016-0034": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
+	"CVE-2016-1019": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
+	"CVE-2016-2207": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
+	"CVE-2016-2208": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
+	"CVE-2016-2209": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
+	"CVE-2016-2210": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
+	"CVE-2016-2211": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
+	"CVE-2016-3644": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
+	"CVE-2016-3645": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
+	"CVE-2016-4117": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
+	"CVE-2016-6366": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
+	"CVE-2016-6367": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
+	"CVE-2016-6415": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
+	"CVE-2016-6909": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
+	"CVE-2016-7089": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
+	"CVE-2017-0144": {"https://www.us-cert.gov/ncas/alerts/TA17-181A"},
+	"CVE-2017-0145": {"https://www.us-cert.gov/ncas/alerts/TA17-181A"},
+	"CVE-2017-3066": {"https://www.us-cert.gov/ncas/alerts/AA18-284A"},
+	"CVE-2017-5715": {"https://www.us-cert.gov/ncas/alerts/TA18-141A", "https://www.us-cert.gov/ncas/alerts/TA18-004A"},
+	"CVE-2017-5753": {"https://www.us-cert.gov/ncas/alerts/TA18-141A", "https://www.us-cert.gov/ncas/alerts/TA18-004A"},
+	"CVE-2017-5754": {"https://www.us-cert.gov/ncas/alerts/TA18-141A", "https://www.us-cert.gov/ncas/alerts/TA18-004A"},
+	"CVE-2018-1038": {"https://www.us-cert.gov/ncas/alerts/TA18-004A"},
+	"CVE-2018-3639": {"https://www.us-cert.gov/ncas/alerts/TA18-141A"},
+	"CVE-2018-3640": {"https://www.us-cert.gov/ncas/alerts/TA18-141A"},
+}
--- a/alert/util.go
+++ b/alert/util.go
@@ -0,0 +1,21 @@
+package alert
+
+// GenerateAlertDict returns XCERT alert slice by cveID
+func GenerateAlertDict(cveID string, lang string) (alerts []Alert) {
+	if lang == "ja" {
+		if keys, ok := CveDictJa[cveID]; ok {
+			for _, key := range keys {
+				alerts = append(alerts, AlertDictJa[key])
+			}
+		}
+		return alerts
+	}
+
+	// default language is English
+	if keys, ok := CveDictEn[cveID]; ok {
+		for _, key := range keys {
+			alerts = append(alerts, AlertDictEn[key])
+		}
+	}
+	return alerts
+}
--- a/cache/bolt.go
+++ b/cache/bolt.go
@@ -0,0 +1,188 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package cache
+
+import (
+	"encoding/json"
+	"fmt"
+	"time"
+
+	"github.com/boltdb/bolt"
+	"github.com/future-architect/vuls/util"
+	"github.com/sirupsen/logrus"
+)
+
+// Bolt holds a pointer of bolt.DB
+// boltdb is used to store a cache of Changelogs of Ubuntu/Debian
+type Bolt struct {
+	Path string
+	Log  *logrus.Entry
+	db   *bolt.DB
+}
+
+// SetupBolt opens a boltdb and creates a meta bucket if not exists.
+func SetupBolt(path string, l *logrus.Entry) error {
+	l.Infof("Open boltDB: %s", path)
+	db, err := bolt.Open(path, 0600, nil)
+	if err != nil {
+		return err
+	}
+
+	b := Bolt{
+		Path: path,
+		Log:  l,
+		db:   db,
+	}
+	if err = b.createBucketIfNotExists(metabucket); err != nil {
+		return err
+	}
+
+	DB = b
+	return nil
+}
+
+// Close a db.
+func (b Bolt) Close() error {
+	if b.db == nil {
+		return nil
+	}
+	return b.db.Close()
+}
+
+//  CreateBucketIfNotExists creates a buket that is specified by arg.
+func (b *Bolt) createBucketIfNotExists(name string) error {
+	return b.db.Update(func(tx *bolt.Tx) error {
+		_, err := tx.CreateBucketIfNotExists([]byte(name))
+		if err != nil {
+			return fmt.Errorf("Failed to create bucket: %s", err)
+		}
+		return nil
+	})
+}
+
+// GetMeta gets a Meta Information os the servername to boltdb.
+func (b Bolt) GetMeta(serverName string) (meta Meta, found bool, err error) {
+	err = b.db.View(func(tx *bolt.Tx) error {
+		bkt := tx.Bucket([]byte(metabucket))
+		v := bkt.Get([]byte(serverName))
+		if len(v) == 0 {
+			found = false
+			return nil
+		}
+		if e := json.Unmarshal(v, &meta); e != nil {
+			return e
+		}
+		found = true
+		return nil
+	})
+	return
+}
+
+// RefreshMeta gets a Meta Information os the servername to boltdb.
+func (b Bolt) RefreshMeta(meta Meta) error {
+	meta.CreatedAt = time.Now()
+	jsonBytes, err := json.Marshal(meta)
+	if err != nil {
+		return fmt.Errorf("Failed to marshal to JSON: %s", err)
+	}
+	return b.db.Update(func(tx *bolt.Tx) error {
+		bkt := tx.Bucket([]byte(metabucket))
+		if err := bkt.Put([]byte(meta.Name), jsonBytes); err != nil {
+			return err
+		}
+		b.Log.Debugf("Refreshed Meta: %s", meta.Name)
+		return nil
+	})
+}
+
+// EnsureBuckets puts a Meta information and create a buket that holds changelogs.
+func (b Bolt) EnsureBuckets(meta Meta) error {
+	jsonBytes, err := json.Marshal(meta)
+	if err != nil {
+		return fmt.Errorf("Failed to marshal to JSON: %s", err)
+	}
+	return b.db.Update(func(tx *bolt.Tx) error {
+		b.Log.Debugf("Put to meta: %s", meta.Name)
+		bkt := tx.Bucket([]byte(metabucket))
+		if err := bkt.Put([]byte(meta.Name), jsonBytes); err != nil {
+			return err
+		}
+
+		// re-create a bucket (bucket name: servername)
+		bkt = tx.Bucket([]byte(meta.Name))
+		if bkt != nil {
+			b.Log.Debugf("Delete bucket: %s", meta.Name)
+			if err := tx.DeleteBucket([]byte(meta.Name)); err != nil {
+				return err
+			}
+			b.Log.Debugf("Bucket deleted: %s", meta.Name)
+		}
+		b.Log.Debugf("Create bucket: %s", meta.Name)
+		if _, err := tx.CreateBucket([]byte(meta.Name)); err != nil {
+			return err
+		}
+		b.Log.Debugf("Bucket created: %s", meta.Name)
+		return nil
+	})
+}
+
+// PrettyPrint is for debug
+func (b Bolt) PrettyPrint(meta Meta) error {
+	return b.db.View(func(tx *bolt.Tx) error {
+		bkt := tx.Bucket([]byte(metabucket))
+		v := bkt.Get([]byte(meta.Name))
+		b.Log.Debugf("Meta: key:%s, value:%s", meta.Name, v)
+
+		bkt = tx.Bucket([]byte(meta.Name))
+		c := bkt.Cursor()
+		for k, v := c.First(); k != nil; k, v = c.Next() {
+			b.Log.Debugf("key:%s, len: %d, %s...",
+				k, len(v), util.Truncate(string(v), 30))
+		}
+		return nil
+	})
+}
+
+// GetChangelog get the changelgo of specified packName from the Bucket
+func (b Bolt) GetChangelog(servername, packName string) (changelog string, err error) {
+	err = b.db.View(func(tx *bolt.Tx) error {
+		bkt := tx.Bucket([]byte(servername))
+		if bkt == nil {
+			return fmt.Errorf("Failed to get Bucket: %s", servername)
+		}
+		v := bkt.Get([]byte(packName))
+		if v == nil {
+			changelog = ""
+			return nil
+		}
+		changelog = string(v)
+		return nil
+	})
+	return
+}
+
+// PutChangelog put the changelgo of specified packName into the Bucket
+func (b Bolt) PutChangelog(servername, packName, changelog string) error {
+	return b.db.Update(func(tx *bolt.Tx) error {
+		bkt := tx.Bucket([]byte(servername))
+		if bkt == nil {
+			return fmt.Errorf("Failed to get Bucket: %s", servername)
+		}
+		return bkt.Put([]byte(packName), []byte(changelog))
+	})
+}
--- a/cache/bolt_test.go
+++ b/cache/bolt_test.go
@@ -0,0 +1,137 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package cache
+
+import (
+	"os"
+	"reflect"
+	"testing"
+
+	"github.com/boltdb/bolt"
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/sirupsen/logrus"
+)
+
+const path = "/tmp/vuls-test-cache-11111111.db"
+const servername = "server1"
+
+var meta = Meta{
+	Name: servername,
+	Distro: config.Distro{
+		Family:  "ubuntu",
+		Release: "16.04",
+	},
+	Packs: models.Packages{
+		"apt": {
+			Name:    "apt",
+			Version: "1",
+		},
+	},
+}
+
+func TestSetupBolt(t *testing.T) {
+	log := logrus.NewEntry(&logrus.Logger{})
+	err := SetupBolt(path, log)
+	if err != nil {
+		t.Errorf("Failed to setup bolt: %s", err)
+	}
+	defer os.Remove(path)
+
+	if err := DB.Close(); err != nil {
+		t.Errorf("Failed to close bolt: %s", err)
+	}
+
+	// check if meta bucket exists
+	db, err := bolt.Open(path, 0600, nil)
+	if err != nil {
+		t.Errorf("Failed to open bolt: %s", err)
+	}
+
+	db.View(func(tx *bolt.Tx) error {
+		bkt := tx.Bucket([]byte(metabucket))
+		if bkt == nil {
+			t.Errorf("Meta bucket nof found")
+		}
+		return nil
+	})
+
+}
+
+func TestEnsureBuckets(t *testing.T) {
+	log := logrus.NewEntry(&logrus.Logger{})
+	if err := SetupBolt(path, log); err != nil {
+		t.Errorf("Failed to setup bolt: %s", err)
+	}
+	if err := DB.EnsureBuckets(meta); err != nil {
+		t.Errorf("Failed to ensure buckets: %s", err)
+	}
+	defer os.Remove(path)
+
+	m, found, err := DB.GetMeta(servername)
+	if err != nil {
+		t.Errorf("Failed to get meta: %s", err)
+	}
+	if !found {
+		t.Errorf("Not Found in meta")
+	}
+	if meta.Name != m.Name || meta.Distro != m.Distro {
+		t.Errorf("expected %v, actual %v", meta, m)
+	}
+	if !reflect.DeepEqual(meta.Packs, m.Packs) {
+		t.Errorf("expected %v, actual %v", meta.Packs, m.Packs)
+	}
+	if err := DB.Close(); err != nil {
+		t.Errorf("Failed to close bolt: %s", err)
+	}
+
+	db, err := bolt.Open(path, 0600, nil)
+	if err != nil {
+		t.Errorf("Failed to open bolt: %s", err)
+	}
+	db.View(func(tx *bolt.Tx) error {
+		bkt := tx.Bucket([]byte(servername))
+		if bkt == nil {
+			t.Errorf("Meta bucket nof found")
+		}
+		return nil
+	})
+}
+
+func TestPutGetChangelog(t *testing.T) {
+	clog := "changelog-text"
+	log := logrus.NewEntry(&logrus.Logger{})
+	if err := SetupBolt(path, log); err != nil {
+		t.Errorf("Failed to setup bolt: %s", err)
+	}
+	defer os.Remove(path)
+
+	if err := DB.EnsureBuckets(meta); err != nil {
+		t.Errorf("Failed to ensure buckets: %s", err)
+	}
+	if err := DB.PutChangelog(servername, "apt", clog); err != nil {
+		t.Errorf("Failed to put changelog: %s", err)
+	}
+	if actual, err := DB.GetChangelog(servername, "apt"); err != nil {
+		t.Errorf("Failed to get changelog: %s", err)
+	} else {
+		if actual != clog {
+			t.Errorf("changelog is not same. e: %s, a: %s", clog, actual)
+		}
+	}
+}
--- a/cache/db.go
+++ b/cache/db.go
@@ -0,0 +1,50 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package cache
+
+import (
+	"time"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+)
+
+// DB has a cache instance
+var DB Cache
+
+const metabucket = "changelog-meta"
+
+// Cache is a interface of cache
+type Cache interface {
+	Close() error
+	GetMeta(string) (Meta, bool, error)
+	RefreshMeta(Meta) error
+	EnsureBuckets(Meta) error
+	PrettyPrint(Meta) error
+	GetChangelog(string, string) (string, error)
+	PutChangelog(string, string, string) error
+}
+
+// Meta holds a server name, distro information of the scanned server and
+// package information that was collected at the last scan.
+type Meta struct {
+	Name      string
+	Distro    config.Distro
+	Packs     models.Packages
+	CreatedAt time.Time
+}
--- a/commands/cmdutil.go
+++ b/commands/cmdutil.go
@@ -1,21 +0,0 @@
-package commands
-
-import (
-	"fmt"
-
-	"github.com/howeyc/gopass"
-)
-
-func getPasswd(prompt string) (string, error) {
-	for {
-		fmt.Print(prompt)
-		pass, err := gopass.GetPasswdMasked()
-		if err != nil {
-			return "", fmt.Errorf("Failed to read password")
-		}
-		if 0 < len(pass) {
-			return string(pass[:]), nil
-		}
-	}
-
-}
--- a/commands/configtest.go
+++ b/commands/configtest.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -18,15 +18,12 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package commands

 import (
+	"context"
 	"flag"
-	"io/ioutil"
 	"os"
 	"path/filepath"
-	"strings"

-	"github.com/Sirupsen/logrus"
 	"github.com/google/subcommands"
-	"golang.org/x/net/context"

 	c "github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/scan"
@@ -37,9 +34,7 @@ import (
 type ConfigtestCmd struct {
 	configPath     string
 	askKeyPassword bool
-	sshExternal    bool
-
-	debug bool
+	timeoutSec     int
 }

 // Name return subcommand name
@@ -52,12 +47,17 @@ func (*ConfigtestCmd) Synopsis() string { return "Test configuration" }
 func (*ConfigtestCmd) Usage() string {
 	return `configtest:
 	configtest
-		        [-config=/path/to/config.toml]
-	        	[-ask-key-password]
-	        	[-ssh-external]
-		        [-debug]
+			[-config=/path/to/config.toml]
+			[-log-dir=/path/to/log]
+			[-ask-key-password]
+			[-timeout=300]
+			[-ssh-external]
+			[-containers-only]
+			[-http-proxy=http://192.168.0.1:8080]
+			[-debug]
+			[-vvv]

-		        [SERVER]...
+			[SERVER]...
 `
 }

@@ -67,59 +67,62 @@ func (p *ConfigtestCmd) SetFlags(f *flag.FlagSet) {
 	defaultConfPath := filepath.Join(wd, "config.toml")
 	f.StringVar(&p.configPath, "config", defaultConfPath, "/path/to/toml")

-	f.BoolVar(&p.debug, "debug", false, "debug mode")
+	defaultLogDir := util.GetDefaultLogDir()
+	f.StringVar(&c.Conf.LogDir, "log-dir", defaultLogDir, "/path/to/log")
+	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")

-	f.BoolVar(
-		&p.askKeyPassword,
-		"ask-key-password",
-		false,
+	f.IntVar(&p.timeoutSec, "timeout", 5*60, "Timeout(Sec)")
+
+	f.BoolVar(&p.askKeyPassword, "ask-key-password", false,
 		"Ask ssh privatekey password before scanning",
 	)

-	f.BoolVar(
-		&p.sshExternal,
-		"ssh-external",
-		false,
-		"Use external ssh command. Default: Use the Go native implementation")
+	f.StringVar(&c.Conf.HTTPProxy, "http-proxy", "",
+		"http://proxy-url:port (default: empty)")
+
+	f.BoolVar(&c.Conf.SSHNative, "ssh-native-insecure", false,
+		"Use Native Go implementation of SSH. Default: Use the external command")
+
+	f.BoolVar(&c.Conf.SSHConfig, "ssh-config", false,
+		"Use SSH options specified in ssh_config preferentially")
+
+	f.BoolVar(&c.Conf.ContainersOnly, "containers-only", false,
+		"Test containers only. Default: Test both of hosts and containers")
+
+	f.BoolVar(&c.Conf.Vvv, "vvv", false, "ssh -vvv")
 }

 // Execute execute
 func (p *ConfigtestCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
+	// Setup Logger
+	util.Log = util.NewCustomLogger(c.ServerInfo{})
+
+	if err := mkdirDotVuls(); err != nil {
+		util.Log.Errorf("Failed to create .vuls: %s", err)
+		return subcommands.ExitUsageError
+	}

 	var keyPass string
 	var err error
 	if p.askKeyPassword {
 		prompt := "SSH key password: "
 		if keyPass, err = getPasswd(prompt); err != nil {
-			logrus.Error(err)
+			util.Log.Error(err)
 			return subcommands.ExitFailure
 		}
 	}

-	c.Conf.Debug = p.debug
-
 	err = c.Load(p.configPath, keyPass)
 	if err != nil {
-		logrus.Errorf("Error loading %s, %s", p.configPath, err)
+		util.Log.Errorf("Error loading %s, %s", p.configPath, err)
+		util.Log.Errorf("If you update Vuls and get this error, there may be incompatible changes in config.toml")
+		util.Log.Errorf("Please check README: https://github.com/future-architect/vuls#configuration")
 		return subcommands.ExitUsageError
 	}

 	var servernames []string
 	if 0 < len(f.Args()) {
 		servernames = f.Args()
-	} else {
-		stat, _ := os.Stdin.Stat()
-		if (stat.Mode() & os.ModeCharDevice) == 0 {
-			bytes, err := ioutil.ReadAll(os.Stdin)
-			if err != nil {
-				logrus.Errorf("Failed to read stdin: %s", err)
-				return subcommands.ExitFailure
-			}
-			fields := strings.Fields(string(bytes))
-			if 0 < len(fields) {
-				servernames = fields
-			}
-		}
 	}

 	target := make(map[string]c.ServerInfo)
@@ -133,7 +136,7 @@ func (p *ConfigtestCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interfa
 			}
 		}
 		if !found {
-			logrus.Errorf("%s is not in config", arg)
+			util.Log.Errorf("%s is not in config", arg)
 			return subcommands.ExitUsageError
 		}
 	}
@@ -141,22 +144,33 @@ func (p *ConfigtestCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interfa
 		c.Conf.Servers = target
 	}

-	// logger
-	Log := util.NewCustomLogger(c.ServerInfo{})
-
-	Log.Info("Validating Config...")
-	if !c.Conf.Validate() {
+	util.Log.Info("Validating config...")
+	if !c.Conf.ValidateOnConfigtest() {
 		return subcommands.ExitUsageError
 	}

-	Log.Info("Detecting Server/Contianer OS... ")
-	scan.InitServers(Log)
-
-	Log.Info("Checking sudo configuration... ")
-	if err := scan.CheckIfSudoNoPasswd(Log); err != nil {
-		Log.Errorf("Failed to sudo with nopassword via SSH. Define NOPASSWD in /etc/sudoers on target servers. err: %s", err)
+	util.Log.Info("Detecting Server/Container OS... ")
+	if err := scan.InitServers(p.timeoutSec); err != nil {
+		util.Log.Errorf("Failed to init servers: %s", err)
 		return subcommands.ExitFailure
 	}
-	scan.PrintSSHableServerNames()
-	return subcommands.ExitSuccess
+
+	util.Log.Info("Checking Scan Modes...")
+	if err := scan.CheckScanModes(); err != nil {
+		util.Log.Errorf("Fix config.toml: %s", err)
+		return subcommands.ExitFailure
+	}
+
+	util.Log.Info("Checking dependencies...")
+	scan.CheckDependencies(p.timeoutSec)
+
+	util.Log.Info("Checking sudo settings...")
+	scan.CheckIfSudoNoPasswd(p.timeoutSec)
+
+	util.Log.Info("It can be scanned with fast scan mode even if warn or err messages are displayed due to lack of dependent packages or sudo settings in fast-root or deep scan mode")
+
+	if scan.PrintSSHableServerNames() {
+		return subcommands.ExitSuccess
+	}
+	return subcommands.ExitFailure
 }
--- a/commands/discover.go
+++ b/commands/discover.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -18,6 +18,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package commands

 import (
+	"context"
 	"flag"
 	"fmt"
 	"os"
@@ -25,10 +26,9 @@ import (
 	"text/template"

 	"github.com/google/subcommands"
-	"golang.org/x/net/context"

-	"github.com/Sirupsen/logrus"
 	ps "github.com/kotakanbe/go-pingscanner"
+	"github.com/sirupsen/logrus"
 )

 // DiscoverCmd is Subcommand of host discovery mode
@@ -57,6 +57,7 @@ func (p *DiscoverCmd) SetFlags(f *flag.FlagSet) {
 func (p *DiscoverCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
 	// validate
 	if len(f.Args()) == 0 {
+		logrus.Errorf("Usage: " + p.Usage())
 		return subcommands.ExitUsageError
 	}

@@ -65,7 +66,6 @@ func (p *DiscoverCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface
 			CIDR: cidr,
 			PingOptions: []string{
 				"-c1",
-				"-t1",
 			},
 			NumOfConcurrency: 100,
 		}
@@ -87,59 +87,148 @@ func (p *DiscoverCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface
 	return subcommands.ExitSuccess
 }

-// Output the tmeplate of config.toml
+// Output the template of config.toml
 func printConfigToml(ips []string) (err error) {
-	const tomlTempale = `
-[slack]
-hookURL      = "https://hooks.slack.com/services/abc123/defghijklmnopqrstuvwxyz"
-channel      = "#channel-name"
-#channel      = "${servername}"
-iconEmoji    = ":ghost:"
-authUser     = "username"
-notifyUsers  = ["@username"]
+	const tomlTemplate = `

-[mail]
-smtpAddr      = "smtp.gmail.com"
-smtpPort      = "465"
-user          = "username"
-password      = "password"
-from          = "from@address.com"
-to            = ["to@address.com"]
-cc            = ["cc@address.com"]
-subjectPrefix = "[vuls]"
+# https://vuls.io/docs/en/usage-settings.html
+[cveDict]
+type        = "sqlite3"
+sqlite3Path = "/path/to/cve.sqlite3"
+#url        = ""

+[ovalDict]
+type        = "sqlite3"
+sqlite3Path = "/path/to/oval.sqlite3"
+#url        = ""
+
+[gost]
+type        = "sqlite3"
+sqlite3Path = "/path/to/gost.sqlite3"
+#url        = ""
+
+[exploit]
+type        = "sqlite3"
+sqlite3Path = "/path/to/go-exploitdb.sqlite3"
+#url        = ""
+
+# https://vuls.io/docs/en/usage-settings.html#slack-section
+#[slack]
+#hookURL      = "https://hooks.slack.com/services/abc123/defghijklmnopqrstuvwxyz"
+##legacyToken = "xoxp-11111111111-222222222222-3333333333"
+#channel      = "#channel-name"
+##channel     = "${servername}"
+#iconEmoji    = ":ghost:"
+#authUser     = "username"
+#notifyUsers  = ["@username"]
+
+# https://vuls.io/docs/en/usage-settings.html#email-section
+#[email]
+#smtpAddr      = "smtp.example.com"
+#smtpPort      = "587"
+#user          = "username"
+#password      = "password"
+#from          = "from@example.com"
+#to            = ["to@example.com"]
+#cc            = ["cc@example.com"]
+#subjectPrefix = "[vuls]"
+
+# https://vuls.io/docs/en/usage-settings.html#http-section
+#[http]
+#url = "http://localhost:11234"
+
+# https://vuls.io/docs/en/usage-settings.html#syslog-section
+#[syslog]
+#protocol    = "tcp"
+#host        = "localhost"
+#port        = "514"
+#tag         = "vuls"
+#facility    = "local0"
+#severity    = "alert"
+#verbose     = false
+
+# https://vuls.io/docs/en/usage-report.html#example-put-results-in-s3-bucket
+#[aws]
+#profile                = "default"
+#region                 = "ap-northeast-1"
+#s3Bucket               = "vuls"
+#s3ResultsDir           = "/path/to/result"
+#s3ServerSideEncryption = "AES256"
+
+# https://vuls.io/docs/en/usage-report.html#example-put-results-in-azure-blob-storage<Paste>
+#[azure]
+#accountName   = "default"
+#accountKey    = "xxxxxxxxxxxxxx"
+#containerName = "vuls"
+
+# https://vuls.io/docs/en/usage-settings.html#stride-section
+#[stride]
+#hookURL   = "xxxxxxxxxxxxxxx"
+#authToken = "xxxxxxxxxxxxxx"
+
+# https://vuls.io/docs/en/usage-settings.html#hipchat-section
+#[hipchat]
+#room      = "vuls"
+#authToken = "xxxxxxxxxxxxxx"
+
+# https://vuls.io/docs/en/usage-settings.html#chatwork-section
+#[chatwork]
+#room     = "xxxxxxxxxxx"
+#apiToken = "xxxxxxxxxxxxxxxxxx"
+
+# https://vuls.io/docs/en/usage-settings.html#telegram-section
+#[telegram]
+#chatID     = "xxxxxxxxxxx"
+#token = "xxxxxxxxxxxxxxxxxx"
+
+# https://vuls.io/docs/en/usage-settings.html#default-section
 [default]
-#port        = "22"
-#user        = "username"
-#keyPath     = "/home/username/.ssh/id_rsa"
+#port               = "22"
+#user               = "username"
+#keyPath            = "/home/username/.ssh/id_rsa"
+#scanMode           = ["fast", "fast-root", "deep", "offline"]
 #cpeNames = [
 #  "cpe:/a:rubyonrails:ruby_on_rails:4.2.1",
 #]
-#containers = ["${running}"]
-#optional = [
-#    ["key", "value"],
-#]
+#owaspDCXMLPath     = "/tmp/dependency-check-report.xml"
+#ignoreCves         = ["CVE-2014-6271"]
+#containerType      = "docker" #or "lxd" or "lxc" default: docker
+#containersIncluded = ["${running}"]
+#containersExcluded = ["container_name_a"]

+# https://vuls.io/docs/en/usage-settings.html#servers-section
 [servers]
 {{- $names:=  .Names}}
 {{range $i, $ip := .IPs}}
 [servers.{{index $names $i}}]
-host         = "{{$ip}}"
-#port        = "22"
-#user        = "root"
-#keyPath     = "/home/username/.ssh/id_rsa"
-#cpeNames = [
-#  "cpe:/a:rubyonrails:ruby_on_rails:4.2.1",
-#]
-#containers = ["${running}"]
-#optional = [
-#    ["key", "value"],
-#]
+host                = "{{$ip}}"
+#port               = "22"
+#user               = "root"
+#keyPath            = "/home/username/.ssh/id_rsa"
+#scanMode           = ["fast", "fast-root", "deep", "offline"]
+#type               = "pseudo"
+#memo               = "DB Server"
+#cpeNames           = [ "cpe:/a:rubyonrails:ruby_on_rails:4.2.1" ]
+#owaspDCXMLPath     = "/path/to/dependency-check-report.xml"
+#ignoreCves         = ["CVE-2014-0160"]
+#containerType      = "docker" #or "lxd" or "lxc" default: docker
+#containersIncluded = ["${running}"]
+#containersExcluded = ["container_name_a"]
+
+#[servers.{{index $names $i}}.containers.container_name_a]
+#cpeNames       = [ "cpe:/a:rubyonrails:ruby_on_rails:4.2.1" ]
+#owaspDCXMLPath = "/path/to/dependency-check-report.xml"
+#ignoreCves     = ["CVE-2014-0160"]
+
+#[servers.{{index $names $i}}.optional]
+#key = "value1"
+
+
 {{end}}

 `
 	var tpl *template.Template
-	if tpl, err = template.New("tempalte").Parse(tomlTempale); err != nil {
+	if tpl, err = template.New("template").Parse(tomlTemplate); err != nil {
 		return
 	}

@@ -157,7 +246,7 @@ host         = "{{$ip}}"
 	}
 	a.Names = names

-	fmt.Println("# Create config.toml using below and then ./vuls --config=/path/to/config.toml")
+	fmt.Println("# Create config.toml using below and then ./vuls -config=/path/to/config.toml")
 	if err = tpl.Execute(os.Stdout, a); err != nil {
 		return
 	}
--- a/commands/history.go
+++ b/commands/history.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -18,28 +18,21 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package commands

 import (
+	"context"
 	"flag"
 	"fmt"
+	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"

-	"golang.org/x/net/context"
-
-	"github.com/Sirupsen/logrus"
 	c "github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/db"
-	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/report"
 	"github.com/google/subcommands"
 )

 // HistoryCmd is Subcommand of list scanned results
-type HistoryCmd struct {
-	debug    bool
-	debugSQL bool
-
-	dbpath string
-}
+type HistoryCmd struct{}

 // Name return subcommand name
 func (*HistoryCmd) Name() string { return "history" }
@@ -53,56 +46,46 @@ func (*HistoryCmd) Synopsis() string {
 func (*HistoryCmd) Usage() string {
 	return `history:
 	history
-		[-dbpath=/path/to/vuls.sqlite3]
+		[-results-dir=/path/to/results]
 	`
 }

 // SetFlags set flag
 func (p *HistoryCmd) SetFlags(f *flag.FlagSet) {
-	f.BoolVar(&p.debugSQL, "debug-sql", false, "SQL debug mode")
+	f.BoolVar(&c.Conf.DebugSQL, "debug-sql", false, "SQL debug mode")

 	wd, _ := os.Getwd()
-	defaultDBPath := filepath.Join(wd, "vuls.sqlite3")
-	f.StringVar(&p.dbpath, "dbpath", defaultDBPath, "/path/to/sqlite3")
+	defaultResultsDir := filepath.Join(wd, "results")
+	f.StringVar(&c.Conf.ResultsDir, "results-dir", defaultResultsDir, "/path/to/results")
 }

 // Execute execute
 func (p *HistoryCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {

-	c.Conf.DebugSQL = p.debugSQL
-	c.Conf.DBPath = p.dbpath
-
-	//  _, err := scanHistories()
-	histories, err := scanHistories()
+	dirs, err := report.ListValidJSONDirs()
 	if err != nil {
-		logrus.Error("Failed to select scan histories: ", err)
 		return subcommands.ExitFailure
 	}
-	const timeLayout = "2006-01-02 15:04"
-	for _, history := range histories {
-		names := []string{}
-		for _, result := range history.ScanResults {
-			if 0 < len(result.Container.ContainerID) {
-				names = append(names, result.Container.Name)
-			} else {
-				names = append(names, result.ServerName)
-			}
+	for _, d := range dirs {
+		var files []os.FileInfo
+		if files, err = ioutil.ReadDir(d); err != nil {
+			return subcommands.ExitFailure
 		}
-		fmt.Printf("%-3d %s scanned %d servers: %s\n",
-			history.ID,
-			history.ScannedAt.Format(timeLayout),
-			len(history.ScanResults),
-			strings.Join(names, ", "),
+		var hosts []string
+		for _, f := range files {
+			if filepath.Ext(f.Name()) != ".json" {
+				continue
+			}
+			fileBase := strings.TrimSuffix(f.Name(), filepath.Ext(f.Name()))
+			hosts = append(hosts, fileBase)
+		}
+		splitPath := strings.Split(d, string(os.PathSeparator))
+		timeStr := splitPath[len(splitPath)-1]
+		fmt.Printf("%s %d servers: %s\n",
+			timeStr,
+			len(hosts),
+			strings.Join(hosts, ", "),
 		)
 	}
 	return subcommands.ExitSuccess
 }
-
-func scanHistories() (histories []models.ScanHistory, err error) {
-	if err := db.OpenDB(); err != nil {
-		return histories, fmt.Errorf(
-			"Failed to open DB. datafile: %s, err: %s", c.Conf.DBPath, err)
-	}
-	histories, err = db.SelectScanHistories()
-	return
-}
--- a/commands/prepare.go
+++ b/commands/prepare.go
@@ -1,164 +0,0 @@
-/* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-package commands
-
-import (
-	"flag"
-	"os"
-	"path/filepath"
-
-	"github.com/Sirupsen/logrus"
-	c "github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/scan"
-	"github.com/future-architect/vuls/util"
-	"github.com/google/subcommands"
-	"golang.org/x/net/context"
-)
-
-// PrepareCmd is Subcommand of host discovery mode
-type PrepareCmd struct {
-	debug      bool
-	configPath string
-
-	askSudoPassword bool
-	askKeyPassword  bool
-
-	useUnattendedUpgrades bool
-}
-
-// Name return subcommand name
-func (*PrepareCmd) Name() string { return "prepare" }
-
-// Synopsis return synopsis
-func (*PrepareCmd) Synopsis() string {
-	//  return "Install packages Ubuntu: unattended-upgrade, CentOS: yum-plugin-security)"
-	return `Install required packages to scan.
-				CentOS: yum-plugin-security, yum-plugin-changelog
-				Amazon: None
-				RHEL:   TODO
-				Ubuntu: None
-
-	`
-}
-
-// Usage return usage
-func (*PrepareCmd) Usage() string {
-	return `prepare:
-	prepare
-			[-config=/path/to/config.toml]
-			[-ask-key-password]
-			[-debug]
-
-		    [SERVER]...
-`
-}
-
-// SetFlags set flag
-func (p *PrepareCmd) SetFlags(f *flag.FlagSet) {
-
-	f.BoolVar(&p.debug, "debug", false, "debug mode")
-
-	wd, _ := os.Getwd()
-
-	defaultConfPath := filepath.Join(wd, "config.toml")
-	f.StringVar(&p.configPath, "config", defaultConfPath, "/path/to/toml")
-
-	f.BoolVar(
-		&p.askKeyPassword,
-		"ask-key-password",
-		false,
-		"Ask ssh privatekey password before scanning",
-	)
-
-	f.BoolVar(
-		&p.askSudoPassword,
-		"ask-sudo-password",
-		false,
-		"[Deprecated] THIS OPTION WAS REMOVED FOR SECURITY REASON. Define NOPASSWD in /etc/sudoers on tareget servers and use SSH key-based authentication",
-	)
-
-	f.BoolVar(
-		&p.useUnattendedUpgrades,
-		"use-unattended-upgrades",
-		false,
-		"[Deprecated] For Ubuntu, install unattended-upgrades",
-	)
-}
-
-// Execute execute
-func (p *PrepareCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
-	var keyPass string
-	var err error
-	if p.askKeyPassword {
-		prompt := "SSH key password: "
-		if keyPass, err = getPasswd(prompt); err != nil {
-			logrus.Error(err)
-			return subcommands.ExitFailure
-		}
-	}
-	if p.askSudoPassword {
-		logrus.Errorf("[Deprecated] -ask-sudo-password WAS REMOVED FOR SECURITY REASONS. Define NOPASSWD in /etc/sudoers on tareget servers and use SSH key-based authentication")
-		return subcommands.ExitFailure
-	}
-
-	err = c.Load(p.configPath, keyPass)
-	if err != nil {
-		logrus.Errorf("Error loading %s, %s", p.configPath, err)
-		return subcommands.ExitUsageError
-	}
-
-	logrus.Infof("Start Preparing (config: %s)", p.configPath)
-	target := make(map[string]c.ServerInfo)
-	for _, arg := range f.Args() {
-		found := false
-		for servername, info := range c.Conf.Servers {
-			if servername == arg {
-				target[servername] = info
-				found = true
-				break
-			}
-		}
-		if !found {
-			logrus.Errorf("%s is not in config", arg)
-			return subcommands.ExitUsageError
-		}
-	}
-	if 0 < len(f.Args()) {
-		c.Conf.Servers = target
-	}
-
-	c.Conf.Debug = p.debug
-	c.Conf.UseUnattendedUpgrades = p.useUnattendedUpgrades
-
-	// Set up custom logger
-	logger := util.NewCustomLogger(c.ServerInfo{})
-
-	logger.Info("Detecting OS... ")
-	scan.InitServers(logger)
-
-	logger.Info("Installing...")
-	if errs := scan.Prepare(); 0 < len(errs) {
-		for _, e := range errs {
-			logger.Errorf("Failed: %s", e)
-		}
-		return subcommands.ExitFailure
-	}
-
-	logger.Info("Success")
-	return subcommands.ExitSuccess
-}
--- a/commands/report.go
+++ b/commands/report.go
@@ -0,0 +1,425 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package commands
+
+import (
+	"context"
+	"flag"
+	"os"
+	"path/filepath"
+
+	c "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/exploit"
+	"github.com/future-architect/vuls/gost"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/oval"
+	"github.com/future-architect/vuls/report"
+	"github.com/future-architect/vuls/util"
+	"github.com/google/subcommands"
+	"github.com/k0kubun/pp"
+	cvelog "github.com/kotakanbe/go-cve-dictionary/log"
+)
+
+// ReportCmd is subcommand for reporting
+type ReportCmd struct {
+	configPath  string
+	cveDict     c.GoCveDictConf
+	ovalDict    c.GovalDictConf
+	gostConf    c.GostConf
+	exploitConf c.ExploitConf
+	httpConf    c.HTTPConf
+}
+
+// Name return subcommand name
+func (*ReportCmd) Name() string { return "report" }
+
+// Synopsis return synopsis
+func (*ReportCmd) Synopsis() string { return "Reporting" }
+
+// Usage return usage
+func (*ReportCmd) Usage() string {
+	return `report:
+	report
+		[-lang=en|ja]
+		[-config=/path/to/config.toml]
+		[-results-dir=/path/to/results]
+		[-log-dir=/path/to/log]
+		[-refresh-cve]
+		[-cvss-over=7]
+		[-diff]
+		[-ignore-unscored-cves]
+		[-ignore-unfixed]
+		[-to-email]
+		[-to-http]
+		[-to-slack]
+		[-to-stride]
+		[-to-hipchat]
+		[-to-chatwork]
+		[-to-telegram]
+		[-to-localfile]
+		[-to-s3]
+		[-to-azure-blob]
+		[-to-saas]
+		[-format-json]
+		[-format-xml]
+		[-format-one-email]
+		[-format-one-line-text]
+		[-format-list]
+		[-format-full-text]
+		[-gzip]
+		[-uuid]
+		[-http-proxy=http://192.168.0.1:8080]
+		[-debug]
+		[-debug-sql]
+		[-pipe]
+		[-cvedb-type=sqlite3|mysql|postgres|redis|http]
+		[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
+		[-cvedb-url=http://127.0.0.1:1323 or DB connection string]
+		[-ovaldb-type=sqlite3|mysql|redis|http]
+		[-ovaldb-sqlite3-path=/path/to/oval.sqlite3]
+		[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
+		[-gostdb-type=sqlite3|mysql|redis|http]
+		[-gostdb-sqlite3-path=/path/to/gost.sqlite3]
+		[-gostdb-url=http://127.0.0.1:1325 or DB connection string]
+		[-exploitdb-type=sqlite3|mysql|redis|http]
+		[-exploitdb-sqlite3-path=/path/to/exploitdb.sqlite3]
+		[-exploitdb-url=http://127.0.0.1:1326 or DB connection string]
+		[-http="http://vuls-report-server"]
+
+		[RFC3339 datetime format under results dir]
+`
+}
+
+// SetFlags set flag
+func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
+	f.StringVar(&c.Conf.Lang, "lang", "en", "[en|ja]")
+	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")
+	f.BoolVar(&c.Conf.DebugSQL, "debug-sql", false, "SQL debug mode")
+
+	wd, _ := os.Getwd()
+	defaultConfPath := filepath.Join(wd, "config.toml")
+	f.StringVar(&p.configPath, "config", defaultConfPath, "/path/to/toml")
+
+	defaultResultsDir := filepath.Join(wd, "results")
+	f.StringVar(&c.Conf.ResultsDir, "results-dir", defaultResultsDir, "/path/to/results")
+
+	defaultLogDir := util.GetDefaultLogDir()
+	f.StringVar(&c.Conf.LogDir, "log-dir", defaultLogDir, "/path/to/log")
+
+	f.BoolVar(&c.Conf.RefreshCve, "refresh-cve", false,
+		"Refresh CVE information in JSON file under results dir")
+
+	f.Float64Var(&c.Conf.CvssScoreOver, "cvss-over", 0,
+		"-cvss-over=6.5 means reporting CVSS Score 6.5 and over (default: 0 (means report all))")
+
+	f.BoolVar(&c.Conf.Diff, "diff", false,
+		"Difference between previous result and current result ")
+
+	f.BoolVar(&c.Conf.IgnoreUnscoredCves, "ignore-unscored-cves", false,
+		"Don't report the unscored CVEs")
+
+	f.BoolVar(
+		&c.Conf.IgnoreUnfixed, "ignore-unfixed", false,
+		"Don't report the unfixed CVEs")
+
+	f.StringVar(
+		&c.Conf.HTTPProxy, "http-proxy", "",
+		"http://proxy-url:port (default: empty)")
+
+	f.BoolVar(&c.Conf.FormatJSON, "format-json", false, "JSON format")
+	f.BoolVar(&c.Conf.FormatXML, "format-xml", false, "XML format")
+	f.BoolVar(&c.Conf.FormatOneEMail, "format-one-email", false,
+		"Send all the host report via only one EMail (Specify with -to-email)")
+	f.BoolVar(&c.Conf.FormatOneLineText, "format-one-line-text", false,
+		"One line summary in plain text")
+	f.BoolVar(&c.Conf.FormatList, "format-list", false, "Display as list format")
+	f.BoolVar(&c.Conf.FormatFullText, "format-full-text", false,
+		"Detail report in plain text")
+
+	f.BoolVar(&c.Conf.ToSlack, "to-slack", false, "Send report via Slack")
+	f.BoolVar(&c.Conf.ToStride, "to-stride", false, "Send report via Stride")
+	f.BoolVar(&c.Conf.ToHipChat, "to-hipchat", false, "Send report via hipchat")
+	f.BoolVar(&c.Conf.ToChatWork, "to-chatwork", false, "Send report via chatwork")
+	f.BoolVar(&c.Conf.ToTelegram, "to-telegram", false, "Send report via Telegram")
+	f.BoolVar(&c.Conf.ToEmail, "to-email", false, "Send report via Email")
+	f.BoolVar(&c.Conf.ToSyslog, "to-syslog", false, "Send report via Syslog")
+	f.BoolVar(&c.Conf.ToLocalFile, "to-localfile", false, "Write report to localfile")
+	f.BoolVar(&c.Conf.ToS3, "to-s3", false,
+		"Write report to S3 (bucket/yyyyMMdd_HHmm/servername.json/xml/txt)")
+	f.BoolVar(&c.Conf.ToHTTP, "to-http", false, "Send report via HTTP POST")
+	f.BoolVar(&c.Conf.ToAzureBlob, "to-azure-blob", false,
+		"Write report to Azure Storage blob (container/yyyyMMdd_HHmm/servername.json/xml/txt)")
+	f.BoolVar(&c.Conf.ToSaas, "to-saas", false,
+		"Upload report to Future Vuls(https://vuls.biz/) before report")
+
+	f.BoolVar(&c.Conf.GZIP, "gzip", false, "gzip compression")
+	f.BoolVar(&c.Conf.UUID, "uuid", false,
+		"Auto generate of scan target servers and then write to config.toml and scan result")
+	f.BoolVar(&c.Conf.Pipe, "pipe", false, "Use args passed via PIPE")
+
+	f.StringVar(&p.cveDict.Type, "cvedb-type", "",
+		"DB type of go-cve-dictionary (sqlite3, mysql, postgres, redis or http)")
+	f.StringVar(&p.cveDict.SQLite3Path, "cvedb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.cveDict.URL, "cvedb-url", "",
+		"http://go-cve-dictionary.com:1323 or DB connection string")
+
+	f.StringVar(&p.ovalDict.Type, "ovaldb-type", "",
+		"DB type of goval-dictionary (sqlite3, mysql, postgres, redis or http)")
+	f.StringVar(&p.ovalDict.SQLite3Path, "ovaldb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.ovalDict.URL, "ovaldb-url", "",
+		"http://goval-dictionary.com:1324 or DB connection string")
+
+	f.StringVar(&p.gostConf.Type, "gostdb-type", "",
+		"DB type of gost (sqlite3, mysql, postgres, redis or http)")
+	f.StringVar(&p.gostConf.SQLite3Path, "gostdb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.gostConf.URL, "gostdb-url", "",
+		"http://gost.com:1325 or DB connection string")
+
+	f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
+		"DB type of exploit (sqlite3, mysql, postgres, redis or http)")
+	f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
+		"http://exploit.com:1326 or DB connection string")
+
+	f.StringVar(&p.httpConf.URL, "http", "", "-to-http http://vuls-report")
+
+}
+
+// Execute execute
+func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
+	util.Log = util.NewCustomLogger(c.ServerInfo{})
+	cvelog.SetLogger(c.Conf.LogDir, false, c.Conf.Debug, false)
+
+	if err := c.Load(p.configPath, ""); err != nil {
+		util.Log.Errorf("Error loading %s, %s", p.configPath, err)
+		return subcommands.ExitUsageError
+	}
+
+	c.Conf.CveDict.Overwrite(p.cveDict)
+	c.Conf.OvalDict.Overwrite(p.ovalDict)
+	c.Conf.Gost.Overwrite(p.gostConf)
+	c.Conf.Exploit.Overwrite(p.exploitConf)
+	c.Conf.HTTP.Overwrite(p.httpConf)
+
+	var dir string
+	var err error
+	if c.Conf.Diff {
+		dir, err = report.JSONDir([]string{})
+	} else {
+		dir, err = report.JSONDir(f.Args())
+	}
+	if err != nil {
+		util.Log.Errorf("Failed to read from JSON: %s", err)
+		return subcommands.ExitFailure
+	}
+
+	// report
+	reports := []report.ResultWriter{
+		report.StdoutWriter{},
+	}
+
+	if c.Conf.ToSlack {
+		reports = append(reports, report.SlackWriter{})
+	}
+
+	if c.Conf.ToStride {
+		reports = append(reports, report.StrideWriter{})
+	}
+
+	if c.Conf.ToHipChat {
+		reports = append(reports, report.HipChatWriter{})
+	}
+
+	if c.Conf.ToChatWork {
+		reports = append(reports, report.ChatWorkWriter{})
+	}
+
+	if c.Conf.ToTelegram {
+		reports = append(reports, report.TelegramWriter{})
+	}
+
+	if c.Conf.ToEmail {
+		reports = append(reports, report.EMailWriter{})
+	}
+
+	if c.Conf.ToSyslog {
+		reports = append(reports, report.SyslogWriter{})
+	}
+
+	if c.Conf.ToHTTP {
+		reports = append(reports, report.HTTPRequestWriter{})
+	}
+
+	if c.Conf.ToLocalFile {
+		reports = append(reports, report.LocalFileWriter{
+			CurrentDir: dir,
+		})
+	}
+
+	if c.Conf.ToS3 {
+		if err := report.CheckIfBucketExists(); err != nil {
+			util.Log.Errorf("Check if there is a bucket beforehand: %s, err: %s",
+				c.Conf.AWS.S3Bucket, err)
+			return subcommands.ExitUsageError
+		}
+		reports = append(reports, report.S3Writer{})
+	}
+
+	if c.Conf.ToAzureBlob {
+		if len(c.Conf.Azure.AccountName) == 0 {
+			c.Conf.Azure.AccountName = os.Getenv("AZURE_STORAGE_ACCOUNT")
+		}
+
+		if len(c.Conf.Azure.AccountKey) == 0 {
+			c.Conf.Azure.AccountKey = os.Getenv("AZURE_STORAGE_ACCESS_KEY")
+		}
+
+		if len(c.Conf.Azure.ContainerName) == 0 {
+			util.Log.Error("Azure storage container name is required with -azure-container option")
+			return subcommands.ExitUsageError
+		}
+		if err := report.CheckIfAzureContainerExists(); err != nil {
+			util.Log.Errorf("Check if there is a container beforehand: %s, err: %s",
+				c.Conf.Azure.ContainerName, err)
+			return subcommands.ExitUsageError
+		}
+		reports = append(reports, report.AzureBlobWriter{})
+	}
+
+	if c.Conf.ToSaas {
+		if !c.Conf.UUID {
+			util.Log.Errorf("If you use the -to-saas option, you need to enable the uuid option")
+			return subcommands.ExitUsageError
+		}
+		reports = append(reports, report.SaasWriter{})
+	}
+
+	if !(c.Conf.FormatJSON || c.Conf.FormatOneLineText ||
+		c.Conf.FormatList || c.Conf.FormatFullText || c.Conf.FormatXML) {
+		c.Conf.FormatList = true
+	}
+
+	util.Log.Info("Validating config...")
+	if !c.Conf.ValidateOnReport() {
+		return subcommands.ExitUsageError
+	}
+
+	var loaded models.ScanResults
+	if loaded, err = report.LoadScanResults(dir); err != nil {
+		util.Log.Error(err)
+		return subcommands.ExitFailure
+	}
+	util.Log.Infof("Loaded: %s", dir)
+
+	var res models.ScanResults
+	for _, r := range loaded {
+		if len(r.Errors) == 0 {
+			res = append(res, r)
+		} else {
+			util.Log.Warnf("Ignored since errors occurred during scanning: %s",
+				r.ServerName)
+		}
+	}
+
+	for _, r := range res {
+		util.Log.Debugf("%s: %s",
+			r.ServerInfo(),
+			pp.Sprintf("%s", c.Conf.Servers[r.ServerName]))
+	}
+
+	if c.Conf.UUID {
+		// Ensure UUIDs of scan target servers in config.toml
+		if err := report.EnsureUUIDs(p.configPath, res); err != nil {
+			util.Log.Errorf("Failed to ensure UUIDs: %s", err)
+			return subcommands.ExitFailure
+		}
+	}
+
+	if !c.Conf.ToSaas {
+		util.Log.Info("Validating db config...")
+		if !c.Conf.ValidateOnReportDB() {
+			return subcommands.ExitUsageError
+		}
+
+		if c.Conf.CveDict.URL != "" {
+			if err := report.CveClient.CheckHealth(); err != nil {
+				util.Log.Errorf("CVE HTTP server is not running. err: %s", err)
+				util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url")
+				return subcommands.ExitFailure
+			}
+		}
+
+		if c.Conf.OvalDict.URL != "" {
+			err := oval.Base{}.CheckHTTPHealth()
+			if err != nil {
+				util.Log.Errorf("OVAL HTTP server is not running. err: %s", err)
+				util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url")
+				return subcommands.ExitFailure
+			}
+		}
+
+		if c.Conf.Gost.URL != "" {
+			util.Log.Infof("gost: %s", c.Conf.Gost.URL)
+			err := gost.Base{}.CheckHTTPHealth()
+			if err != nil {
+				util.Log.Errorf("gost HTTP server is not running. err: %s", err)
+				util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url")
+				return subcommands.ExitFailure
+			}
+		}
+
+		if c.Conf.Exploit.URL != "" {
+			err := exploit.CheckHTTPHealth()
+			if err != nil {
+				util.Log.Errorf("exploit HTTP server is not running. err: %s", err)
+				util.Log.Errorf("Run go-exploitdb as server mode before reporting")
+				return subcommands.ExitFailure
+			}
+		}
+		dbclient, locked, err := report.NewDBClient(report.DBClientConf{
+			CveDictCnf:  c.Conf.CveDict,
+			OvalDictCnf: c.Conf.OvalDict,
+			GostCnf:     c.Conf.Gost,
+			ExploitCnf:  c.Conf.Exploit,
+			DebugSQL:    c.Conf.DebugSQL,
+		})
+		if locked {
+			util.Log.Errorf("SQLite3 is locked. Close other DB connections and try again: %s", err)
+			return subcommands.ExitFailure
+		}
+		if err != nil {
+			util.Log.Errorf("Failed to init DB Clients: %s", err)
+			return subcommands.ExitFailure
+		}
+		defer dbclient.CloseDB()
+
+		if res, err = report.FillCveInfos(*dbclient, res, dir); err != nil {
+			util.Log.Error(err)
+			return subcommands.ExitFailure
+		}
+	}
+
+	for _, w := range reports {
+		if err := w.Write(res...); err != nil {
+			util.Log.Errorf("Failed to report: %s", err)
+			return subcommands.ExitFailure
+		}
+	}
+
+	return subcommands.ExitSuccess
+}
--- a/commands/scan.go
+++ b/commands/scan.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -18,6 +18,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package commands

 import (
+	"context"
 	"flag"
 	"fmt"
 	"io/ioutil"
@@ -25,56 +26,19 @@ import (
 	"path/filepath"
 	"strings"

-	"github.com/Sirupsen/logrus"
 	c "github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/cveapi"
-	"github.com/future-architect/vuls/db"
-	"github.com/future-architect/vuls/report"
 	"github.com/future-architect/vuls/scan"
 	"github.com/future-architect/vuls/util"
 	"github.com/google/subcommands"
-	"golang.org/x/net/context"
+	"github.com/k0kubun/pp"
 )

 // ScanCmd is Subcommand of host discovery mode
 type ScanCmd struct {
-	lang     string
-	debug    bool
-	debugSQL bool
-
-	configPath string
-
-	dbpath           string
-	cvedbpath        string
-	cveDictionaryURL string
-
-	cvssScoreOver      float64
-	ignoreUnscoredCves bool
-
-	httpProxy       string
-	askSudoPassword bool
-	askKeyPassword  bool
-
-	// reporting
-	reportSlack     bool
-	reportMail      bool
-	reportJSON      bool
-	reportText      bool
-	reportS3        bool
-	reportAzureBlob bool
-
-	awsProfile  string
-	awsS3Bucket string
-	awsRegion   string
-
-	azureAccount   string
-	azureKey       string
-	azureContainer string
-
-	useYumPluginSecurity  bool
-	useUnattendedUpgrades bool
-
-	sshExternal bool
+	configPath     string
+	askKeyPassword bool
+	timeoutSec     int
+	scanTimeoutSec int
 }

 // Name return subcommand name
@@ -87,30 +51,21 @@ func (*ScanCmd) Synopsis() string { return "Scan vulnerabilities" }
 func (*ScanCmd) Usage() string {
 	return `scan:
 	scan
-		[-lang=en|ja]
 		[-config=/path/to/config.toml]
-		[-dbpath=/path/to/vuls.sqlite3]
-		[-cve-dictionary-dbpath=/path/to/cve.sqlite3]
-		[-cve-dictionary-url=http://127.0.0.1:1323]
-		[-cvss-over=7]
-		[-ignore-unscored-cves]
-		[-ssh-external]
-		[-report-azure-blob]
-		[-report-json]
-		[-report-mail]
-		[-report-s3]
-		[-report-slack]
-		[-report-text]
+		[-results-dir=/path/to/results]
+		[-log-dir=/path/to/log]
+		[-cachedb-path=/path/to/cache.db]
+		[-ssh-native-insecure]
+		[-ssh-config]
+		[-containers-only]
+		[-skip-broken]
 		[-http-proxy=http://192.168.0.1:8080]
 		[-ask-key-password]
+		[-timeout=300]
+		[-timeout-scan=7200]
 		[-debug]
-		[-debug-sql]
-		[-aws-profile=default]
-		[-aws-region=us-west-2]
-		[-aws-s3-bucket=bucket_name]
-		[-azure-account=accout]
-		[-azure-key=key]
-		[-azure-container=container]
+		[-pipe]
+		[-vvv]

 		[SERVER]...
 `
@@ -118,162 +73,96 @@ func (*ScanCmd) Usage() string {

 // SetFlags set flag
 func (p *ScanCmd) SetFlags(f *flag.FlagSet) {
-	f.StringVar(&p.lang, "lang", "en", "[en|ja]")
-	f.BoolVar(&p.debug, "debug", false, "debug mode")
-	f.BoolVar(&p.debugSQL, "debug-sql", false, "SQL debug mode")
+	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")

 	wd, _ := os.Getwd()
-
 	defaultConfPath := filepath.Join(wd, "config.toml")
 	f.StringVar(&p.configPath, "config", defaultConfPath, "/path/to/toml")

-	defaultDBPath := filepath.Join(wd, "vuls.sqlite3")
-	f.StringVar(&p.dbpath, "dbpath", defaultDBPath, "/path/to/sqlite3")
+	defaultResultsDir := filepath.Join(wd, "results")
+	f.StringVar(&c.Conf.ResultsDir, "results-dir", defaultResultsDir, "/path/to/results")

-	f.StringVar(
-		&p.cvedbpath,
-		"cve-dictionary-dbpath",
-		"",
-		"/path/to/sqlite3 (For get cve detail from cve.sqlite3)")
+	defaultLogDir := util.GetDefaultLogDir()
+	f.StringVar(&c.Conf.LogDir, "log-dir", defaultLogDir, "/path/to/log")

-	defaultURL := "http://127.0.0.1:1323"
-	f.StringVar(
-		&p.cveDictionaryURL,
-		"cve-dictionary-url",
-		defaultURL,
-		"http://CVE.Dictionary")
+	defaultCacheDBPath := filepath.Join(wd, "cache.db")
+	f.StringVar(&c.Conf.CacheDBPath, "cachedb-path", defaultCacheDBPath,
+		"/path/to/cache.db (local cache of changelog for Ubuntu/Debian)")

-	f.Float64Var(
-		&p.cvssScoreOver,
-		"cvss-over",
-		0,
-		"-cvss-over=6.5 means reporting CVSS Score 6.5 and over (default: 0 (means report all))")
+	f.BoolVar(&c.Conf.SSHNative, "ssh-native-insecure", false,
+		"Use Native Go implementation of SSH. Default: Use the external command")

-	f.BoolVar(
-		&p.ignoreUnscoredCves,
-		"ignore-unscored-cves",
-		false,
-		"Don't report the unscored CVEs")
+	f.BoolVar(&c.Conf.SSHConfig, "ssh-config", false,
+		"Use SSH options specified in ssh_config preferentially")

-	f.BoolVar(
-		&p.sshExternal,
-		"ssh-external",
-		false,
-		"Use external ssh command. Default: Use the Go native implementation")
+	f.BoolVar(&c.Conf.ContainersOnly, "containers-only", false,
+		"Scan containers only. Default: Scan both of hosts and containers")

-	f.StringVar(
-		&p.httpProxy,
-		"http-proxy",
-		"",
-		"http://proxy-url:port (default: empty)",
-	)
+	f.BoolVar(&c.Conf.SkipBroken, "skip-broken", false,
+		"[For CentOS] yum update changelog with --skip-broken option")

-	f.BoolVar(&p.reportSlack, "report-slack", false, "Send report via Slack")
-	f.BoolVar(&p.reportMail, "report-mail", false, "Send report via Email")
-	f.BoolVar(&p.reportJSON,
-		"report-json",
-		false,
-		fmt.Sprintf("Write report to JSON files (%s/results/current)", wd),
-	)
-	f.BoolVar(&p.reportText,
-		"report-text",
-		false,
-		fmt.Sprintf("Write report to text files (%s/results/current)", wd),
-	)
+	f.StringVar(&c.Conf.HTTPProxy, "http-proxy", "",
+		"http://proxy-url:port (default: empty)")

-	f.BoolVar(&p.reportS3,
-		"report-s3",
-		false,
-		"Write report to S3 (bucket/yyyyMMdd_HHmm/servername.json)",
-	)
-	f.StringVar(&p.awsProfile, "aws-profile", "default", "AWS profile to use")
-	f.StringVar(&p.awsRegion, "aws-region", "us-east-1", "AWS region to use")
-	f.StringVar(&p.awsS3Bucket, "aws-s3-bucket", "", "S3 bucket name")
-
-	f.BoolVar(&p.reportAzureBlob,
-		"report-azure-blob",
-		false,
-		"Write report to S3 (container/yyyyMMdd_HHmm/servername.json)",
-	)
-	f.StringVar(&p.azureAccount, "azure-account", "", "Azure account name to use. AZURE_STORAGE_ACCOUNT environment variable is used if not specified")
-	f.StringVar(&p.azureKey, "azure-key", "", "Azure account key to use. AZURE_STORAGE_ACCESS_KEY environment variable is used if not specified")
-	f.StringVar(&p.azureContainer, "azure-container", "", "Azure storage container name")
-
-	f.BoolVar(
-		&p.askKeyPassword,
-		"ask-key-password",
-		false,
+	f.BoolVar(&p.askKeyPassword, "ask-key-password", false,
 		"Ask ssh privatekey password before scanning",
 	)

-	f.BoolVar(
-		&p.askSudoPassword,
-		"ask-sudo-password",
-		false,
-		"[Deprecated] THIS OPTION WAS REMOVED FOR SECURITY REASONS. Define NOPASSWD in /etc/sudoers on tareget servers and use SSH key-based authentication",
+	f.BoolVar(&c.Conf.Pipe, "pipe", false, "Use stdin via PIPE")
+	f.BoolVar(&c.Conf.Vvv, "vvv", false, "ssh -vvv")
+
+	f.IntVar(&p.timeoutSec, "timeout", 5*60,
+		"Number of seconds for processing other than scan",
 	)

-	f.BoolVar(
-		&p.useYumPluginSecurity,
-		"use-yum-plugin-security",
-		false,
-		"[Deprecated] For CentOS 5. Scan by yum-plugin-security or not (use yum check-update by default)",
+	f.IntVar(&p.scanTimeoutSec, "timeout-scan", 120*60,
+		"Number of seconds for scanning vulnerabilities for all servers",
 	)
-
-	f.BoolVar(
-		&p.useUnattendedUpgrades,
-		"use-unattended-upgrades",
-		false,
-		"[Deprecated] For Ubuntu. Scan by unattended-upgrades or not (use apt-get upgrade --dry-run by default)",
-	)
-
 }

 // Execute execute
 func (p *ScanCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
+	// Setup Logger
+	util.Log = util.NewCustomLogger(c.ServerInfo{})
+
+	if err := mkdirDotVuls(); err != nil {
+		util.Log.Errorf("Failed to create .vuls: %s", err)
+		return subcommands.ExitUsageError
+	}
+
 	var keyPass string
 	var err error
 	if p.askKeyPassword {
 		prompt := "SSH key password: "
 		if keyPass, err = getPasswd(prompt); err != nil {
-			logrus.Error(err)
+			util.Log.Error(err)
 			return subcommands.ExitFailure
 		}
 	}
-	if p.askSudoPassword {
-		logrus.Errorf("[Deprecated] -ask-sudo-password WAS REMOVED FOR SECURITY REASONS. Define NOPASSWD in /etc/sudoers on tareget servers and use SSH key-based authentication")
-		return subcommands.ExitFailure
-	}

 	err = c.Load(p.configPath, keyPass)
 	if err != nil {
-		logrus.Errorf("Error loading %s, %s", p.configPath, err)
+		util.Log.Errorf("Error loading %s, %s", p.configPath, err)
+		util.Log.Errorf("If you update Vuls and get this error, there may be incompatible changes in config.toml")
+		util.Log.Errorf("Please check README: https://github.com/future-architect/vuls#configuration")
 		return subcommands.ExitUsageError
 	}

-	logrus.Info("Start scanning")
-	logrus.Infof("config: %s", p.configPath)
-	if p.cvedbpath != "" {
-		logrus.Infof("cve-dictionary: %s", p.cvedbpath)
-	} else {
-		logrus.Infof("cve-dictionary: %s", p.cveDictionaryURL)
-	}
+	util.Log.Info("Start scanning")
+	util.Log.Infof("config: %s", p.configPath)

 	var servernames []string
 	if 0 < len(f.Args()) {
 		servernames = f.Args()
-	} else {
-		stat, _ := os.Stdin.Stat()
-		if (stat.Mode() & os.ModeCharDevice) == 0 {
-			bytes, err := ioutil.ReadAll(os.Stdin)
-			if err != nil {
-				logrus.Errorf("Failed to read stdin: %s", err)
-				return subcommands.ExitFailure
-			}
-			fields := strings.Fields(string(bytes))
-			if 0 < len(fields) {
-				servernames = fields
-			}
+	} else if c.Conf.Pipe {
+		bytes, err := ioutil.ReadAll(os.Stdin)
+		if err != nil {
+			util.Log.Errorf("Failed to read stdin: %s", err)
+			return subcommands.ExitFailure
+		}
+		fields := strings.Fields(string(bytes))
+		if 0 < len(fields) {
+			servernames = fields
 		}
 	}

@@ -288,143 +177,43 @@ func (p *ScanCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{})
 			}
 		}
 		if !found {
-			logrus.Errorf("%s is not in config", arg)
+			util.Log.Errorf("%s is not in config", arg)
 			return subcommands.ExitUsageError
 		}
 	}
 	if 0 < len(servernames) {
 		c.Conf.Servers = target
 	}
+	util.Log.Debugf("%s", pp.Sprintf("%v", target))

-	c.Conf.Lang = p.lang
-	c.Conf.Debug = p.debug
-	c.Conf.DebugSQL = p.debugSQL
-
-	// logger
-	Log := util.NewCustomLogger(c.ServerInfo{})
-
-	// report
-	reports := []report.ResultWriter{
-		report.StdoutWriter{},
-		report.LogrusWriter{},
-	}
-	if p.reportSlack {
-		reports = append(reports, report.SlackWriter{})
-	}
-	if p.reportMail {
-		reports = append(reports, report.MailWriter{})
-	}
-	if p.reportJSON {
-		reports = append(reports, report.JSONWriter{})
-	}
-	if p.reportText {
-		reports = append(reports, report.TextFileWriter{})
-	}
-	if p.reportS3 {
-		c.Conf.AwsRegion = p.awsRegion
-		c.Conf.AwsProfile = p.awsProfile
-		c.Conf.S3Bucket = p.awsS3Bucket
-		if err := report.CheckIfBucketExists(); err != nil {
-			Log.Errorf("Failed to access to the S3 bucket. err: %s", err)
-			Log.Error("Ensure the bucket or check AWS config before scanning")
-			return subcommands.ExitUsageError
-		}
-		reports = append(reports, report.S3Writer{})
-	}
-	if p.reportAzureBlob {
-		c.Conf.AzureAccount = p.azureAccount
-		if c.Conf.AzureAccount == "" {
-			c.Conf.AzureAccount = os.Getenv("AZURE_STORAGE_ACCOUNT")
-		}
-
-		c.Conf.AzureKey = p.azureKey
-		if c.Conf.AzureKey == "" {
-			c.Conf.AzureKey = os.Getenv("AZURE_STORAGE_ACCESS_KEY")
-		}
-
-		c.Conf.AzureContainer = p.azureContainer
-		if c.Conf.AzureContainer == "" {
-			Log.Error("Azure storage container name is requied with --azure-container option")
-			return subcommands.ExitUsageError
-		}
-		if err := report.CheckIfAzureContainerExists(); err != nil {
-			Log.Errorf("Failed to access to the Azure Blob container. err: %s", err)
-			Log.Error("Ensure the container or check Azure config before scanning")
-			return subcommands.ExitUsageError
-		}
-		reports = append(reports, report.AzureBlobWriter{})
-	}
-
-	c.Conf.DBPath = p.dbpath
-	c.Conf.CveDBPath = p.cvedbpath
-	c.Conf.CveDictionaryURL = p.cveDictionaryURL
-	c.Conf.CvssScoreOver = p.cvssScoreOver
-	c.Conf.IgnoreUnscoredCves = p.ignoreUnscoredCves
-	c.Conf.SSHExternal = p.sshExternal
-	c.Conf.HTTPProxy = p.httpProxy
-	c.Conf.UseYumPluginSecurity = p.useYumPluginSecurity
-	c.Conf.UseUnattendedUpgrades = p.useUnattendedUpgrades
-
-	Log.Info("Validating Config...")
-	if !c.Conf.Validate() {
+	util.Log.Info("Validating config...")
+	if !c.Conf.ValidateOnScan() {
 		return subcommands.ExitUsageError
 	}

-	if ok, err := cveapi.CveClient.CheckHealth(); !ok {
-		Log.Errorf("CVE HTTP server is not running. err: %s", err)
-		Log.Errorf("Run go-cve-dictionary as server mode or specify -cve-dictionary-dbpath option")
+	util.Log.Info("Detecting Server/Container OS... ")
+	if err := scan.InitServers(p.timeoutSec); err != nil {
+		util.Log.Errorf("Failed to init servers: %s", err)
 		return subcommands.ExitFailure
 	}

-	Log.Info("Detecting Server/Contianer OS... ")
-	scan.InitServers(Log)
-
-	Log.Info("Checking sudo configuration... ")
-	if err := scan.CheckIfSudoNoPasswd(Log); err != nil {
-		Log.Errorf("Failed to sudo with nopassword via SSH. Define NOPASSWD in /etc/sudoers on target servers")
+	util.Log.Info("Checking Scan Modes... ")
+	if err := scan.CheckScanModes(); err != nil {
+		util.Log.Errorf("Fix config.toml: %s", err)
 		return subcommands.ExitFailure
 	}

-	Log.Info("Detecting Platforms... ")
-	scan.DetectPlatforms(Log)
+	util.Log.Info("Detecting Platforms... ")
+	scan.DetectPlatforms(p.timeoutSec)

-	Log.Info("Scanning vulnerabilities... ")
-	if errs := scan.Scan(); 0 < len(errs) {
-		for _, e := range errs {
-			Log.Errorf("Failed to scan. err: %s", e)
-		}
+	util.Log.Info("Scanning vulnerabilities... ")
+	if err := scan.Scan(p.scanTimeoutSec); err != nil {
+		util.Log.Errorf("Failed to scan. err: %s", err)
 		return subcommands.ExitFailure
 	}
-
-	scanResults, err := scan.GetScanResults()
-	if err != nil {
-		Log.Fatal(err)
-		return subcommands.ExitFailure
-	}
-
-	Log.Info("Insert to DB...")
-	if err := db.OpenDB(); err != nil {
-		Log.Errorf("Failed to open DB. datafile: %s, err: %s", c.Conf.DBPath, err)
-		return subcommands.ExitFailure
-	}
-	if err := db.MigrateDB(); err != nil {
-		Log.Errorf("Failed to migrate. err: %s", err)
-		return subcommands.ExitFailure
-	}
-
-	if err := db.Insert(scanResults); err != nil {
-		Log.Fatalf("Failed to insert. dbpath: %s, err: %s", c.Conf.DBPath, err)
-		return subcommands.ExitFailure
-	}
-
-	Log.Info("Reporting...")
-	filtered := scanResults.FilterByCvssOver()
-	for _, w := range reports {
-		if err := w.Write(filtered); err != nil {
-			Log.Fatalf("Failed to report, err: %s", err)
-			return subcommands.ExitFailure
-		}
-	}
+	fmt.Printf("\n\n\n")
+	fmt.Println("To view the detail, vuls tui is useful.")
+	fmt.Println("To send a report, run vuls report -h.")

 	return subcommands.ExitSuccess
 }
--- a/commands/server.go
+++ b/commands/server.go
@@ -0,0 +1,239 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package commands
+
+import (
+	"context"
+	"flag"
+	"fmt"
+	"net/http"
+	"os"
+	"path/filepath"
+
+	// "github.com/future-architect/vuls/Server"
+
+	c "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/exploit"
+	"github.com/future-architect/vuls/gost"
+	"github.com/future-architect/vuls/oval"
+	"github.com/future-architect/vuls/report"
+	"github.com/future-architect/vuls/server"
+	"github.com/future-architect/vuls/util"
+	"github.com/google/subcommands"
+	cvelog "github.com/kotakanbe/go-cve-dictionary/log"
+)
+
+// ServerCmd is subcommand for server
+type ServerCmd struct {
+	configPath  string
+	listen      string
+	cveDict     c.GoCveDictConf
+	ovalDict    c.GovalDictConf
+	gostConf    c.GostConf
+	exploitConf c.ExploitConf
+}
+
+// Name return subcommand name
+func (*ServerCmd) Name() string { return "server" }
+
+// Synopsis return synopsis
+func (*ServerCmd) Synopsis() string { return "Server" }
+
+// Usage return usage
+func (*ServerCmd) Usage() string {
+	return `Server:
+	Server
+		[-lang=en|ja]
+		[-config=/path/to/config.toml]
+		[-log-dir=/path/to/log]
+		[-cvss-over=7]
+		[-ignore-unscored-cves]
+		[-ignore-unfixed]
+		[-to-localfile]
+		[-format-json]
+		[-http-proxy=http://192.168.0.1:8080]
+		[-debug]
+		[-debug-sql]
+		[-listen=localhost:5515]
+		[-cvedb-type=sqlite3|mysql|postgres|redis|http]
+		[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
+		[-cvedb-url=http://127.0.0.1:1323 or DB connection string]
+		[-ovaldb-type=sqlite3|mysql|redis|http]
+		[-ovaldb-sqlite3-path=/path/to/oval.sqlite3]
+		[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
+		[-gostdb-type=sqlite3|mysql|redis|http]
+		[-gostdb-sqlite3-path=/path/to/gost.sqlite3]
+		[-gostdb-url=http://127.0.0.1:1325 or DB connection string]
+		[-exploitdb-type=sqlite3|mysql|redis|http]
+		[-exploitdb-sqlite3-path=/path/to/exploitdb.sqlite3]
+		[-exploitdb-url=http://127.0.0.1:1326 or DB connection string]
+
+		[RFC3339 datetime format under results dir]
+`
+}
+
+// SetFlags set flag
+func (p *ServerCmd) SetFlags(f *flag.FlagSet) {
+	f.StringVar(&c.Conf.Lang, "lang", "en", "[en|ja]")
+	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")
+	f.BoolVar(&c.Conf.DebugSQL, "debug-sql", false, "SQL debug mode")
+
+	wd, _ := os.Getwd()
+	defaultConfPath := filepath.Join(wd, "config.toml")
+	f.StringVar(&p.configPath, "config", defaultConfPath, "/path/to/toml")
+
+	defaultResultsDir := filepath.Join(wd, "results")
+	f.StringVar(&c.Conf.ResultsDir, "results-dir", defaultResultsDir, "/path/to/results")
+
+	defaultLogDir := util.GetDefaultLogDir()
+	f.StringVar(&c.Conf.LogDir, "log-dir", defaultLogDir, "/path/to/log")
+
+	f.Float64Var(&c.Conf.CvssScoreOver, "cvss-over", 0,
+		"-cvss-over=6.5 means Servering CVSS Score 6.5 and over (default: 0 (means Server all))")
+
+	f.BoolVar(&c.Conf.IgnoreUnscoredCves, "ignore-unscored-cves", false,
+		"Don't Server the unscored CVEs")
+
+	f.BoolVar(&c.Conf.IgnoreUnfixed, "ignore-unfixed", false,
+		"Don't Server the unfixed CVEs")
+
+	f.StringVar(&c.Conf.HTTPProxy, "http-proxy", "",
+		"http://proxy-url:port (default: empty)")
+
+	f.BoolVar(&c.Conf.FormatJSON, "format-json", false, "JSON format")
+
+	f.BoolVar(&c.Conf.ToLocalFile, "to-localfile", false, "Write report to localfile")
+	f.StringVar(&p.listen, "listen", "localhost:5515",
+		"host:port (default: localhost:5515)")
+
+	f.StringVar(&p.cveDict.Type, "cvedb-type", "",
+		"DB type of go-cve-dictionary (sqlite3, mysql, postgres, redis or http)")
+	f.StringVar(&p.cveDict.SQLite3Path, "cvedb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.cveDict.URL, "cvedb-url", "",
+		"http://go-cve-dictionary.com:1323 or DB connection string")
+
+	f.StringVar(&p.ovalDict.Type, "ovaldb-type", "",
+		"DB type of goval-dictionary (sqlite3, mysql, postgres, redis or http)")
+	f.StringVar(&p.ovalDict.SQLite3Path, "ovaldb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.ovalDict.URL, "ovaldb-url", "",
+		"http://goval-dictionary.com:1324 or DB connection string")
+
+	f.StringVar(&p.gostConf.Type, "gostdb-type", "",
+		"DB type of gost (sqlite3, mysql, postgres, redis or http)")
+	f.StringVar(&p.gostConf.SQLite3Path, "gostdb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.gostConf.URL, "gostdb-url", "",
+		"http://gost.com:1325 or DB connection string")
+
+	f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
+		"DB type of exploit (sqlite3, mysql, postgres, redis or http)")
+	f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
+		"http://exploit.com:1326 or DB connection string")
+}
+
+// Execute execute
+func (p *ServerCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
+	util.Log = util.NewCustomLogger(c.ServerInfo{})
+	cvelog.SetLogger(c.Conf.LogDir, false, c.Conf.Debug, false)
+
+	if err := c.Load(p.configPath, ""); err != nil {
+		util.Log.Errorf("Error loading %s, %s", p.configPath, err)
+		return subcommands.ExitUsageError
+	}
+
+	c.Conf.CveDict.Overwrite(p.cveDict)
+	c.Conf.OvalDict.Overwrite(p.ovalDict)
+	c.Conf.Gost.Overwrite(p.gostConf)
+	c.Conf.Exploit.Overwrite(p.exploitConf)
+
+	util.Log.Info("Validating config...")
+	if !c.Conf.ValidateOnReport() {
+		return subcommands.ExitUsageError
+	}
+
+	util.Log.Info("Validating db config...")
+	if !c.Conf.ValidateOnReportDB() {
+		return subcommands.ExitUsageError
+	}
+
+	if c.Conf.CveDict.URL != "" {
+		if err := report.CveClient.CheckHealth(); err != nil {
+			util.Log.Errorf("CVE HTTP server is not running. err: %s", err)
+			util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url")
+			return subcommands.ExitFailure
+		}
+	}
+
+	if c.Conf.OvalDict.URL != "" {
+		err := oval.Base{}.CheckHTTPHealth()
+		if err != nil {
+			util.Log.Errorf("OVAL HTTP server is not running. err: %s", err)
+			util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url")
+			return subcommands.ExitFailure
+		}
+	}
+
+	if c.Conf.Gost.URL != "" {
+		util.Log.Infof("gost: %s", c.Conf.Gost.URL)
+		err := gost.Base{}.CheckHTTPHealth()
+		if err != nil {
+			util.Log.Errorf("gost HTTP server is not running. err: %s", err)
+			util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url")
+			return subcommands.ExitFailure
+		}
+	}
+
+	if c.Conf.Exploit.URL != "" {
+		err := exploit.CheckHTTPHealth()
+		if err != nil {
+			util.Log.Errorf("exploit HTTP server is not running. err: %s", err)
+			util.Log.Errorf("Run go-exploitdb as server mode before reporting")
+			return subcommands.ExitFailure
+		}
+	}
+
+	dbclient, locked, err := report.NewDBClient(report.DBClientConf{
+		CveDictCnf:  c.Conf.CveDict,
+		OvalDictCnf: c.Conf.OvalDict,
+		GostCnf:     c.Conf.Gost,
+		ExploitCnf:  c.Conf.Exploit,
+		DebugSQL:    c.Conf.DebugSQL,
+	})
+	if locked {
+		util.Log.Errorf("SQLite3 is locked. Close other DB connections and try again: %s", err)
+		return subcommands.ExitFailure
+	}
+
+	if err != nil {
+		util.Log.Errorf("Failed to init DB Clients: %s", err)
+		return subcommands.ExitFailure
+	}
+
+	defer dbclient.CloseDB()
+
+	http.Handle("/vuls", server.VulsHandler{DBclient: *dbclient})
+	http.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
+		fmt.Fprintf(w, "ok")
+	})
+	util.Log.Infof("Listening on %s", p.listen)
+	if err := http.ListenAndServe(p.listen, nil); err != nil {
+		util.Log.Errorf("Failed to start server: %s", err)
+		return subcommands.ExitFailure
+	}
+	return subcommands.ExitSuccess
+}
--- a/commands/tui.go
+++ b/commands/tui.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -18,38 +18,64 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package commands

 import (
+	"context"
 	"flag"
-	"fmt"
-	"io/ioutil"
 	"os"
 	"path/filepath"
-	"strconv"
-	"strings"

-	log "github.com/Sirupsen/logrus"
 	c "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/exploit"
+	"github.com/future-architect/vuls/gost"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/oval"
 	"github.com/future-architect/vuls/report"
+	"github.com/future-architect/vuls/util"
 	"github.com/google/subcommands"
-	"golang.org/x/net/context"
+	cvelog "github.com/kotakanbe/go-cve-dictionary/log"
 )

 // TuiCmd is Subcommand of host discovery mode
 type TuiCmd struct {
-	lang     string
-	debugSQL bool
-	dbpath   string
+	configPath  string
+	cveDict     c.GoCveDictConf
+	ovalDict    c.GovalDictConf
+	gostConf    c.GostConf
+	exploitConf c.ExploitConf
 }

 // Name return subcommand name
 func (*TuiCmd) Name() string { return "tui" }

 // Synopsis return synopsis
-func (*TuiCmd) Synopsis() string { return "Run Tui view to anayze vulnerabilites" }
+func (*TuiCmd) Synopsis() string { return "Run Tui view to analyze vulnerabilities" }

 // Usage return usage
 func (*TuiCmd) Usage() string {
 	return `tui:
-	tui [-dbpath=/path/to/vuls.sqlite3]
+	tui
+		[-refresh-cve]
+		[-config=/path/to/config.toml]
+		[-cvss-over=7]
+		[-diff]
+		[-ignore-unscored-cves]
+		[-ignore-unfixed]
+		[-results-dir=/path/to/results]
+		[-log-dir=/path/to/log]
+		[-debug]
+		[-debug-sql]
+		[-pipe]
+		[-cvedb-type=sqlite3|mysql|postgres|redis|http]
+		[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
+		[-cvedb-url=http://127.0.0.1:1323 or DB connection string]
+		[-ovaldb-type=sqlite3|mysql|redis|http]
+		[-ovaldb-sqlite3-path=/path/to/oval.sqlite3]
+		[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
+		[-gostdb-type=sqlite3|mysql|redis|http]
+		[-gostdb-sqlite3-path=/path/to/gost.sqlite3]
+		[-gostdb-url=http://127.0.0.1:1325 or DB connection string]
+		[-exploitdb-type=sqlite3|mysql|redis|http]
+		[-exploitdb-sqlite3-path=/path/to/exploitdb.sqlite3]
+		[-exploitdb-url=http://127.0.0.1:1326 or DB connection string]

 `
 }
@@ -57,41 +83,167 @@ func (*TuiCmd) Usage() string {
 // SetFlags set flag
 func (p *TuiCmd) SetFlags(f *flag.FlagSet) {
 	//  f.StringVar(&p.lang, "lang", "en", "[en|ja]")
-	f.BoolVar(&p.debugSQL, "debug-sql", false, "debug SQL")
+	f.BoolVar(&c.Conf.DebugSQL, "debug-sql", false, "debug SQL")
+	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")
+
+	defaultLogDir := util.GetDefaultLogDir()
+	f.StringVar(&c.Conf.LogDir, "log-dir", defaultLogDir, "/path/to/log")

 	wd, _ := os.Getwd()
+	defaultResultsDir := filepath.Join(wd, "results")
+	f.StringVar(&c.Conf.ResultsDir, "results-dir", defaultResultsDir, "/path/to/results")
+
+	defaultConfPath := filepath.Join(wd, "config.toml")
+	f.StringVar(&p.configPath, "config", defaultConfPath, "/path/to/toml")
+
+	f.BoolVar(&c.Conf.RefreshCve, "refresh-cve", false,
+		"Refresh CVE information in JSON file under results dir")
+
+	f.Float64Var(&c.Conf.CvssScoreOver, "cvss-over", 0,
+		"-cvss-over=6.5 means reporting CVSS Score 6.5 and over (default: 0 (means report all))")
+
+	f.BoolVar(&c.Conf.Diff, "diff", false,
+		"Difference between previous result and current result ")
+
+	f.BoolVar(
+		&c.Conf.IgnoreUnscoredCves, "ignore-unscored-cves", false,
+		"Don't report the unscored CVEs")
+
+	f.BoolVar(&c.Conf.IgnoreUnfixed, "ignore-unfixed", false,
+		"Don't report the unfixed CVEs")
+
+	f.BoolVar(&c.Conf.Pipe, "pipe", false, "Use stdin via PIPE")
+
+	f.StringVar(&p.cveDict.Type, "cvedb-type", "",
+		"DB type of go-cve-dictionary (sqlite3, mysql, postgres or redis)")
+	f.StringVar(&p.cveDict.SQLite3Path, "cvedb-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.cveDict.URL, "cvedb-url", "",
+		"http://go-cve-dictionary.com:1323 or DB connection string")
+
+	f.StringVar(&p.ovalDict.Type, "ovaldb-type", "",
+		"DB type of goval-dictionary (sqlite3, mysql, postgres or redis)")
+	f.StringVar(&p.ovalDict.SQLite3Path, "ovaldb-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.ovalDict.URL, "ovaldb-url", "",
+		"http://goval-dictionary.com:1324 or DB connection string")
+
+	f.StringVar(&p.gostConf.Type, "gostdb-type", "",
+		"DB type of gost (sqlite3, mysql, postgres or redis)")
+	f.StringVar(&p.gostConf.SQLite3Path, "gostdb-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.gostConf.URL, "gostdb-url", "",
+		"http://gost.com:1325 or DB connection string")
+
+	f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
+		"DB type of exploit (sqlite3, mysql, postgres, redis or http)")
+	f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
+	f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
+		"http://exploit.com:1326 or DB connection string")

-	defaultDBPath := filepath.Join(wd, "vuls.sqlite3")
-	f.StringVar(&p.dbpath, "dbpath", defaultDBPath,
-		fmt.Sprintf("/path/to/sqlite3 (default: %s)", defaultDBPath))
 }

 // Execute execute
 func (p *TuiCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
 	c.Conf.Lang = "en"
-	c.Conf.DebugSQL = p.debugSQL
-	c.Conf.DBPath = p.dbpath

-	historyID := ""
-	if 0 < len(f.Args()) {
-		if _, err := strconv.Atoi(f.Args()[0]); err != nil {
-			log.Errorf("First Argument have to be scan_histores record ID: %s", err)
+	// Setup Logger
+	util.Log = util.NewCustomLogger(c.ServerInfo{})
+	cvelog.SetLogger(c.Conf.LogDir, false, c.Conf.Debug, false)
+
+	if err := c.Load(p.configPath, ""); err != nil {
+		util.Log.Errorf("Error loading %s, %s", p.configPath, err)
+		return subcommands.ExitUsageError
+	}
+
+	c.Conf.CveDict.Overwrite(p.cveDict)
+	c.Conf.OvalDict.Overwrite(p.ovalDict)
+	c.Conf.Gost.Overwrite(p.gostConf)
+	c.Conf.Exploit.Overwrite(p.exploitConf)
+
+	var dir string
+	var err error
+	if c.Conf.Diff {
+		dir, err = report.JSONDir([]string{})
+	} else {
+		dir, err = report.JSONDir(f.Args())
+	}
+	if err != nil {
+		util.Log.Errorf("Failed to read from JSON: %s", err)
+		return subcommands.ExitFailure
+	}
+
+	util.Log.Info("Validating config...")
+	if !c.Conf.ValidateOnTui() {
+		return subcommands.ExitUsageError
+	}
+
+	var res models.ScanResults
+	if res, err = report.LoadScanResults(dir); err != nil {
+		util.Log.Error(err)
+		return subcommands.ExitFailure
+	}
+	util.Log.Infof("Loaded: %s", dir)
+
+	util.Log.Info("Validating db config...")
+	if !c.Conf.ValidateOnReportDB() {
+		return subcommands.ExitUsageError
+	}
+
+	if c.Conf.CveDict.URL != "" {
+		if err := report.CveClient.CheckHealth(); err != nil {
+			util.Log.Errorf("CVE HTTP server is not running. err: %s", err)
+			util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url")
 			return subcommands.ExitFailure
 		}
-		historyID = f.Args()[0]
-	} else {
-		stat, _ := os.Stdin.Stat()
-		if (stat.Mode() & os.ModeCharDevice) == 0 {
-			bytes, err := ioutil.ReadAll(os.Stdin)
-			if err != nil {
-				log.Errorf("Failed to read stdin: %s", err)
-				return subcommands.ExitFailure
-			}
-			fields := strings.Fields(string(bytes))
-			if 0 < len(fields) {
-				historyID = fields[0]
-			}
+	}
+
+	if c.Conf.OvalDict.URL != "" {
+		err := oval.Base{}.CheckHTTPHealth()
+		if err != nil {
+			util.Log.Errorf("OVAL HTTP server is not running. err: %s", err)
+			util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url")
+			return subcommands.ExitFailure
 		}
 	}
-	return report.RunTui(historyID)
+
+	if c.Conf.Gost.URL != "" {
+		util.Log.Infof("gost: %s", c.Conf.Gost.URL)
+		err := gost.Base{}.CheckHTTPHealth()
+		if err != nil {
+			util.Log.Errorf("gost HTTP server is not running. err: %s", err)
+			util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url")
+			return subcommands.ExitFailure
+		}
+	}
+
+	if c.Conf.Exploit.URL != "" {
+		err := exploit.CheckHTTPHealth()
+		if err != nil {
+			util.Log.Errorf("exploit HTTP server is not running. err: %s", err)
+			util.Log.Errorf("Run go-exploitdb as server mode before reporting")
+			return subcommands.ExitFailure
+		}
+	}
+	dbclient, locked, err := report.NewDBClient(report.DBClientConf{
+		CveDictCnf:  c.Conf.CveDict,
+		OvalDictCnf: c.Conf.OvalDict,
+		GostCnf:     c.Conf.Gost,
+		ExploitCnf:  c.Conf.Exploit,
+		DebugSQL:    c.Conf.DebugSQL,
+	})
+	if locked {
+		util.Log.Errorf("SQLite3 is locked. Close other DB connections and try again: %s", err)
+		return subcommands.ExitFailure
+	}
+
+	if err != nil {
+		util.Log.Errorf("Failed to init DB Clients: %s", err)
+		return subcommands.ExitFailure
+	}
+
+	defer dbclient.CloseDB()
+
+	if res, err = report.FillCveInfos(*dbclient, res, dir); err != nil {
+		util.Log.Error(err)
+		return subcommands.ExitFailure
+	}
+	return report.RunTui(res)
 }
--- a/commands/util.go
+++ b/commands/util.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -15,42 +15,41 @@ You should have received a copy of the GNU General Public License
 along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

-package report
+package commands

 import (
+	"fmt"
 	"os"
 	"path/filepath"
-	"runtime"

-	"github.com/Sirupsen/logrus"
-	"github.com/future-architect/vuls/models"
-	formatter "github.com/kotakanbe/logrus-prefixed-formatter"
+	"github.com/howeyc/gopass"
+	homedir "github.com/mitchellh/go-homedir"
 )

-// LogrusWriter write to logfile
-type LogrusWriter struct {
+func getPasswd(prompt string) (string, error) {
+	for {
+		fmt.Print(prompt)
+		pass, err := gopass.GetPasswdMasked()
+		if err != nil {
+			return "", fmt.Errorf("Failed to read password")
+		}
+		if 0 < len(pass) {
+			return string(pass), nil
+		}
+	}
+
 }

-func (w LogrusWriter) Write(scanResults []models.ScanResult) error {
-	path := "/var/log/vuls/report.log"
-	if runtime.GOOS == "windows" {
-		path = filepath.Join(os.Getenv("APPDATA"), "vuls", "report.log")
-	}
-	f, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE|os.O_APPEND, 0666)
+func mkdirDotVuls() error {
+	home, err := homedir.Dir()
 	if err != nil {
 		return err
 	}
-	log := logrus.New()
-	log.Formatter = &formatter.TextFormatter{}
-	log.Out = f
-	log.Level = logrus.InfoLevel
-
-	for _, s := range scanResults {
-		text, err := toPlainText(s)
-		if err != nil {
+	dotVuls := filepath.Join(home, ".vuls")
+	if _, err := os.Stat(dotVuls); os.IsNotExist(err) {
+		if err := os.Mkdir(dotVuls, 0700); err != nil {
 			return err
 		}
-		log.Infof(text)
 	}
 	return nil
 }
--- a/commands/util_test.go
+++ b/commands/util_test.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -15,10 +15,4 @@ You should have received a copy of the GNU General Public License
 along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

-package version
-
-// Name is Vuls
-const Name string = "vuls"
-
-// Version of Vuls
-const Version string = "0.1.5"
+package commands
--- a/config/color.go
+++ b/config/color.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
--- a/config/config.go
+++ b/config/config.go
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -0,0 +1,103 @@
+package config
+
+import (
+	"testing"
+)
+
+func TestSyslogConfValidate(t *testing.T) {
+	var tests = []struct {
+		conf              SyslogConf
+		expectedErrLength int
+	}{
+		{
+			conf:              SyslogConf{},
+			expectedErrLength: 0,
+		},
+		{
+			conf: SyslogConf{
+				Protocol: "tcp",
+				Port:     "5140",
+			},
+			expectedErrLength: 0,
+		},
+		{
+			conf: SyslogConf{
+				Protocol: "udp",
+				Port:     "12345",
+				Severity: "emerg",
+				Facility: "user",
+			},
+			expectedErrLength: 0,
+		},
+		{
+			conf: SyslogConf{
+				Protocol: "foo",
+				Port:     "514",
+			},
+			expectedErrLength: 1,
+		},
+		{
+			conf: SyslogConf{
+				Protocol: "invalid",
+				Port:     "-1",
+			},
+			expectedErrLength: 2,
+		},
+		{
+			conf: SyslogConf{
+				Protocol: "invalid",
+				Port:     "invalid",
+				Severity: "invalid",
+				Facility: "invalid",
+			},
+			expectedErrLength: 4,
+		},
+	}
+
+	for i, tt := range tests {
+		Conf.ToSyslog = true
+		errs := tt.conf.Validate()
+		if len(errs) != tt.expectedErrLength {
+			t.Errorf("test: %d, expected %d, actual %d", i, tt.expectedErrLength, len(errs))
+		}
+	}
+}
+
+func TestMajorVersion(t *testing.T) {
+	var tests = []struct {
+		in  Distro
+		out int
+	}{
+		{
+			in: Distro{
+				Family:  Amazon,
+				Release: "2 (2017.12)",
+			},
+			out: 2,
+		},
+		{
+			in: Distro{
+				Family:  Amazon,
+				Release: "2017.12",
+			},
+			out: 1,
+		},
+		{
+			in: Distro{
+				Family:  CentOS,
+				Release: "7.10",
+			},
+			out: 7,
+		},
+	}
+
+	for i, tt := range tests {
+		ver, err := tt.in.MajorVersion()
+		if err != nil {
+			t.Errorf("[%d] err occurred: %s", i, err)
+		}
+		if tt.out != ver {
+			t.Errorf("[%d] expected %d, actual %d", i, tt.out, ver)
+		}
+	}
+}
--- a/config/jsonloader.go
+++ b/config/jsonloader.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -23,7 +23,7 @@ import "fmt"
 type JSONLoader struct {
 }

-// Load load the configuraiton JSON file specified by path arg.
+// Load load the configuration JSON file specified by path arg.
 func (c JSONLoader) Load(path, sudoPass, keyPass string) (err error) {
 	return fmt.Errorf("Not implement yet")
 }
--- a/config/loader.go
+++ b/config/loader.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
--- a/config/tomlloader.go
+++ b/config/tomlloader.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -20,26 +20,39 @@ package config
 import (
 	"fmt"
 	"os"
+	"regexp"
+	"strings"

 	"github.com/BurntSushi/toml"
-	log "github.com/Sirupsen/logrus"
-	"github.com/k0kubun/pp"
+	"github.com/knqyf263/go-cpe/naming"
 )

 // TOMLLoader loads config
 type TOMLLoader struct {
 }

-// Load load the configuraiton TOML file specified by path arg.
-func (c TOMLLoader) Load(pathToToml, keyPass string) (err error) {
+// Load load the configuration TOML file specified by path arg.
+func (c TOMLLoader) Load(pathToToml, keyPass string) error {
 	var conf Config
 	if _, err := toml.DecodeFile(pathToToml, &conf); err != nil {
-		log.Error("Load config failed", err)
 		return err
 	}
-
-	Conf.Mail = conf.Mail
+	Conf.EMail = conf.EMail
 	Conf.Slack = conf.Slack
+	Conf.Stride = conf.Stride
+	Conf.HipChat = conf.HipChat
+	Conf.ChatWork = conf.ChatWork
+	Conf.Telegram = conf.Telegram
+	Conf.Saas = conf.Saas
+	Conf.Syslog = conf.Syslog
+	Conf.HTTP = conf.HTTP
+	Conf.AWS = conf.AWS
+	Conf.Azure = conf.Azure
+
+	Conf.CveDict = conf.CveDict
+	Conf.OvalDict = conf.OvalDict
+	Conf.Gost = conf.Gost
+	Conf.Exploit = conf.Exploit

 	d := conf.Default
 	Conf.Default = d
@@ -50,52 +63,78 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) (err error) {
 	}

 	i := 0
-	for name, v := range conf.Servers {
-
+	for serverName, v := range conf.Servers {
 		if 0 < len(v.KeyPassword) {
-			log.Warn("[Deprecated] KEYPASSWORD IN CONFIG FILE ARE UNSECURE. REMOVE THEM IMMEDIATELY FOR A SECURITY REASONS. THEY WILL BE REMOVED IN A FUTURE RELEASE.")
+			return fmt.Errorf("[Deprecated] KEYPASSWORD IN CONFIG FILE ARE UNSECURE. REMOVE THEM IMMEDIATELY FOR A SECURITY REASONS. THEY WILL BE REMOVED IN A FUTURE RELEASE: %s", serverName)
 		}

-		s := ServerInfo{ServerName: name}
+		s := ServerInfo{ServerName: serverName}
+		if v.Type != ServerTypePseudo {
+			s.Host = v.Host
+			if len(s.Host) == 0 {
+				return fmt.Errorf("%s is invalid. host is empty", serverName)
+			}

-		switch {
-		case v.User != "":
-			s.User = v.User
-		case d.User != "":
-			s.User = d.User
-		default:
-			return fmt.Errorf("%s is invalid. User is empty", name)
-		}
+			switch {
+			case v.Port != "":
+				s.Port = v.Port
+			case d.Port != "":
+				s.Port = d.Port
+			default:
+				s.Port = "22"
+			}

-		s.Host = v.Host
-		if s.Host == "" {
-			return fmt.Errorf("%s is invalid. host is empty", name)
-		}
+			switch {
+			case v.User != "":
+				s.User = v.User
+			case d.User != "":
+				s.User = d.User
+			default:
+				if s.Port != "local" {
+					return fmt.Errorf("%s is invalid. User is empty", serverName)
+				}
+			}

-		switch {
-		case v.Port != "":
-			s.Port = v.Port
-		case d.Port != "":
-			s.Port = d.Port
-		default:
-			s.Port = "22"
-		}
+			s.KeyPath = v.KeyPath
+			if len(s.KeyPath) == 0 {
+				s.KeyPath = d.KeyPath
+			}
+			if s.KeyPath != "" {
+				if _, err := os.Stat(s.KeyPath); err != nil {
+					return fmt.Errorf(
+						"%s is invalid. keypath: %s not exists", serverName, s.KeyPath)
+				}
+			}

-		s.KeyPath = v.KeyPath
-		if s.KeyPath == "" {
-			s.KeyPath = d.KeyPath
-		}
-		if s.KeyPath != "" {
-			if _, err := os.Stat(s.KeyPath); err != nil {
-				return fmt.Errorf(
-					"%s is invalid. keypath: %s not exists", name, s.KeyPath)
+			s.KeyPassword = v.KeyPassword
+			if len(s.KeyPassword) == 0 {
+				s.KeyPassword = d.KeyPassword
 			}
 		}

-		//  s.KeyPassword = keyPass
-		s.KeyPassword = v.KeyPassword
-		if s.KeyPassword == "" {
-			s.KeyPassword = d.KeyPassword
+		s.ScanMode = v.ScanMode
+		if len(s.ScanMode) == 0 {
+			s.ScanMode = d.ScanMode
+			if len(s.ScanMode) == 0 {
+				s.ScanMode = []string{"fast"}
+			}
+		}
+		for _, m := range s.ScanMode {
+			switch m {
+			case "fast":
+				s.Mode.Set(Fast)
+			case "fast-root":
+				s.Mode.Set(FastRoot)
+			case "deep":
+				s.Mode.Set(Deep)
+			case "offline":
+				s.Mode.Set(Offline)
+			default:
+				return fmt.Errorf("scanMode: %s of %s is invalie. Specify -fast, -fast-root, -deep or offline", m, serverName)
+			}
+		}
+		if err := s.Mode.validate(); err != nil {
+			return fmt.Errorf("%s in %s", err, serverName)
 		}

 		s.CpeNames = v.CpeNames
@@ -103,32 +142,143 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) (err error) {
 			s.CpeNames = d.CpeNames
 		}

-		s.Containers = v.Containers
-		if len(s.Containers) == 0 {
-			s.Containers = d.Containers
+		for i, n := range s.CpeNames {
+			uri, err := toCpeURI(n)
+			if err != nil {
+				return fmt.Errorf("Failed to parse CPENames %s in %s: %s", n, serverName, err)
+			}
+			s.CpeNames[i] = uri
 		}

-		s.Optional = v.Optional
-		for _, dkv := range d.Optional {
+		s.ContainersIncluded = v.ContainersIncluded
+		if len(s.ContainersIncluded) == 0 {
+			s.ContainersIncluded = d.ContainersIncluded
+		}
+
+		s.ContainersExcluded = v.ContainersExcluded
+		if len(s.ContainersExcluded) == 0 {
+			s.ContainersExcluded = d.ContainersExcluded
+		}
+
+		s.ContainerType = v.ContainerType
+		if len(s.ContainerType) == 0 {
+			s.ContainerType = d.ContainerType
+		}
+
+		s.Containers = v.Containers
+		for contName, cont := range s.Containers {
+			cont.IgnoreCves = append(cont.IgnoreCves, d.IgnoreCves...)
+			s.Containers[contName] = cont
+		}
+
+		if len(v.DependencyCheckXMLPath) != 0 || len(d.DependencyCheckXMLPath) != 0 {
+			return fmt.Errorf("[DEPRECATED] dependencyCheckXMLPath IS DEPRECATED. USE owaspDCXMLPath INSTEAD: %s", serverName)
+		}
+
+		s.OwaspDCXMLPath = v.OwaspDCXMLPath
+		if len(s.OwaspDCXMLPath) == 0 {
+			s.OwaspDCXMLPath = d.OwaspDCXMLPath
+		}
+
+		s.Memo = v.Memo
+		if s.Memo == "" {
+			s.Memo = d.Memo
+		}
+
+		s.IgnoreCves = v.IgnoreCves
+		for _, cve := range d.IgnoreCves {
 			found := false
-			for _, kv := range s.Optional {
-				if dkv[0] == kv[0] {
+			for _, c := range s.IgnoreCves {
+				if cve == c {
 					found = true
 					break
 				}
 			}
 			if !found {
-				s.Optional = append(s.Optional, dkv)
+				s.IgnoreCves = append(s.IgnoreCves, cve)
 			}
 		}

+		s.IgnorePkgsRegexp = v.IgnorePkgsRegexp
+		for _, pkg := range d.IgnorePkgsRegexp {
+			found := false
+			for _, p := range s.IgnorePkgsRegexp {
+				if pkg == p {
+					found = true
+					break
+				}
+			}
+			if !found {
+				s.IgnorePkgsRegexp = append(s.IgnorePkgsRegexp, pkg)
+			}
+		}
+		for _, reg := range s.IgnorePkgsRegexp {
+			_, err := regexp.Compile(reg)
+			if err != nil {
+				return fmt.Errorf("Faild to parse %s in %s. err: %s", reg, serverName, err)
+			}
+		}
+		for contName, cont := range s.Containers {
+			for _, reg := range cont.IgnorePkgsRegexp {
+				_, err := regexp.Compile(reg)
+				if err != nil {
+					return fmt.Errorf("Faild to parse %s in %s@%s. err: %s",
+						reg, contName, serverName, err)
+				}
+			}
+		}
+
+		opt := map[string]interface{}{}
+		for k, v := range d.Optional {
+			opt[k] = v
+		}
+		for k, v := range v.Optional {
+			opt[k] = v
+		}
+		s.Optional = opt
+
+		s.Enablerepo = v.Enablerepo
+		if len(s.Enablerepo) == 0 {
+			s.Enablerepo = d.Enablerepo
+		}
+		if len(s.Enablerepo) != 0 {
+			for _, repo := range s.Enablerepo {
+				switch repo {
+				case "base", "updates":
+					// nop
+				default:
+					return fmt.Errorf(
+						"For now, enablerepo have to be base or updates: %s, servername: %s",
+						s.Enablerepo, serverName)
+				}
+			}
+		}
+
+		s.UUIDs = v.UUIDs
+		s.Type = v.Type
+
 		s.LogMsgAnsiColor = Colors[i%len(Colors)]
 		i++

-		servers[name] = s
+		servers[serverName] = s
 	}
-	log.Debug("Config loaded")
-	log.Debugf("%s", pp.Sprintf("%v", servers))
 	Conf.Servers = servers
-	return
+	return nil
+}
+
+func toCpeURI(cpename string) (string, error) {
+	if strings.HasPrefix(cpename, "cpe:2.3:") {
+		wfn, err := naming.UnbindFS(cpename)
+		if err != nil {
+			return "", err
+		}
+		return naming.BindToURI(wfn), nil
+	} else if strings.HasPrefix(cpename, "cpe:/") {
+		wfn, err := naming.UnbindURI(cpename)
+		if err != nil {
+			return "", err
+		}
+		return naming.BindToURI(wfn), nil
+	}
+	return "", fmt.Errorf("Unknow CPE format: %s", cpename)
 }
--- a/config/tomlloader_test.go
+++ b/config/tomlloader_test.go
@@ -0,0 +1,44 @@
+package config
+
+import (
+	"testing"
+)
+
+func TestToCpeURI(t *testing.T) {
+	var tests = []struct {
+		in       string
+		expected string
+		err      bool
+	}{
+		{
+			in:       "",
+			expected: "",
+			err:      true,
+		},
+		{
+			in:       "cpe:/a:microsoft:internet_explorer:10",
+			expected: "cpe:/a:microsoft:internet_explorer:10",
+			err:      false,
+		},
+		{
+			in:       "cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*",
+			expected: "cpe:/a:microsoft:internet_explorer:10",
+			err:      false,
+		},
+	}
+
+	for i, tt := range tests {
+		actual, err := toCpeURI(tt.in)
+		if err != nil && !tt.err {
+			t.Errorf("[%d] unexpected error occurred, in: %s act: %s, exp: %s",
+				i, tt.in, actual, tt.expected)
+		} else if err == nil && tt.err {
+			t.Errorf("[%d] expected error is not occurred, in: %s act: %s, exp: %s",
+				i, tt.in, actual, tt.expected)
+		}
+		if actual != tt.expected {
+			t.Errorf("[%d] in: %s, actual: %s, expected: %s",
+				i, tt.in, actual, tt.expected)
+		}
+	}
+}
--- a/contrib/owasp-dependency-check/parser/parser.go
+++ b/contrib/owasp-dependency-check/parser/parser.go
@@ -0,0 +1,66 @@
+package parser
+
+import (
+	"encoding/xml"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"strings"
+
+	log "github.com/sirupsen/logrus"
+)
+
+type analysis struct {
+	Dependencies []dependency `xml:"dependencies>dependency"`
+}
+
+type dependency struct {
+	Identifiers []identifier `xml:"identifiers>identifier"`
+}
+
+type identifier struct {
+	Name string `xml:"name"`
+	Type string `xml:"type,attr"`
+}
+
+func appendIfMissing(slice []string, str string) []string {
+	for _, s := range slice {
+		if s == str {
+			return slice
+		}
+	}
+	return append(slice, str)
+}
+
+// Parse parses OWASP dependency check XML and collect list of cpe
+func Parse(path string) ([]string, error) {
+	file, err := os.Open(path)
+	if err != nil {
+		log.Warnf("OWASP Dependency Check XML is not found: %s", path)
+		return []string{}, nil
+	}
+	defer file.Close()
+
+	b, err := ioutil.ReadAll(file)
+	if err != nil {
+		log.Warnf("Failed to read OWASP Dependency Check XML: %s", path)
+		return []string{}, nil
+	}
+
+	var anal analysis
+	if err := xml.Unmarshal(b, &anal); err != nil {
+		return nil, fmt.Errorf("Failed to unmarshal: %s", err)
+	}
+
+	cpes := []string{}
+	for _, d := range anal.Dependencies {
+		for _, ident := range d.Identifiers {
+			if ident.Type == "cpe" {
+				name := strings.TrimPrefix(ident.Name, "(")
+				name = strings.TrimSuffix(name, ")")
+				cpes = appendIfMissing(cpes, name)
+			}
+		}
+	}
+	return cpes, nil
+}
--- a/cveapi/cve_client.go
+++ b/cveapi/cve_client.go
@@ -1,284 +0,0 @@
-/* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-package cveapi
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"sort"
-	"time"
-
-	"github.com/cenkalti/backoff"
-	"github.com/parnurzeal/gorequest"
-
-	log "github.com/Sirupsen/logrus"
-	"github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/util"
-	cveconfig "github.com/kotakanbe/go-cve-dictionary/config"
-	cvedb "github.com/kotakanbe/go-cve-dictionary/db"
-	cve "github.com/kotakanbe/go-cve-dictionary/models"
-)
-
-// CveClient is api client of CVE disctionary service.
-var CveClient cvedictClient
-
-type cvedictClient struct {
-	//  httpProxy string
-	baseURL string
-}
-
-func (api *cvedictClient) initialize() {
-	api.baseURL = config.Conf.CveDictionaryURL
-}
-
-func (api cvedictClient) CheckHealth() (ok bool, err error) {
-	if config.Conf.CveDBPath != "" {
-		log.Debugf("get cve-dictionary from sqlite3")
-		return true, nil
-	}
-
-	api.initialize()
-	url := fmt.Sprintf("%s/health", api.baseURL)
-	var errs []error
-	var resp *http.Response
-	resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
-	if len(errs) > 0 || resp == nil || resp.StatusCode != 200 {
-		return false, fmt.Errorf("Failed to request to CVE server. url: %s, errs: %v", url, errs)
-	}
-	return true, nil
-}
-
-type response struct {
-	Key       string
-	CveDetail cve.CveDetail
-}
-
-func (api cvedictClient) FetchCveDetails(cveIDs []string) (cveDetails cve.CveDetails, err error) {
-	if config.Conf.CveDBPath != "" {
-		return api.FetchCveDetailsFromCveDB(cveIDs)
-	}
-
-	api.baseURL = config.Conf.CveDictionaryURL
-	reqChan := make(chan string, len(cveIDs))
-	resChan := make(chan response, len(cveIDs))
-	errChan := make(chan error, len(cveIDs))
-	defer close(reqChan)
-	defer close(resChan)
-	defer close(errChan)
-
-	go func() {
-		for _, cveID := range cveIDs {
-			reqChan <- cveID
-		}
-	}()
-
-	concurrency := 10
-	tasks := util.GenWorkers(concurrency)
-	for range cveIDs {
-		tasks <- func() {
-			select {
-			case cveID := <-reqChan:
-				url, err := util.URLPathJoin(api.baseURL, "cves", cveID)
-				if err != nil {
-					errChan <- err
-				} else {
-					log.Debugf("HTTP Request to %s", url)
-					api.httpGet(cveID, url, resChan, errChan)
-				}
-			}
-		}
-	}
-
-	timeout := time.After(2 * 60 * time.Second)
-	var errs []error
-	for range cveIDs {
-		select {
-		case res := <-resChan:
-			if len(res.CveDetail.CveID) == 0 {
-				cveDetails = append(cveDetails, cve.CveDetail{
-					CveID: res.Key,
-				})
-			} else {
-				cveDetails = append(cveDetails, res.CveDetail)
-			}
-		case err := <-errChan:
-			errs = append(errs, err)
-		case <-timeout:
-			return []cve.CveDetail{}, fmt.Errorf("Timeout Fetching CVE")
-		}
-	}
-	if len(errs) != 0 {
-		return []cve.CveDetail{},
-			fmt.Errorf("Failed to fetch CVE. err: %v", errs)
-	}
-
-	// order by CVE ID desc
-	sort.Sort(cveDetails)
-	return
-}
-
-func (api cvedictClient) FetchCveDetailsFromCveDB(cveIDs []string) (cveDetails cve.CveDetails, err error) {
-	log.Debugf("open cve-dictionary db")
-	cveconfig.Conf.DBPath = config.Conf.CveDBPath
-	if err := cvedb.OpenDB(); err != nil {
-		return []cve.CveDetail{},
-			fmt.Errorf("Failed to open DB. err: %s", err)
-	}
-	for _, cveID := range cveIDs {
-		cveDetail := cvedb.Get(cveID)
-		if len(cveDetail.CveID) == 0 {
-			cveDetails = append(cveDetails, cve.CveDetail{
-				CveID: cveID,
-			})
-		} else {
-			cveDetails = append(cveDetails, cveDetail)
-		}
-	}
-
-	// order by CVE ID desc
-	sort.Sort(cveDetails)
-	return
-}
-
-func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errChan chan<- error) {
-	var body string
-	var errs []error
-	var resp *http.Response
-	f := func() (err error) {
-		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
-		resp, body, errs = gorequest.New().Get(url).End()
-		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
-			return fmt.Errorf("HTTP GET error: %v, url: %s, resp: %v", errs, url, resp)
-		}
-		return nil
-	}
-	notify := func(err error, t time.Duration) {
-		log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %s", t, err)
-	}
-	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
-	if err != nil {
-		errChan <- fmt.Errorf("HTTP Error %s", err)
-	}
-	cveDetail := cve.CveDetail{}
-	if err := json.Unmarshal([]byte(body), &cveDetail); err != nil {
-		errChan <- fmt.Errorf("Failed to Unmarshall. body: %s, err: %s", body, err)
-	}
-	resChan <- response{
-		key,
-		cveDetail,
-	}
-}
-
-//  func (api cvedictClient) httpGet(key, url string, query map[string]string, resChan chan<- response, errChan chan<- error) {
-
-//      var body string
-//      var errs []error
-//      var resp *http.Response
-//      f := func() (err error) {
-//          req := gorequest.New().SetDebug(true).Proxy(api.httpProxy).Get(url)
-//          for key := range query {
-//              req = req.Query(fmt.Sprintf("%s=%s", key, query[key])).Set("Content-Type", "application/x-www-form-urlencoded")
-//          }
-//          pp.Println(req)
-//          resp, body, errs = req.End()
-//          if len(errs) > 0 || resp.StatusCode != 200 {
-//              errChan <- fmt.Errorf("HTTP error. errs: %v, url: %s", errs, url)
-//          }
-//          return nil
-//      }
-//      notify := func(err error, t time.Duration) {
-//          log.Warnf("Failed to get. retrying in %s seconds. err: %s", t, err)
-//      }
-//      err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
-//      if err != nil {
-//          errChan <- fmt.Errorf("HTTP Error %s", err)
-//      }
-//      //  resChan <- body
-//      cveDetail := cve.CveDetail{}
-//      if err := json.Unmarshal([]byte(body), &cveDetail); err != nil {
-//          errChan <- fmt.Errorf("Failed to Unmarshall. body: %s, err: %s", body, err)
-//      }
-//      resChan <- response{
-//          key,
-//          cveDetail,
-//      }
-//  }
-
-type responseGetCveDetailByCpeName struct {
-	CpeName    string
-	CveDetails []cve.CveDetail
-}
-
-func (api cvedictClient) FetchCveDetailsByCpeName(cpeName string) ([]cve.CveDetail, error) {
-	if config.Conf.CveDBPath != "" {
-		return api.FetchCveDetailsByCpeNameFromDB(cpeName)
-	}
-
-	api.baseURL = config.Conf.CveDictionaryURL
-	url, err := util.URLPathJoin(api.baseURL, "cpes")
-	if err != nil {
-		return []cve.CveDetail{}, err
-	}
-
-	query := map[string]string{"name": cpeName}
-	log.Debugf("HTTP Request to %s, query: %#v", url, query)
-	return api.httpPost(cpeName, url, query)
-}
-
-func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]cve.CveDetail, error) {
-	var body string
-	var errs []error
-	var resp *http.Response
-	f := func() (err error) {
-		req := gorequest.New().SetDebug(config.Conf.Debug).Post(url)
-		for key := range query {
-			req = req.Send(fmt.Sprintf("%s=%s", key, query[key])).Type("json")
-		}
-		resp, body, errs = req.End()
-		if len(errs) > 0 || resp == nil || resp.StatusCode != 200 {
-			return fmt.Errorf("HTTP POST error: %v, url: %s, resp: %v", errs, url, resp)
-		}
-		return nil
-	}
-	notify := func(err error, t time.Duration) {
-		log.Warnf("Failed to HTTP POST. retrying in %s seconds. err: %s", t, err)
-	}
-	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
-	if err != nil {
-		return []cve.CveDetail{}, fmt.Errorf("HTTP Error %s", err)
-	}
-
-	cveDetails := []cve.CveDetail{}
-	if err := json.Unmarshal([]byte(body), &cveDetails); err != nil {
-		return []cve.CveDetail{},
-			fmt.Errorf("Failed to Unmarshall. body: %s, err: %s", body, err)
-	}
-	return cveDetails, nil
-}
-
-func (api cvedictClient) FetchCveDetailsByCpeNameFromDB(cpeName string) ([]cve.CveDetail, error) {
-	log.Debugf("open cve-dictionary db")
-	cveconfig.Conf.DBPath = config.Conf.CveDBPath
-	if err := cvedb.OpenDB(); err != nil {
-		return []cve.CveDetail{},
-			fmt.Errorf("Failed to open DB. err: %s", err)
-	}
-	return cvedb.GetByCpeName(cpeName), nil
-}
--- a/cwe/en.go
+++ b/cwe/en.go
--- a/cwe/ja.go
+++ b/cwe/ja.go
--- a/cwe/owasp.go
+++ b/cwe/owasp.go
@@ -0,0 +1,65 @@
+package cwe
+
+// OwaspTopTen2017 has CWE-ID in OWSP Top 10
+var OwaspTopTen2017 = map[string]string{
+	"77":  "1",
+	"89":  "1",
+	"564": "1",
+	"917": "1",
+
+	"287": "2",
+	"384": "2",
+
+	"220": "3",
+	"310": "3",
+	"312": "3",
+	"319": "3",
+	"326": "3",
+	"359": "3",
+
+	"611": "4",
+
+	"22":  "5",
+	"284": "5",
+	"285": "5",
+	"639": "5",
+
+	"2":   "6",
+	"16":  "6",
+	"388": "6",
+
+	"79": "7",
+
+	"502": "8",
+
+	"223": "10",
+	"778": "10",
+}
+
+// OwaspTopTen2017GitHubURLEn has GitHub links
+var OwaspTopTen2017GitHubURLEn = map[string]string{
+	"1":  "https://github.com/OWASP/Top10/blob/master/2017/en/0xa1-injection.md",
+	"2":  "https://github.com/OWASP/Top10/blob/master/2017/en/0xa2-broken-authentication.md",
+	"3":  "https://github.com/OWASP/Top10/blob/master/2017/en/0xa3-sensitive-data-disclosure.md",
+	"4":  "https://github.com/OWASP/Top10/blob/master/2017/en/0xa4-xxe.md",
+	"5":  "https://github.com/OWASP/Top10/blob/master/2017/en/0xa5-broken-access-control.md",
+	"6":  "https://github.com/OWASP/Top10/blob/master/2017/en/0xa6-security-misconfiguration.md",
+	"7":  "https://github.com/OWASP/Top10/blob/master/2017/en/0xa7-xss.md",
+	"8":  "https://github.com/OWASP/Top10/blob/master/2017/en/0xa8-insecure-deserialization.md",
+	"9":  "https://github.com/OWASP/Top10/blob/master/2017/en/0xa9-known-vulns.md<Paste>",
+	"10": "https://github.com/OWASP/Top10/blob/master/2017/en/0xaa-logging-detection-response.md",
+}
+
+// OwaspTopTen2017GitHubURLJa has GitHub links
+var OwaspTopTen2017GitHubURLJa = map[string]string{
+	"1":  "https://github.com/OWASP/Top10/blob/master/2017/ja/0xa1-injection.md",
+	"2":  "https://github.com/OWASP/Top10/blob/master/2017/ja/0xa2-broken-authentication.md",
+	"3":  "https://github.com/OWASP/Top10/blob/master/2017/ja/0xa3-sensitive-data-disclosure.md",
+	"4":  "https://github.com/OWASP/Top10/blob/master/2017/ja/0xa4-xxe.md",
+	"5":  "https://github.com/OWASP/Top10/blob/master/2017/ja/0xa5-broken-access-control.md",
+	"6":  "https://github.com/OWASP/Top10/blob/master/2017/ja/0xa6-security-misconfiguration.md",
+	"7":  "https://github.com/OWASP/Top10/blob/master/2017/ja/0xa7-xss.md",
+	"8":  "https://github.com/OWASP/Top10/blob/master/2017/ja/0xa8-insecure-deserialization.md",
+	"9":  "https://github.com/OWASP/Top10/blob/master/2017/ja/0xa9-known-vulns.md<Paste>",
+	"10": "https://github.com/OWASP/Top10/blob/master/2017/ja/0xaa-logging-detection-response.md",
+}
--- a/db/db.go
+++ b/db/db.go
@@ -1,324 +0,0 @@
-/* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-package db
-
-import (
-	"fmt"
-	"sort"
-	"strconv"
-	"time"
-
-	"github.com/future-architect/vuls/config"
-	m "github.com/future-architect/vuls/models"
-	"github.com/jinzhu/gorm"
-	cvedb "github.com/kotakanbe/go-cve-dictionary/db"
-	cve "github.com/kotakanbe/go-cve-dictionary/models"
-)
-
-var db *gorm.DB
-
-// OpenDB opens Database
-func OpenDB() (err error) {
-	db, err = gorm.Open("sqlite3", config.Conf.DBPath)
-	if err != nil {
-		err = fmt.Errorf("Failed to open DB. datafile: %s, err: %s", config.Conf.DBPath, err)
-		return
-
-	}
-	db.LogMode(config.Conf.DebugSQL)
-	return
-}
-
-// MigrateDB migrates Database
-func MigrateDB() error {
-	if err := db.AutoMigrate(
-		&m.ScanHistory{},
-		&m.ScanResult{},
-		//  &m.NWLink{},
-		&m.Container{},
-		&m.CveInfo{},
-		&m.CpeName{},
-		&m.PackageInfo{},
-		&m.DistroAdvisory{},
-		&cve.CveDetail{},
-		&cve.Jvn{},
-		&cve.Nvd{},
-		&cve.Reference{},
-		&cve.Cpe{},
-	).Error; err != nil {
-		return fmt.Errorf("Failed to migrate. err: %s", err)
-	}
-
-	errMsg := "Failed to create index. err: %s"
-	//  if err := db.Model(&m.NWLink{}).
-	//      AddIndex("idx_n_w_links_scan_result_id", "scan_result_id").Error; err != nil {
-	//      return fmt.Errorf(errMsg, err)
-	//  }
-	if err := db.Model(&m.Container{}).
-		AddIndex("idx_containers_scan_result_id", "scan_result_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&m.CveInfo{}).
-		AddIndex("idx_cve_infos_scan_result_id", "scan_result_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&m.CpeName{}).
-		AddIndex("idx_cpe_names_cve_info_id", "cve_info_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&m.PackageInfo{}).
-		AddIndex("idx_package_infos_cve_info_id", "cve_info_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&m.DistroAdvisory{}).
-		//TODO check table name
-		AddIndex("idx_distro_advisories_cve_info_id", "cve_info_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&cve.CveDetail{}).
-		AddIndex("idx_cve_details_cve_info_id", "cve_info_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&cve.CveDetail{}).
-		AddIndex("idx_cve_details_cveid", "cve_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&cve.Nvd{}).
-		AddIndex("idx_nvds_cve_detail_id", "cve_detail_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&cve.Jvn{}).
-		AddIndex("idx_jvns_cve_detail_id", "cve_detail_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&cve.Cpe{}).
-		AddIndex("idx_cpes_jvn_id", "jvn_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&cve.Reference{}).
-		AddIndex("idx_references_jvn_id", "jvn_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&cve.Cpe{}).
-		AddIndex("idx_cpes_nvd_id", "nvd_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-	if err := db.Model(&cve.Reference{}).
-		AddIndex("idx_references_nvd_id", "nvd_id").Error; err != nil {
-		return fmt.Errorf(errMsg, err)
-	}
-
-	return nil
-}
-
-// Insert inserts scan results into DB
-func Insert(results []m.ScanResult) error {
-	for _, r := range results {
-		r.KnownCves = resetGormIDs(r.KnownCves)
-		r.UnknownCves = resetGormIDs(r.UnknownCves)
-	}
-
-	history := m.ScanHistory{
-		ScanResults: results,
-		ScannedAt:   time.Now(),
-	}
-
-	db = db.Set("gorm:save_associations", false)
-	if err := db.Create(&history).Error; err != nil {
-		return err
-	}
-	for _, scanResult := range history.ScanResults {
-		scanResult.ScanHistoryID = history.ID
-		if err := db.Create(&scanResult).Error; err != nil {
-			return err
-		}
-		scanResult.Container.ScanResultID = scanResult.ID
-		if err := db.Create(&scanResult.Container).Error; err != nil {
-			return err
-		}
-		if err := insertCveInfos(scanResult.ID, scanResult.KnownCves); err != nil {
-			return err
-		}
-		if err := insertCveInfos(scanResult.ID, scanResult.UnknownCves); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func insertCveInfos(scanResultID uint, infos []m.CveInfo) error {
-	for _, cveInfo := range infos {
-		cveInfo.ScanResultID = scanResultID
-		if err := db.Create(&cveInfo).Error; err != nil {
-			return err
-		}
-
-		for _, pack := range cveInfo.Packages {
-			pack.CveInfoID = cveInfo.ID
-			if err := db.Create(&pack).Error; err != nil {
-				return err
-			}
-		}
-
-		for _, distroAdvisory := range cveInfo.DistroAdvisories {
-			distroAdvisory.CveInfoID = cveInfo.ID
-			if err := db.Create(&distroAdvisory).Error; err != nil {
-				return err
-			}
-		}
-
-		for _, cpeName := range cveInfo.CpeNames {
-			cpeName.CveInfoID = cveInfo.ID
-			if err := db.Create(&cpeName).Error; err != nil {
-				return err
-			}
-		}
-
-		db = db.Set("gorm:save_associations", true)
-		cveDetail := cveInfo.CveDetail
-		cveDetail.CveInfoID = cveInfo.ID
-		if err := db.Create(&cveDetail).Error; err != nil {
-			return err
-		}
-		db = db.Set("gorm:save_associations", false)
-	}
-	return nil
-}
-
-func resetGormIDs(infos []m.CveInfo) []m.CveInfo {
-	for i := range infos {
-		infos[i].CveDetail.ID = 0
-		// NVD
-		infos[i].CveDetail.Nvd.ID = 0
-		for j := range infos[i].CveDetail.Nvd.Cpes {
-			infos[i].CveDetail.Nvd.Cpes[j].ID = 0
-		}
-		for j := range infos[i].CveDetail.Nvd.References {
-			infos[i].CveDetail.Nvd.References[j].ID = 0
-		}
-
-		// JVN
-		infos[i].CveDetail.Jvn.ID = 0
-		for j := range infos[i].CveDetail.Jvn.Cpes {
-			infos[i].CveDetail.Jvn.Cpes[j].ID = 0
-		}
-		for j := range infos[i].CveDetail.Jvn.References {
-			infos[i].CveDetail.Jvn.References[j].ID = 0
-		}
-
-		//Packages
-		for j := range infos[i].Packages {
-			infos[i].Packages[j].ID = 0
-			infos[i].Packages[j].CveInfoID = 0
-		}
-	}
-	return infos
-}
-
-// SelectScanHistory select scan history from DB
-func SelectScanHistory(historyID string) (m.ScanHistory, error) {
-	var err error
-
-	scanHistory := m.ScanHistory{}
-	if historyID == "" {
-		// select latest
-		db.Order("scanned_at desc").First(&scanHistory)
-	} else {
-		var id int
-		if id, err = strconv.Atoi(historyID); err != nil {
-			return m.ScanHistory{},
-				fmt.Errorf("historyID have to be numeric number: %s", err)
-		}
-		db.First(&scanHistory, id)
-	}
-
-	if scanHistory.ID == 0 {
-		return m.ScanHistory{}, fmt.Errorf("No scanHistory records")
-	}
-
-	//  results := []m.ScanResult{}
-	results := m.ScanResults{}
-	db.Model(&scanHistory).Related(&results, "ScanResults")
-	scanHistory.ScanResults = results
-
-	for i, r := range results {
-		//  nw := []m.NWLink{}
-		//  db.Model(&r).Related(&nw, "NWLinks")
-		//  scanHistory.ScanResults[i].NWLinks = nw
-
-		di := m.Container{}
-		db.Model(&r).Related(&di, "Container")
-		scanHistory.ScanResults[i].Container = di
-
-		knownCves := selectCveInfos(&r, "KnownCves")
-		sort.Sort(m.CveInfos(knownCves))
-		scanHistory.ScanResults[i].KnownCves = knownCves
-	}
-
-	sort.Sort(scanHistory.ScanResults)
-	return scanHistory, nil
-}
-
-func selectCveInfos(result *m.ScanResult, fieldName string) []m.CveInfo {
-	cveInfos := []m.CveInfo{}
-	db.Model(&result).Related(&cveInfos, fieldName)
-
-	for i, cveInfo := range cveInfos {
-		cveDetail := cve.CveDetail{}
-		db.Model(&cveInfo).Related(&cveDetail, "CveDetail")
-		id := cveDetail.CveID
-		filledCveDetail := cvedb.Get(id, db)
-		cveInfos[i].CveDetail = filledCveDetail
-
-		packs := []m.PackageInfo{}
-		db.Model(&cveInfo).Related(&packs, "Packages")
-		cveInfos[i].Packages = packs
-
-		advisories := []m.DistroAdvisory{}
-		db.Model(&cveInfo).Related(&advisories, "DistroAdvisories")
-		cveInfos[i].DistroAdvisories = advisories
-
-		names := []m.CpeName{}
-		db.Model(&cveInfo).Related(&names, "CpeNames")
-		cveInfos[i].CpeNames = names
-	}
-	return cveInfos
-}
-
-// SelectScanHistories select latest scan history from DB
-func SelectScanHistories() ([]m.ScanHistory, error) {
-	scanHistories := []m.ScanHistory{}
-	db.Order("scanned_at desc").Find(&scanHistories)
-
-	if len(scanHistories) == 0 {
-		return []m.ScanHistory{}, fmt.Errorf("No scanHistory records")
-	}
-
-	for i, history := range scanHistories {
-		results := m.ScanResults{}
-		db.Model(&history).Related(&results, "ScanResults")
-		scanHistories[i].ScanResults = results
-
-		for j, r := range results {
-			di := m.Container{}
-			db.Model(&r).Related(&di, "Container")
-			scanHistories[i].ScanResults[j].Container = di
-		}
-	}
-	return scanHistories, nil
-}
--- a/exploit/exploit.go
+++ b/exploit/exploit.go
@@ -0,0 +1,131 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package exploit
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+
+	cnf "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	"github.com/mozqnet/go-exploitdb/db"
+	exploitmodels "github.com/mozqnet/go-exploitdb/models"
+	"github.com/parnurzeal/gorequest"
+)
+
+// FillWithExploit fills exploit information that has in Exploit
+func FillWithExploit(driver db.DB, r *models.ScanResult) (nExploitCve int, err error) {
+	if cnf.Conf.Exploit.IsFetchViaHTTP() {
+		var cveIDs []string
+		for cveID := range r.ScannedCves {
+			cveIDs = append(cveIDs, cveID)
+		}
+		prefix, _ := util.URLPathJoin(cnf.Conf.Exploit.URL, "cves")
+		responses, err := getCvesViaHTTP(cveIDs, prefix)
+		if err != nil {
+			return 0, err
+		}
+		for _, res := range responses {
+			exps := []*exploitmodels.Exploit{}
+			if err := json.Unmarshal([]byte(res.json), &exps); err != nil {
+				return 0, err
+			}
+			exploits := ConvertToModels(exps)
+			v, ok := r.ScannedCves[res.request.cveID]
+			if ok {
+				v.Exploits = exploits
+			}
+			r.ScannedCves[res.request.cveID] = v
+			nExploitCve++
+		}
+	} else {
+		if driver == nil {
+			return 0, nil
+		}
+		for cveID, vuln := range r.ScannedCves {
+			es := driver.GetExploitByCveID(cveID)
+			if len(es) == 0 {
+				continue
+			}
+			exploits := ConvertToModels(es)
+			vuln.Exploits = exploits
+			r.ScannedCves[cveID] = vuln
+			nExploitCve++
+		}
+	}
+	return nExploitCve, nil
+}
+
+// ConvertToModels converts gost model to vuls model
+func ConvertToModels(es []*exploitmodels.Exploit) (exploits []models.Exploit) {
+	for _, e := range es {
+		var documentURL, shellURL *string
+		if e.OffensiveSecurity != nil {
+			os := e.OffensiveSecurity
+			if os.Document != nil {
+				documentURL = &os.Document.DocumentURL
+			}
+			if os.ShellCode != nil {
+				shellURL = &os.ShellCode.ShellCodeURL
+			}
+		}
+		exploit := models.Exploit{
+			ExploitType:  e.ExploitType,
+			ID:           e.ExploitUniqueID,
+			URL:          e.URL,
+			Description:  e.Description,
+			DocumentURL:  documentURL,
+			ShellCodeURL: shellURL,
+		}
+		exploits = append(exploits, exploit)
+	}
+	return exploits
+}
+
+// CheckHTTPHealth do health check
+func CheckHTTPHealth() error {
+	if !cnf.Conf.Exploit.IsFetchViaHTTP() {
+		return nil
+	}
+
+	url := fmt.Sprintf("%s/health", cnf.Conf.Exploit.URL)
+	var errs []error
+	var resp *http.Response
+	resp, _, errs = gorequest.New().Get(url).End()
+	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return fmt.Errorf("Failed to connect to exploit server. url: %s, errs: %v",
+			url, errs)
+	}
+	return nil
+}
+
+// CheckIfExploitFetched checks if oval entries are in DB by family, release.
+func CheckIfExploitFetched(driver db.DB, osFamily string) (fetched bool, err error) {
+	//TODO
+	return true, nil
+}
+
+// CheckIfExploitFresh checks if oval entries are fresh enough
+func CheckIfExploitFresh(driver db.DB, osFamily string) (ok bool, err error) {
+	//TODO
+	return true, nil
+}
--- a/exploit/exploit_test.go
+++ b/exploit/exploit_test.go
@@ -0,0 +1,8 @@
+package exploit
+
+import (
+	"testing"
+)
+
+func TestSetPackageStates(t *testing.T) {
+}
--- a/exploit/util.go
+++ b/exploit/util.go
@@ -0,0 +1,133 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package exploit
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/cenkalti/backoff"
+	"github.com/future-architect/vuls/util"
+	"github.com/parnurzeal/gorequest"
+)
+
+type response struct {
+	request request
+	json    string
+}
+
+func getCvesViaHTTP(cveIDs []string, urlPrefix string) (
+	responses []response, err error) {
+	nReq := len(cveIDs)
+	reqChan := make(chan request, nReq)
+	resChan := make(chan response, nReq)
+	errChan := make(chan error, nReq)
+	defer close(reqChan)
+	defer close(resChan)
+	defer close(errChan)
+
+	go func() {
+		for _, cveID := range cveIDs {
+			reqChan <- request{
+				cveID: cveID,
+			}
+		}
+	}()
+
+	concurrency := 10
+	tasks := util.GenWorkers(concurrency)
+	for i := 0; i < nReq; i++ {
+		tasks <- func() {
+			select {
+			case req := <-reqChan:
+				url, err := util.URLPathJoin(
+					urlPrefix,
+					req.cveID,
+				)
+				if err != nil {
+					errChan <- err
+				} else {
+					util.Log.Debugf("HTTP Request to %s", url)
+					httpGet(url, req, resChan, errChan)
+				}
+			}
+		}
+	}
+
+	timeout := time.After(2 * 60 * time.Second)
+	var errs []error
+	for i := 0; i < nReq; i++ {
+		select {
+		case res := <-resChan:
+			responses = append(responses, res)
+		case err := <-errChan:
+			errs = append(errs, err)
+		case <-timeout:
+			return nil, fmt.Errorf("Timeout Fetching OVAL")
+		}
+	}
+	if len(errs) != 0 {
+		return nil, fmt.Errorf("Failed to fetch OVAL. err: %v", errs)
+	}
+	return
+}
+
+type request struct {
+	osMajorVersion string
+	packName       string
+	isSrcPack      bool
+	cveID          string
+}
+
+func httpGet(url string, req request, resChan chan<- response, errChan chan<- error) {
+	var body string
+	var errs []error
+	var resp *http.Response
+	count, retryMax := 0, 3
+	f := func() (err error) {
+		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+		resp, body, errs = gorequest.New().Get(url).End()
+		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+			count++
+			if count == retryMax {
+				return nil
+			}
+			return fmt.Errorf("HTTP GET error: %v, url: %s, resp: %v",
+				errs, url, resp)
+		}
+		return nil
+	}
+	notify := func(err error, t time.Duration) {
+		util.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %s", t, err)
+	}
+	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
+	if err != nil {
+		errChan <- fmt.Errorf("HTTP Error %s", err)
+		return
+	}
+	if count == retryMax {
+		errChan <- fmt.Errorf("HRetry count exceeded")
+		return
+	}
+
+	resChan <- response{
+		request: req,
+		json:    body,
+	}
+}
--- a/glide.lock
+++ b/glide.lock
@@ -1,117 +0,0 @@
-hash: 9683c87b3cf998e7fac1b12c4a94bf2bd18cb5422e9108539811546e703a439a
-updated: 2016-07-12T16:20:45.462913061+09:00
-imports:
- name: github.com/asaskevich/govalidator
-  version: df81827fdd59d8b4fb93d8910b286ab7a3919520
- name: github.com/aws/aws-sdk-go
-  version: 90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6
-  subpackages:
-  - aws
-  - aws/credentials
-  - aws/session
-  - service/s3
-  - aws/awserr
-  - aws/client
-  - aws/corehandlers
-  - aws/defaults
-  - aws/request
-  - private/endpoints
-  - aws/awsutil
-  - aws/client/metadata
-  - aws/signer/v4
-  - private/protocol
-  - private/protocol/restxml
-  - private/waiter
-  - aws/credentials/ec2rolecreds
-  - aws/ec2metadata
-  - private/protocol/rest
-  - private/protocol/query
-  - private/protocol/xml/xmlutil
-  - private/protocol/query/queryutil
- name: github.com/Azure/azure-sdk-for-go
-  version: 58a13e378daf3b06e65925397185684b16321111
-  subpackages:
-  - storage
- name: github.com/BurntSushi/toml
-  version: ffaa107fbd880f6d18cd6fec9b511668dcad8639
- name: github.com/cenkalti/backoff
-  version: cdf48bbc1eb78d1349cbda326a4a037f7ba565c6
- name: github.com/cheggaaa/pb
-  version: 04b234c80d661c663dbcebd52fc7218fdacc6d0c
- name: github.com/go-ini/ini
-  version: cf53f9204df4fbdd7ec4164b57fa6184ba168292
- name: github.com/google/subcommands
-  version: 1c7173745a6001f67d8d96ab4e178284c77f7759
- name: github.com/gosuri/uitable
-  version: 36ee7e946282a3fb1cfecd476ddc9b35d8847e42
-  subpackages:
-  - util/strutil
-  - util/wordwrap
- name: github.com/howeyc/gopass
-  version: 66487b23f2880ba32e185121d2cd51a338ea069a
- name: github.com/jinzhu/gorm
-  version: 613c0655691abb7691b70c5fda80a716d9e20b1b
- name: github.com/jinzhu/inflection
-  version: 8f4d3a0d04ce0b7c0cf3126fb98524246d00d102
- name: github.com/jmespath/go-jmespath
-  version: 0b12d6b521d83fc7f755e7cfc1b1fbdd35a01a74
- name: github.com/jroimartin/gocui
-  version: 2dcda558bf18ec07c7065bf1eaf071b5305f7c0c
- name: github.com/k0kubun/pp
-  version: f5dce6ed0ccf6c350f1679964ff6b61f3d6d2033
- name: github.com/kotakanbe/go-cve-dictionary
-  version: 1a336b8ac785badfe89a175ee926d39574901232
-  subpackages:
-  - config
-  - db
-  - models
-  - log
-  - jvn
-  - nvd
- name: github.com/kotakanbe/go-pingscanner
-  version: 58e188a3e4f6ab1a6371e33421e4502e26fa1e80
- name: github.com/kotakanbe/logrus-prefixed-formatter
-  version: f4f7d41649cf1e75e736884da8d05324aa76ea25
- name: github.com/mattn/go-colorable
-  version: 9056b7a9f2d1f2d96498d6d146acd1f9d5ed3d59
- name: github.com/mattn/go-isatty
-  version: 56b76bdf51f7708750eac80fa38b952bb9f32639
- name: github.com/mattn/go-runewidth
-  version: d6bea18f789704b5f83375793155289da36a3c7f
- name: github.com/mattn/go-sqlite3
-  version: 38ee283dabf11c9cbdb968eebd79b1fa7acbabe6
- name: github.com/mgutz/ansi
-  version: c286dcecd19ff979eeb73ea444e479b903f2cfcb
- name: github.com/moul/http2curl
-  version: b1479103caacaa39319f75e7f57fc545287fca0d
- name: github.com/nsf/termbox-go
-  version: c45773466a30b680355d6494cc8826113c93cd0f
- name: github.com/parnurzeal/gorequest
-  version: 6e8ad4ebdee4bec2934ed5afaaa1c7b877832a17
- name: github.com/rifflock/lfshook
-  version: 05a24e24fa8d3a2eca8c2baf23aa2d5a2c51490c
- name: github.com/Sirupsen/logrus
-  version: f3cfb454f4c209e6668c95216c4744b8fddb2356
- name: golang.org/x/crypto
-  version: c2f4947f41766b144bb09066e919466da5eddeae
-  subpackages:
-  - ssh
-  - ssh/agent
-  - ssh/terminal
-  - curve25519
-  - ed25519
-  - ed25519/internal/edwards25519
- name: golang.org/x/net
-  version: f841c39de738b1d0df95b5a7187744f0e03d8112
-  subpackages:
-  - context
-  - publicsuffix
- name: golang.org/x/sys
-  version: a408501be4d17ee978c04a618e7a1b22af058c0e
-  subpackages:
-  - unix
- name: gopkg.in/alexcesaro/quotedprintable.v3
-  version: 2caba252f4dc53eaf6b553000885530023f54623
- name: gopkg.in/gomail.v2
-  version: 81ebce5c23dfd25c6c67194b37d3dd3f338c98b1
-devImports: []
--- a/glide.yaml
+++ b/glide.yaml
@@ -1,39 +0,0 @@
-package: github.com/future-architect/vuls
-import:
- package: github.com/Azure/azure-sdk-for-go
-  subpackages:
-  - storage
- package: github.com/BurntSushi/toml
- package: github.com/Sirupsen/logrus
- package: github.com/asaskevich/govalidator
- package: github.com/aws/aws-sdk-go
-  subpackages:
-  - aws
-  - aws/credentials
-  - aws/session
-  - service/s3
- package: github.com/cenkalti/backoff
- package: github.com/google/subcommands
- package: github.com/gosuri/uitable
- package: github.com/howeyc/gopass
- package: github.com/jinzhu/gorm
- package: github.com/jroimartin/gocui
- package: github.com/k0kubun/pp
- package: github.com/kotakanbe/go-cve-dictionary
-  subpackages:
-  - config
-  - db
-  - models
- package: github.com/kotakanbe/go-pingscanner
- package: github.com/kotakanbe/logrus-prefixed-formatter
- package: github.com/mattn/go-sqlite3
- package: github.com/parnurzeal/gorequest
- package: github.com/rifflock/lfshook
- package: golang.org/x/crypto
-  subpackages:
-  - ssh
-  - ssh/agent
- package: golang.org/x/net
-  subpackages:
-  - context
- package: gopkg.in/gomail.v2
--- a/gost/debian.go
+++ b/gost/debian.go
@@ -0,0 +1,182 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package gost
+
+import (
+	"encoding/json"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	"github.com/knqyf263/gost/db"
+	gostmodels "github.com/knqyf263/gost/models"
+)
+
+// Debian is Gost client for Debian GNU/Linux
+type Debian struct {
+	Base
+}
+
+type packCves struct {
+	packName  string
+	isSrcPack bool
+	cves      []models.CveContent
+}
+
+// FillWithGost fills cve information that has in Gost
+func (deb Debian) FillWithGost(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+	linuxImage := "linux-image-" + r.RunningKernel.Release
+	// Add linux and set the version of running kernel to search OVAL.
+	if r.Container.ContainerID == "" {
+		newVer := ""
+		if p, ok := r.Packages[linuxImage]; ok {
+			newVer = p.NewVersion
+		}
+		r.Packages["linux"] = models.Package{
+			Name:       "linux",
+			Version:    r.RunningKernel.Version,
+			NewVersion: newVer,
+		}
+	}
+
+	packCvesList := []packCves{}
+	if config.Conf.Gost.IsFetchViaHTTP() {
+		url, _ := util.URLPathJoin(config.Conf.Gost.URL, "debian", major(r.Release), "pkgs")
+		responses, err := getAllUnfixedCvesViaHTTP(r, url)
+		if err != nil {
+			return 0, err
+		}
+
+		for _, res := range responses {
+			debCves := map[string]gostmodels.DebianCVE{}
+			if err := json.Unmarshal([]byte(res.json), &debCves); err != nil {
+				return 0, err
+			}
+			cves := []models.CveContent{}
+			for _, debcve := range debCves {
+				cves = append(cves, *deb.ConvertToModel(&debcve))
+			}
+			packCvesList = append(packCvesList, packCves{
+				packName:  res.request.packName,
+				isSrcPack: res.request.isSrcPack,
+				cves:      cves,
+			})
+		}
+	} else {
+		if driver == nil {
+			return 0, nil
+		}
+		for _, pack := range r.Packages {
+			cveDebs := driver.GetUnfixedCvesDebian(major(r.Release), pack.Name)
+			cves := []models.CveContent{}
+			for _, cveDeb := range cveDebs {
+				cves = append(cves, *deb.ConvertToModel(&cveDeb))
+			}
+			packCvesList = append(packCvesList, packCves{
+				packName:  pack.Name,
+				isSrcPack: false,
+				cves:      cves,
+			})
+		}
+
+		// SrcPack
+		for _, pack := range r.SrcPackages {
+			cveDebs := driver.GetUnfixedCvesDebian(major(r.Release), pack.Name)
+			cves := []models.CveContent{}
+			for _, cveDeb := range cveDebs {
+				cves = append(cves, *deb.ConvertToModel(&cveDeb))
+			}
+			packCvesList = append(packCvesList, packCves{
+				packName:  pack.Name,
+				isSrcPack: true,
+				cves:      cves,
+			})
+		}
+	}
+
+	delete(r.Packages, "linux")
+
+	for _, p := range packCvesList {
+		for _, cve := range p.cves {
+			v, ok := r.ScannedCves[cve.CveID]
+			if ok {
+				if v.CveContents == nil {
+					v.CveContents = models.NewCveContents(cve)
+				} else {
+					v.CveContents[models.DebianSecurityTracker] = cve
+				}
+			} else {
+				v = models.VulnInfo{
+					CveID:       cve.CveID,
+					CveContents: models.NewCveContents(cve),
+					Confidences: models.Confidences{models.DebianSecurityTrackerMatch},
+				}
+				nCVEs++
+			}
+
+			names := []string{}
+			if p.isSrcPack {
+				if srcPack, ok := r.SrcPackages[p.packName]; ok {
+					for _, binName := range srcPack.BinaryNames {
+						if _, ok := r.Packages[binName]; ok {
+							names = append(names, binName)
+						}
+					}
+				}
+			} else {
+				if p.packName == "linux" {
+					names = append(names, linuxImage)
+				} else {
+					names = append(names, p.packName)
+				}
+			}
+
+			for _, name := range names {
+				v.AffectedPackages = v.AffectedPackages.Store(models.PackageStatus{
+					Name:        name,
+					FixState:    "open",
+					NotFixedYet: true,
+				})
+			}
+			r.ScannedCves[cve.CveID] = v
+		}
+	}
+	return nCVEs, nil
+}
+
+// ConvertToModel converts gost model to vuls model
+func (deb Debian) ConvertToModel(cve *gostmodels.DebianCVE) *models.CveContent {
+	severity := ""
+	for _, p := range cve.Package {
+		for _, r := range p.Release {
+			severity = r.Urgency
+			break
+		}
+	}
+	return &models.CveContent{
+		Type:          models.DebianSecurityTracker,
+		CveID:         cve.CveID,
+		Summary:       cve.Description,
+		Cvss2Severity: severity,
+		Cvss3Severity: severity,
+		SourceLink:    "https://security-tracker.debian.org/tracker/" + cve.CveID,
+		Optional: map[string]string{
+			"attack range": cve.Scope,
+		},
+	}
+}
--- a/gost/gost.go
+++ b/gost/gost.go
@@ -0,0 +1,104 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package gost
+
+import (
+	"fmt"
+	"net/http"
+	"strings"
+
+	cnf "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/knqyf263/gost/db"
+	"github.com/parnurzeal/gorequest"
+)
+
+// Client is the interface of OVAL client.
+type Client interface {
+	FillWithGost(db.DB, *models.ScanResult) (int, error)
+
+	//TODO implement
+	// CheckHTTPHealth() error
+	// CheckIfGostFetched checks if Gost entries are fetched
+	// CheckIfGostFetched(db.DB, string, string) (bool, error)
+	// CheckIfGostFresh(db.DB, string, string) (bool, error)
+}
+
+// NewClient make Client by family
+func NewClient(family string) Client {
+	switch family {
+	case cnf.RedHat, cnf.CentOS:
+		return RedHat{}
+	case cnf.Debian:
+		return Debian{}
+	case cnf.Windows:
+		return Microsoft{}
+	default:
+		return Pseudo{}
+	}
+}
+
+// Base is a base struct
+type Base struct {
+	family string
+}
+
+// CheckHTTPHealth do health check
+func (b Base) CheckHTTPHealth() error {
+	if !cnf.Conf.Gost.IsFetchViaHTTP() {
+		return nil
+	}
+
+	url := fmt.Sprintf("%s/health", cnf.Conf.Gost.URL)
+	var errs []error
+	var resp *http.Response
+	resp, _, errs = gorequest.New().Get(url).End()
+	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return fmt.Errorf("Failed to connect to gost server. url: %s, errs: %v",
+			url, errs)
+	}
+	return nil
+}
+
+// CheckIfGostFetched checks if oval entries are in DB by family, release.
+func (b Base) CheckIfGostFetched(driver db.DB, osFamily string) (fetched bool, err error) {
+	//TODO
+	return true, nil
+}
+
+// CheckIfGostFresh checks if oval entries are fresh enough
+func (b Base) CheckIfGostFresh(driver db.DB, osFamily string) (ok bool, err error) {
+	//TODO
+	return true, nil
+}
+
+// Pseudo is Gost client except for RedHat family and Debian
+type Pseudo struct {
+	Base
+}
+
+// FillWithGost fills cve information that has in Gost
+func (pse Pseudo) FillWithGost(driver db.DB, r *models.ScanResult) (int, error) {
+	return 0, nil
+}
+
+func major(osVer string) (majorVersion string) {
+	return strings.Split(osVer, ".")[0]
+}
--- a/gost/gost_test.go
+++ b/gost/gost_test.go
@@ -0,0 +1,129 @@
+package gost
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/future-architect/vuls/models"
+	gostmodels "github.com/knqyf263/gost/models"
+)
+
+func TestSetPackageStates(t *testing.T) {
+	var tests = []struct {
+		pkgstats  []gostmodels.RedhatPackageState
+		installed models.Packages
+		release   string
+		in        models.VulnInfo
+		out       models.PackageStatuses
+	}{
+
+		//0 one
+		{
+			pkgstats: []gostmodels.RedhatPackageState{
+				{
+					FixState:    "Will not fix",
+					PackageName: "bouncycastle",
+					Cpe:         "cpe:/o:redhat:enterprise_linux:7",
+				},
+			},
+			installed: models.Packages{
+				"bouncycastle": models.Package{},
+			},
+			release: "7",
+			in:      models.VulnInfo{},
+			out: []models.PackageStatus{
+				{
+					Name:        "bouncycastle",
+					FixState:    "Will not fix",
+					NotFixedYet: true,
+				},
+			},
+		},
+
+		//1 two
+		{
+			pkgstats: []gostmodels.RedhatPackageState{
+				{
+					FixState:    "Will not fix",
+					PackageName: "bouncycastle",
+					Cpe:         "cpe:/o:redhat:enterprise_linux:7",
+				},
+				{
+					FixState:    "Fix deferred",
+					PackageName: "pack_a",
+					Cpe:         "cpe:/o:redhat:enterprise_linux:7",
+				},
+				// ignore not-installed-package
+				{
+					FixState:    "Fix deferred",
+					PackageName: "pack_b",
+					Cpe:         "cpe:/o:redhat:enterprise_linux:7",
+				},
+			},
+			installed: models.Packages{
+				"bouncycastle": models.Package{},
+				"pack_a":       models.Package{},
+			},
+			release: "7",
+			in:      models.VulnInfo{},
+			out: []models.PackageStatus{
+				{
+					Name:        "bouncycastle",
+					FixState:    "Will not fix",
+					NotFixedYet: true,
+				},
+				{
+					Name:        "pack_a",
+					FixState:    "Fix deferred",
+					NotFixedYet: true,
+				},
+			},
+		},
+
+		//2 ignore affected
+		{
+			pkgstats: []gostmodels.RedhatPackageState{
+				{
+					FixState:    "affected",
+					PackageName: "bouncycastle",
+					Cpe:         "cpe:/o:redhat:enterprise_linux:7",
+				},
+			},
+			installed: models.Packages{
+				"bouncycastle": models.Package{},
+			},
+			release: "7",
+			in: models.VulnInfo{
+				AffectedPackages: models.PackageStatuses{},
+			},
+			out: models.PackageStatuses{},
+		},
+
+		//3 look only the same os release.
+		{
+			pkgstats: []gostmodels.RedhatPackageState{
+				{
+					FixState:    "Will not fix",
+					PackageName: "bouncycastle",
+					Cpe:         "cpe:/o:redhat:enterprise_linux:6",
+				},
+			},
+			installed: models.Packages{
+				"bouncycastle": models.Package{},
+			},
+			release: "7",
+			in: models.VulnInfo{
+				AffectedPackages: models.PackageStatuses{},
+			},
+			out: models.PackageStatuses{},
+		},
+	}
+
+	r := RedHat{}
+	for i, tt := range tests {
+		out := r.mergePackageStates(tt.in, tt.pkgstats, tt.installed, tt.release)
+		if ok := reflect.DeepEqual(tt.out, out); !ok {
+			t.Errorf("[%d]\nexpected: %v:%T\n  actual: %v:%T\n", i, tt.out, tt.out, out, out)
+		}
+	}
+}
--- a/gost/microsoft.go
+++ b/gost/microsoft.go
@@ -0,0 +1,116 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package gost
+
+import (
+	"strings"
+
+	"github.com/future-architect/vuls/models"
+	"github.com/knqyf263/gost/db"
+	gostmodels "github.com/knqyf263/gost/models"
+)
+
+// Microsoft is Gost client for windows
+type Microsoft struct {
+	Base
+}
+
+// FillWithGost fills cve information that has in Gost
+func (ms Microsoft) FillWithGost(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+	if driver == nil {
+		return 0, nil
+	}
+	var cveIDs []string
+	for cveID := range r.ScannedCves {
+		cveIDs = append(cveIDs, cveID)
+	}
+	for cveID, msCve := range driver.GetMicrosoftMulti(cveIDs) {
+		if _, ok := r.ScannedCves[cveID]; !ok {
+			continue
+		}
+		cveCont := ms.ConvertToModel(&msCve)
+		v, _ := r.ScannedCves[cveID]
+		if v.CveContents == nil {
+			v.CveContents = models.CveContents{}
+		}
+		v.CveContents[models.Microsoft] = *cveCont
+		r.ScannedCves[cveID] = v
+	}
+	return len(cveIDs), nil
+}
+
+// ConvertToModel converts gost model to vuls model
+func (ms Microsoft) ConvertToModel(cve *gostmodels.MicrosoftCVE) *models.CveContent {
+	v3score := 0.0
+	var v3Vector string
+	for _, scoreSet := range cve.ScoreSets {
+		if v3score < scoreSet.BaseScore {
+			v3score = scoreSet.BaseScore
+			v3Vector = scoreSet.Vector
+		}
+	}
+
+	var v3Severity string
+	for _, s := range cve.Severity {
+		v3Severity = s.Description
+	}
+
+	var refs []models.Reference
+	for _, r := range cve.References {
+		if r.AttrType == "External" {
+			refs = append(refs, models.Reference{Link: r.URL})
+		}
+	}
+
+	var cwe []string
+	if 0 < len(cve.CWE) {
+		cwe = []string{cve.CWE}
+	}
+
+	option := map[string]string{}
+	if 0 < len(cve.ExploitStatus) {
+		option["exploit"] = cve.ExploitStatus
+	}
+	if 0 < len(cve.Workaround) {
+		option["workaround"] = cve.Workaround
+	}
+	var kbids []string
+	for _, kbid := range cve.KBIDs {
+		kbids = append(kbids, kbid.KBID)
+	}
+	if 0 < len(kbids) {
+		option["kbids"] = strings.Join(kbids, ",")
+	}
+
+	return &models.CveContent{
+		Type:          models.Microsoft,
+		CveID:         cve.CveID,
+		Title:         cve.Title,
+		Summary:       cve.Description,
+		Cvss3Score:    v3score,
+		Cvss3Vector:   v3Vector,
+		Cvss3Severity: v3Severity,
+		References:    refs,
+		CweIDs:        cwe,
+		Mitigation:    cve.Mitigation,
+		Published:     cve.PublishDate,
+		LastModified:  cve.LastUpdateDate,
+		SourceLink:    "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/" + cve.CveID,
+		Optional:      option,
+	}
+}
--- a/gost/redhat.go
+++ b/gost/redhat.go
@@ -0,0 +1,289 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package gost
+
+import (
+	"encoding/json"
+	"strconv"
+	"strings"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	"github.com/knqyf263/gost/db"
+	gostmodels "github.com/knqyf263/gost/models"
+)
+
+// RedHat is Gost client for RedHat family linux
+type RedHat struct {
+	Base
+}
+
+// FillWithGost fills cve information that has in Gost
+func (red RedHat) FillWithGost(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+	if nCVEs, err = red.fillUnfixed(driver, r); err != nil {
+		return 0, err
+	}
+	return nCVEs, red.fillFixed(driver, r)
+}
+
+func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
+	var cveIDs []string
+	for cveID, vuln := range r.ScannedCves {
+		if _, ok := vuln.CveContents[models.RedHatAPI]; ok {
+			continue
+		}
+		cveIDs = append(cveIDs, cveID)
+	}
+
+	if config.Conf.Gost.IsFetchViaHTTP() {
+		prefix, _ := util.URLPathJoin(config.Conf.Gost.URL,
+			"redhat", "cves")
+		responses, err := getCvesViaHTTP(cveIDs, prefix)
+		if err != nil {
+			return err
+		}
+		for _, res := range responses {
+			redCve := gostmodels.RedhatCVE{}
+			if err := json.Unmarshal([]byte(res.json), &redCve); err != nil {
+				return err
+			}
+			if redCve.ID == 0 {
+				continue
+			}
+			cveCont := red.ConvertToModel(&redCve)
+			v, ok := r.ScannedCves[res.request.cveID]
+			if ok {
+				if v.CveContents == nil {
+					v.CveContents = models.NewCveContents(*cveCont)
+				} else {
+					v.CveContents[models.RedHatAPI] = *cveCont
+				}
+			} else {
+				v = models.VulnInfo{
+					CveID:       cveCont.CveID,
+					CveContents: models.NewCveContents(*cveCont),
+					Confidences: models.Confidences{models.RedHatAPIMatch},
+				}
+			}
+			r.ScannedCves[res.request.cveID] = v
+		}
+	} else {
+		if driver == nil {
+			return nil
+		}
+		for cveID, redCve := range driver.GetRedhatMulti(cveIDs) {
+			if redCve.ID == 0 {
+				continue
+			}
+			cveCont := red.ConvertToModel(&redCve)
+			v, ok := r.ScannedCves[cveID]
+			if ok {
+				if v.CveContents == nil {
+					v.CveContents = models.NewCveContents(*cveCont)
+				} else {
+					v.CveContents[models.RedHatAPI] = *cveCont
+				}
+			} else {
+				v = models.VulnInfo{
+					CveID:       cveCont.CveID,
+					CveContents: models.NewCveContents(*cveCont),
+					Confidences: models.Confidences{models.RedHatAPIMatch},
+				}
+			}
+			r.ScannedCves[cveID] = v
+		}
+	}
+
+	return nil
+}
+
+func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+	if config.Conf.Gost.IsFetchViaHTTP() {
+		prefix, _ := util.URLPathJoin(config.Conf.Gost.URL,
+			"redhat", major(r.Release), "pkgs")
+		responses, err := getAllUnfixedCvesViaHTTP(r, prefix)
+		if err != nil {
+			return 0, err
+		}
+		for _, res := range responses {
+			// CVE-ID: RedhatCVE
+			cves := map[string]gostmodels.RedhatCVE{}
+			if err := json.Unmarshal([]byte(res.json), &cves); err != nil {
+				return 0, err
+			}
+
+			for _, cve := range cves {
+				cveCont := red.ConvertToModel(&cve)
+				v, ok := r.ScannedCves[cve.Name]
+				if ok {
+					if v.CveContents == nil {
+						v.CveContents = models.NewCveContents(*cveCont)
+					} else {
+						v.CveContents[models.RedHatAPI] = *cveCont
+					}
+				} else {
+					v = models.VulnInfo{
+						CveID:       cveCont.CveID,
+						CveContents: models.NewCveContents(*cveCont),
+						Confidences: models.Confidences{models.RedHatAPIMatch},
+					}
+					nCVEs++
+				}
+				pkgStats := red.mergePackageStates(v,
+					cve.PackageState, r.Packages, r.Release)
+				if 0 < len(pkgStats) {
+					v.AffectedPackages = pkgStats
+					r.ScannedCves[cve.Name] = v
+				}
+			}
+		}
+	} else {
+		if driver == nil {
+			return 0, nil
+		}
+		for _, pack := range r.Packages {
+			// CVE-ID: RedhatCVE
+			cves := map[string]gostmodels.RedhatCVE{}
+			cves = driver.GetUnfixedCvesRedhat(major(r.Release), pack.Name)
+			for _, cve := range cves {
+				cveCont := red.ConvertToModel(&cve)
+				v, ok := r.ScannedCves[cve.Name]
+				if ok {
+					if v.CveContents == nil {
+						v.CveContents = models.NewCveContents(*cveCont)
+					} else {
+						v.CveContents[models.RedHatAPI] = *cveCont
+					}
+				} else {
+					v = models.VulnInfo{
+						CveID:       cveCont.CveID,
+						CveContents: models.NewCveContents(*cveCont),
+						Confidences: models.Confidences{models.RedHatAPIMatch},
+					}
+					nCVEs++
+				}
+
+				pkgStats := red.mergePackageStates(v,
+					cve.PackageState, r.Packages, r.Release)
+				if 0 < len(pkgStats) {
+					v.AffectedPackages = pkgStats
+					r.ScannedCves[cve.Name] = v
+				}
+			}
+		}
+	}
+	return nCVEs, nil
+}
+
+func (red RedHat) mergePackageStates(v models.VulnInfo, ps []gostmodels.RedhatPackageState, installed models.Packages, release string) (pkgStats models.PackageStatuses) {
+	pkgStats = v.AffectedPackages
+	for _, pstate := range ps {
+		if pstate.Cpe !=
+			"cpe:/o:redhat:enterprise_linux:"+major(release) {
+			return
+		}
+
+		if !(pstate.FixState == "Will not fix" ||
+			pstate.FixState == "Fix deferred") {
+			return
+		}
+
+		if _, ok := installed[pstate.PackageName]; !ok {
+			return
+		}
+
+		notFixedYet := false
+		switch pstate.FixState {
+		case "Will not fix", "Fix deferred":
+			notFixedYet = true
+		}
+
+		pkgStats = pkgStats.Store(models.PackageStatus{
+			Name:        pstate.PackageName,
+			FixState:    pstate.FixState,
+			NotFixedYet: notFixedYet,
+		})
+	}
+	return
+}
+
+func (red RedHat) parseCwe(str string) (cwes []string) {
+	if str != "" {
+		s := strings.Replace(str, "(", "|", -1)
+		s = strings.Replace(s, ")", "|", -1)
+		s = strings.Replace(s, "->", "|", -1)
+		for _, s := range strings.Split(s, "|") {
+			if s != "" {
+				cwes = append(cwes, s)
+			}
+		}
+	}
+	return
+}
+
+// ConvertToModel converts gost model to vuls model
+func (red RedHat) ConvertToModel(cve *gostmodels.RedhatCVE) *models.CveContent {
+	cwes := red.parseCwe(cve.Cwe)
+
+	details := []string{}
+	for _, detail := range cve.Details {
+		details = append(details, detail.Detail)
+	}
+
+	v2score := 0.0
+	if cve.Cvss.CvssBaseScore != "" {
+		v2score, _ = strconv.ParseFloat(cve.Cvss.CvssBaseScore, 64)
+	}
+	v2severity := ""
+	if v2score != 0 {
+		v2severity = cve.ThreatSeverity
+	}
+
+	v3score := 0.0
+	if cve.Cvss3.Cvss3BaseScore != "" {
+		v3score, _ = strconv.ParseFloat(cve.Cvss3.Cvss3BaseScore, 64)
+	}
+	v3severity := ""
+	if v3score != 0 {
+		v3severity = cve.ThreatSeverity
+	}
+
+	var refs []models.Reference
+	for _, r := range cve.References {
+		refs = append(refs, models.Reference{Link: r.Reference})
+	}
+
+	return &models.CveContent{
+		Type:          models.RedHatAPI,
+		CveID:         cve.Name,
+		Title:         cve.Bugzilla.Description,
+		Summary:       strings.Join(details, "\n"),
+		Cvss2Score:    v2score,
+		Cvss2Vector:   cve.Cvss.CvssScoringVector,
+		Cvss2Severity: v2severity,
+		Cvss3Score:    v3score,
+		Cvss3Vector:   cve.Cvss3.Cvss3ScoringVector,
+		Cvss3Severity: v3severity,
+		References:    refs,
+		CweIDs:        cwes,
+		Mitigation:    cve.Mitigation,
+		Published:     cve.PublicDate,
+		SourceLink:    "https://access.redhat.com/security/cve/" + cve.Name,
+	}
+}
--- a/gost/redhat_test.go
+++ b/gost/redhat_test.go
@@ -0,0 +1,37 @@
+package gost
+
+import (
+	"reflect"
+	"sort"
+	"testing"
+)
+
+func TestParseCwe(t *testing.T) {
+	var tests = []struct {
+		in  string
+		out []string
+	}{
+		{
+			in:  "CWE-665->(CWE-200|CWE-89)",
+			out: []string{"CWE-665", "CWE-200", "CWE-89"},
+		},
+		{
+			in:  "CWE-841->CWE-770->CWE-454",
+			out: []string{"CWE-841", "CWE-770", "CWE-454"},
+		},
+		{
+			in:  "(CWE-122|CWE-125)",
+			out: []string{"CWE-122", "CWE-125"},
+		},
+	}
+
+	r := RedHat{}
+	for i, tt := range tests {
+		out := r.parseCwe(tt.in)
+		sort.Strings(out)
+		sort.Strings(tt.out)
+		if !reflect.DeepEqual(tt.out, out) {
+			t.Errorf("[%d]expected: %s, actual: %s", i, tt.out, out)
+		}
+	}
+}
--- a/gost/util.go
+++ b/gost/util.go
@@ -0,0 +1,201 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Architect, Inc. Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package gost
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/cenkalti/backoff"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	"github.com/parnurzeal/gorequest"
+)
+
+type response struct {
+	request request
+	json    string
+}
+
+func getCvesViaHTTP(cveIDs []string, urlPrefix string) (
+	responses []response, err error) {
+	nReq := len(cveIDs)
+	reqChan := make(chan request, nReq)
+	resChan := make(chan response, nReq)
+	errChan := make(chan error, nReq)
+	defer close(reqChan)
+	defer close(resChan)
+	defer close(errChan)
+
+	go func() {
+		for _, cveID := range cveIDs {
+			reqChan <- request{
+				cveID: cveID,
+			}
+		}
+	}()
+
+	concurrency := 10
+	tasks := util.GenWorkers(concurrency)
+	for i := 0; i < nReq; i++ {
+		tasks <- func() {
+			select {
+			case req := <-reqChan:
+				url, err := util.URLPathJoin(
+					urlPrefix,
+					req.cveID,
+				)
+				if err != nil {
+					errChan <- err
+				} else {
+					util.Log.Debugf("HTTP Request to %s", url)
+					httpGet(url, req, resChan, errChan)
+				}
+			}
+		}
+	}
+
+	timeout := time.After(2 * 60 * time.Second)
+	var errs []error
+	for i := 0; i < nReq; i++ {
+		select {
+		case res := <-resChan:
+			responses = append(responses, res)
+		case err := <-errChan:
+			errs = append(errs, err)
+		case <-timeout:
+			return nil, fmt.Errorf("Timeout Fetching OVAL")
+		}
+	}
+	if len(errs) != 0 {
+		return nil, fmt.Errorf("Failed to fetch OVAL. err: %v", errs)
+	}
+	return
+}
+
+type request struct {
+	osMajorVersion string
+	packName       string
+	isSrcPack      bool
+	cveID          string
+}
+
+func getAllUnfixedCvesViaHTTP(r *models.ScanResult, urlPrefix string) (
+	responses []response, err error) {
+
+	nReq := len(r.Packages) + len(r.SrcPackages)
+	reqChan := make(chan request, nReq)
+	resChan := make(chan response, nReq)
+	errChan := make(chan error, nReq)
+	defer close(reqChan)
+	defer close(resChan)
+	defer close(errChan)
+
+	go func() {
+		for _, pack := range r.Packages {
+			reqChan <- request{
+				osMajorVersion: major(r.Release),
+				packName:       pack.Name,
+				isSrcPack:      false,
+			}
+		}
+		for _, pack := range r.SrcPackages {
+			reqChan <- request{
+				osMajorVersion: major(r.Release),
+				packName:       pack.Name,
+				isSrcPack:      true,
+			}
+		}
+	}()
+
+	concurrency := 10
+	tasks := util.GenWorkers(concurrency)
+	for i := 0; i < nReq; i++ {
+		tasks <- func() {
+			select {
+			case req := <-reqChan:
+				url, err := util.URLPathJoin(
+					urlPrefix,
+					req.packName,
+					"unfixed-cves",
+				)
+				if err != nil {
+					errChan <- err
+				} else {
+					util.Log.Debugf("HTTP Request to %s", url)
+					httpGet(url, req, resChan, errChan)
+				}
+			}
+		}
+	}
+
+	timeout := time.After(2 * 60 * time.Second)
+	var errs []error
+	for i := 0; i < nReq; i++ {
+		select {
+		case res := <-resChan:
+			responses = append(responses, res)
+		case err := <-errChan:
+			errs = append(errs, err)
+		case <-timeout:
+			return nil, fmt.Errorf("Timeout Fetching OVAL")
+		}
+	}
+	if len(errs) != 0 {
+		return nil, fmt.Errorf("Failed to fetch OVAL. err: %v", errs)
+	}
+	return
+}
+
+func httpGet(url string, req request, resChan chan<- response, errChan chan<- error) {
+	var body string
+	var errs []error
+	var resp *http.Response
+	count, retryMax := 0, 3
+	f := func() (err error) {
+		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+		resp, body, errs = gorequest.New().Get(url).End()
+		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+			count++
+			if count == retryMax {
+				return nil
+			}
+			return fmt.Errorf("HTTP GET error: %v, url: %s, resp: %v",
+				errs, url, resp)
+		}
+		return nil
+	}
+	notify := func(err error, t time.Duration) {
+		util.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %s", t, err)
+	}
+	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
+	if err != nil {
+		errChan <- fmt.Errorf("HTTP Error %s", err)
+		return
+	}
+	if count == retryMax {
+		errChan <- fmt.Errorf("HRetry count exceeded")
+		return
+	}
+
+	resChan <- response{
+		request: req,
+		json:    body,
+	}
+}
--- a/img/vuls-abstract.png
+++ b/img/vuls-abstract.png
--- a/img/vuls-architecture-localscan.graphml
+++ b/img/vuls-architecture-localscan.graphml
--- a/img/vuls-architecture-localscan.png
+++ b/img/vuls-architecture-localscan.png
--- a/img/vuls-architecture.graphml
+++ b/img/vuls-architecture.graphml
--- a/img/vuls-architecture.png
+++ b/img/vuls-architecture.png
--- a/img/vuls-scan-flow-fast.graphml
+++ b/img/vuls-scan-flow-fast.graphml
@@ -0,0 +1,414 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
+  <!--Created by yEd 3.17-->
+  <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
+  <key for="port" id="d1" yfiles.type="portgraphics"/>
+  <key for="port" id="d2" yfiles.type="portgeometry"/>
+  <key for="port" id="d3" yfiles.type="portuserdata"/>
+  <key attr.name="url" attr.type="string" for="node" id="d4"/>
+  <key attr.name="description" attr.type="string" for="node" id="d5"/>
+  <key for="node" id="d6" yfiles.type="nodegraphics"/>
+  <key for="graphml" id="d7" yfiles.type="resources"/>
+  <key attr.name="url" attr.type="string" for="edge" id="d8"/>
+  <key attr.name="description" attr.type="string" for="edge" id="d9"/>
+  <key for="edge" id="d10" yfiles.type="edgegraphics"/>
+  <graph edgedefault="directed" id="G">
+    <data key="d0"/>
+    <node id="n0">
+      <data key="d6">
+        <y:GenericNode configuration="com.yworks.flowchart.process">
+          <y:Geometry height="56.0" width="268.0" x="309.6849206349206" y="0.0"/>
+          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+          <y:BorderStyle color="#000000" type="line" width="1.0"/>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="83.482421875" x="92.2587890625" y="18.93359375">Detect the OS<y:LabelModel>
+              <y:SmartNodeLabelModel distance="4.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="0.0" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+            </y:ModelParameter>
+          </y:NodeLabel>
+        </y:GenericNode>
+      </data>
+    </node>
+    <node id="n1">
+      <data key="d6">
+        <y:GenericNode configuration="com.yworks.flowchart.decision">
+          <y:Geometry height="40.0" width="80.0" x="403.6849206349206" y="206.44247787610618"/>
+          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+          <y:BorderStyle color="#000000" type="line" width="1.0"/>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="4.0" x="38.0" y="18.0">
+            <y:LabelModel>
+              <y:SmartNodeLabelModel distance="4.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+            </y:ModelParameter>
+          </y:NodeLabel>
+        </y:GenericNode>
+      </data>
+    </node>
+    <node id="n2">
+      <data key="d6">
+        <y:GenericNode configuration="com.yworks.flowchart.process">
+          <y:Geometry height="90.44247787610618" width="268.0" x="309.6849206349206" y="86.0"/>
+          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+          <y:BorderStyle color="#000000" type="line" width="1.0"/>
+          <y:NodeLabel alignment="right" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="88.796875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="170.763671875" x="48.61816406250006" y="0.8228014380530908">Get installed packages
+Alpine: apk
+Debian/Ubuntu: dpkg-query
+Amazon/RHEL/CentOS: rpm
+SUSE: zypper
+FreeBSD: pkg<y:LabelModel>
+              <y:SmartNodeLabelModel distance="4.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+            </y:ModelParameter>
+          </y:NodeLabel>
+        </y:GenericNode>
+      </data>
+    </node>
+    <node id="n3">
+      <data key="d6">
+        <y:GenericNode configuration="com.yworks.flowchart.process">
+          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="630.0546766682629"/>
+          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+          <y:BorderStyle color="#000000" type="line" width="1.0"/>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="152.634765625" x="57.6826171875" y="18.93359375">Write results to JSON files<y:LabelModel>
+              <y:SmartNodeLabelModel distance="4.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.5" nodeRatioX="0.0" nodeRatioY="0.1619001116071429" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+            </y:ModelParameter>
+          </y:NodeLabel>
+        </y:GenericNode>
+      </data>
+    </node>
+    <node id="n4">
+      <data key="d6">
+        <y:GenericNode configuration="com.yworks.flowchart.process">
+          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="287.8409153761062"/>
+          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+          <y:BorderStyle color="#000000" type="line" width="1.0"/>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="232.744140625" x="17.6279296875" y="4.80078125">Get CVE IDs by using package manager
+Amazon: yum plugin security
+FreeBSD: pkg audit<y:LabelModel>
+              <y:SmartNodeLabelModel distance="4.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+            </y:ModelParameter>
+          </y:NodeLabel>
+        </y:GenericNode>
+      </data>
+    </node>
+    <node id="n5">
+      <data key="d6">
+        <y:GenericNode configuration="com.yworks.flowchart.process">
+          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="750.4705298628534"/>
+          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+          <y:BorderStyle color="#000000" type="line" width="1.0"/>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="42.595703125" x="112.7021484375" y="18.93359375">Report<y:LabelModel>
+              <y:SmartNodeLabelModel distance="4.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+            </y:ModelParameter>
+          </y:NodeLabel>
+        </y:GenericNode>
+      </data>
+    </node>
+    <node id="n6" yfiles.foldertype="group">
+      <data key="d4"/>
+      <data key="d6">
+        <y:ProxyAutoBoundsNode>
+          <y:Realizers active="0">
+            <y:GroupNode>
+              <y:Geometry height="116.89483989807195" width="333.6788874841973" x="234.29467728596296" y="709.1901021013174"/>
+              <y:Fill color="#F5F5F5" transparent="false"/>
+              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
+              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="333.6788874841973" x="0.0" y="0.0">Vulnerability Database</y:NodeLabel>
+              <y:Shape type="roundrectangle"/>
+              <y:State closed="false" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
+              <y:Insets bottom="15" bottomF="15.0" left="15" leftF="15.0" right="15" rightF="15.0" top="15" topF="15.0"/>
+              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
+            </y:GroupNode>
+            <y:GroupNode>
+              <y:Geometry height="50.0" width="50.0" x="0.0" y="60.0"/>
+              <y:Fill color="#F5F5F5" transparent="false"/>
+              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
+              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="63.75830078125" x="-6.879150390625" y="0.0">Folder 1</y:NodeLabel>
+              <y:Shape type="roundrectangle"/>
+              <y:State closed="true" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
+              <y:Insets bottom="5" bottomF="5.0" left="5" leftF="5.0" right="5" rightF="5.0" top="5" topF="5.0"/>
+              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
+            </y:GroupNode>
+          </y:Realizers>
+        </y:ProxyAutoBoundsNode>
+      </data>
+      <graph edgedefault="directed" id="n6:">
+        <node id="n6::n0">
+          <data key="d6">
+            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
+              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="416.1341210280616" y="745.8561177263174"/>
+              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+              <y:BorderStyle color="#000000" type="line" width="1.0"/>
+              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="117.970703125" x="9.434370308549205" y="23.548005886535975">CVE DB (NVD / JVN)<y:LabelModel>
+                  <y:SmartNodeLabelModel distance="4.0"/>
+                </y:LabelModel>
+                <y:ModelParameter>
+                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+                </y:ModelParameter>
+              </y:NodeLabel>
+            </y:GenericNode>
+          </data>
+        </node>
+        <node id="n6::n1">
+          <data key="d6">
+            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
+              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="249.29467728596296" y="745.8561177263174"/>
+              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+              <y:BorderStyle color="#000000" type="line" width="1.0"/>
+              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.533203125" x="40.653120308549205" y="23.548005886535975">OVAL DB<y:LabelModel>
+                  <y:SmartNodeLabelModel distance="4.0"/>
+                </y:LabelModel>
+                <y:ModelParameter>
+                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+                </y:ModelParameter>
+              </y:NodeLabel>
+            </y:GenericNode>
+          </data>
+        </node>
+      </graph>
+    </node>
+    <node id="n7">
+      <data key="d6">
+        <y:GenericNode configuration="com.yworks.flowchart.process">
+          <y:Geometry height="56.0" width="268.0" x="27.144753476611868" y="287.8409153761062"/>
+          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+          <y:BorderStyle color="#000000" type="line" width="1.0"/>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="260.83984375" x="3.580078125" y="11.8671875">Check upgradable packages
+Debian/Ubuntu: apt-get upgrade --dry-run<y:LabelModel>
+              <y:SmartNodeLabelModel distance="4.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+            </y:ModelParameter>
+          </y:NodeLabel>
+        </y:GenericNode>
+      </data>
+    </node>
+    <node id="n8">
+      <data key="d6">
+        <y:GenericNode configuration="com.yworks.flowchart.loopLimit">
+          <y:Geometry height="51.10998735777497" width="137.19216182048035" x="92.54867256637169" y="376.28592169721867"/>
+          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+          <y:BorderStyle color="#000000" type="line" width="1.0"/>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="131.751953125" x="2.7201043477401754" y="9.422181178887513">foreach 
+upgradable  packages<y:LabelModel>
+              <y:SmartNodeLabelModel distance="4.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="5.551115123125783E-16" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+            </y:ModelParameter>
+          </y:NodeLabel>
+        </y:GenericNode>
+      </data>
+    </node>
+    <node id="n9">
+      <data key="d6">
+        <y:GenericNode configuration="com.yworks.flowchart.process">
+          <y:Geometry height="56.0" width="268.0" x="27.144753476611868" y="459.8409153761062"/>
+          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+          <y:BorderStyle color="#000000" type="line" width="1.0"/>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="213.619140625" x="27.1904296875" y="11.8671875">Parse changelog and get  CVE IDs
+Debian/Ubuntu: aptitude changelog<y:LabelModel>
+              <y:SmartNodeLabelModel distance="4.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+            </y:ModelParameter>
+          </y:NodeLabel>
+        </y:GenericNode>
+      </data>
+    </node>
+    <node id="n10">
+      <data key="d6">
+        <y:GenericNode configuration="com.yworks.flowchart.loopLimitEnd">
+          <y:Geometry height="50.0" width="137.0" x="92.64475347661187" y="545.8409153761062"/>
+          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+          <y:BorderStyle color="#000000" type="line" width="1.0"/>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.24609375" x="40.876953125" y="15.93359375">end loop<y:LabelModel>
+              <y:SmartNodeLabelModel distance="4.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+            </y:ModelParameter>
+          </y:NodeLabel>
+        </y:GenericNode>
+      </data>
+    </node>
+    <edge id="e0" source="n2" target="n1">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="45.22123893805309" tx="0.0" ty="-20.0"/>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="none"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e1" source="n1" target="n4">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="40.0" sy="0.0" tx="0.0" ty="-28.0">
+            <y:Point x="743.3698412698412" y="226.44247787610618"/>
+          </y:Path>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="51.806640625" x="183.35883739927397" y="2.000003510871693">Amazon
+FreeBSD<y:LabelModel>
+              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="1.9999999999998863" distanceToCenter="false" position="right" ratio="0.7796030035582084" segment="0"/>
+            </y:ModelParameter>
+            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+          </y:EdgeLabel>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e2" source="n0" target="n2">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-45.22123893805309"/>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e3" source="n5" target="n6">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="10.8330078125"/>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="none"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e4" source="n1" target="n3">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="0.0" tx="-123.36984126984123" ty="0.0">
+            <y:Point x="443.6849206349206" y="658.0546766682629"/>
+          </y:Path>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="102.9296875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="77.078125" x="-97.68364242524859" y="5.005267793098369">Alpine Linux
+CentOS
+RHEL
+Ubuntu
+Debian
+Oracle Linux
+Suse<y:LabelModel>
+              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="59.14459455430983" distanceToCenter="true" position="right" ratio="0.0" segment="0"/>
+            </y:ModelParameter>
+            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+          </y:EdgeLabel>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e5" source="n4" target="n3">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e6" source="n7" target="n8">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-25.554993678887485"/>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e7" source="n8" target="n9">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="25.554993678887485" tx="0.0" ty="-28.0"/>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e8" source="n9" target="n10">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-25.0"/>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e9" source="n3" target="n5">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e10" source="n1" target="n7">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
+            <y:Point x="161.14475347661187" y="226.44247787610618"/>
+          </y:Path>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="56.98046875" x="-196.80057112212188" y="20.933597260871807">Raspbian<y:LabelModel>
+              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="left" ratio="0.6447921222409765" segment="0"/>
+            </y:ModelParameter>
+            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+          </y:EdgeLabel>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e11" source="n10" target="n3">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="0.0" tx="-125.78842258255952" ty="0.0">
+            <y:Point x="161.14475347661187" y="658.0546766682629"/>
+          </y:Path>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+  </graph>
+  <data key="d7">
+    <y:Resources/>
+  </data>
+</graphml>
--- a/img/vuls-scan-flow-fast.png
+++ b/img/vuls-scan-flow-fast.png
--- a/img/vuls-scan-flow.graphml
+++ b/img/vuls-scan-flow.graphml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
 <graphml xmlns="http://graphml.graphdrawing.org/xmlns" xmlns:java="http://www.yworks.com/xml/yfiles-common/1.0/java" xmlns:sys="http://www.yworks.com/xml/yfiles-common/markup/primitives/2.0" xmlns:x="http://www.yworks.com/xml/yfiles-common/markup/2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:y="http://www.yworks.com/xml/graphml" xmlns:yed="http://www.yworks.com/xml/yed/3" xsi:schemaLocation="http://graphml.graphdrawing.org/xmlns http://www.yworks.com/xml/schema/graphml/1.1/ygraphml.xsd">
-  <!--Created by yEd 3.14.2-->
+  <!--Created by yEd 3.17-->
  <key attr.name="Description" attr.type="string" for="graph" id="d0"/>
  <key for="port" id="d1" yfiles.type="portgraphics"/>
  <key for="port" id="d2" yfiles.type="portgeometry"/>
@@ -20,7 +20,7 @@
          <y:Geometry height="56.0" width="268.0" x="309.6849206349206" y="0.0"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="83.482421875" x="92.2587890625" y="18.93359375">Detect the OS<y:LabelModel>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="83.482421875" x="92.2587890625" y="18.93359375">Detect the OS<y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
            </y:LabelModel>
            <y:ModelParameter>
@@ -36,7 +36,7 @@
          <y:Geometry height="40.0" width="80.0" x="403.6849206349206" y="206.44247787610618"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" modelName="custom" textColor="#000000" visible="true" width="4.0" x="38.0" y="18.0">
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" hasText="false" height="4.0" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="4.0" x="38.0" y="18.0">
            <y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
            </y:LabelModel>
@@ -53,10 +53,12 @@
          <y:Geometry height="90.44247787610618" width="268.0" x="309.6849206349206" y="86.0"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="60.53125" modelName="custom" textColor="#000000" visible="true" width="170.763671875" x="48.61816406250006" y="14.95561393805309">Get installed packages
+          <y:NodeLabel alignment="right" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="88.796875" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="170.763671875" x="48.61816406250006" y="0.8228014380530908">Get installed packages
+Alpine Linux: apk
 Debian/Ubuntu: dpkg-query
 Amazon/RHEL/CentOS: rpm
-FreeBSD: pkg<y:LabelModel>
+FreeBSD: pkg
+SUSE: zypper<y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
            </y:LabelModel>
            <y:ModelParameter>
@@ -72,7 +74,7 @@ FreeBSD: pkg<y:LabelModel>
          <y:Geometry height="56.0" width="268.0" x="10.0" y="287.8409153761062"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" modelName="custom" textColor="#000000" visible="true" width="260.83984375" x="3.580078125" y="11.8671875">Get upgradable packages
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="260.83984375" x="3.580078125" y="11.8671875">Check upgradable packages
 Debian/Ubuntu: apt-get upgrade --dry-run<y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
            </y:LabelModel>
@@ -89,7 +91,7 @@ Debian/Ubuntu: apt-get upgrade --dry-run<y:LabelModel>
          <y:Geometry height="51.10998735777497" width="137.19216182048035" x="75.40391908975982" y="376.28592169721867"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" modelName="custom" textColor="#000000" visible="true" width="131.751953125" x="2.7201043477401754" y="9.422181178887513">foreach 
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="131.751953125" x="2.7201043477401754" y="9.422181178887513">foreach 
 upgradable  packages<y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
            </y:LabelModel>
@@ -106,7 +108,7 @@ upgradable  packages<y:LabelModel>
          <y:Geometry height="56.0" width="268.0" x="10.0" y="459.8409153761062"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" modelName="custom" textColor="#000000" visible="true" width="213.619140625" x="27.1904296875" y="11.8671875">Parse changelog and get  CVE IDs
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="213.619140625" x="27.1904296875" y="11.8671875">Parse changelog and get  CVE IDs
 Debian/Ubuntu: aptitude changelog<y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
            </y:LabelModel>
@@ -123,7 +125,7 @@ Debian/Ubuntu: aptitude changelog<y:LabelModel>
          <y:Geometry height="50.0" width="137.0" x="75.5" y="545.8409153761062"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="55.24609375" x="40.876953125" y="15.93359375">end loop<y:LabelModel>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.24609375" x="40.876953125" y="15.93359375">end loop<y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
            </y:LabelModel>
            <y:ModelParameter>
@@ -139,7 +141,7 @@ Debian/Ubuntu: aptitude changelog<y:LabelModel>
          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="625.8409153761062"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="194.904296875" x="36.5478515625" y="18.93359375">Select the CVE detail information<y:LabelModel>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="152.634765625" x="57.6826171875" y="18.93359375">Write results to JSON files<y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
            </y:LabelModel>
            <y:ModelParameter>
@@ -155,7 +157,7 @@ Debian/Ubuntu: aptitude changelog<y:LabelModel>
          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="287.8409153761062"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" modelName="custom" textColor="#000000" visible="true" width="232.744140625" x="17.6279296875" y="4.80078125">Get CVE IDs by using package manager
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="232.744140625" x="17.6279296875" y="4.80078125">Get CVE IDs by using package manager
 Amazon/RHEL: yum plugin security
 FreeBSD: pkg audit<y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
@@ -168,45 +170,12 @@ FreeBSD: pkg audit<y:LabelModel>
      </data>
    </node>
    <node id="n9">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.dataBase">
-          <y:Geometry height="64.1719342604298" width="111.96965865992411" x="687.3850119398792" y="807.0697396491782"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="48.56640625" x="31.701626204962054" y="23.019560880214726">Vuls DB<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="0.0" nodeRatioY="-8.881784197001252E-16" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n10">
-      <data key="d6">
-        <y:GenericNode configuration="com.yworks.flowchart.dataBase">
-          <y:Geometry height="65.22882427307195" width="136.83944374209864" x="411.5802781289507" y="687.385587863464"/>
-          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
-          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="117.970703125" x="9.434370308549205" y="23.548005886535975">CVE DB (NVD / JVN)<y:LabelModel>
-              <y:SmartNodeLabelModel distance="4.0"/>
-            </y:LabelModel>
-            <y:ModelParameter>
-              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
-            </y:ModelParameter>
-          </y:NodeLabel>
-        </y:GenericNode>
-      </data>
-    </node>
-    <node id="n11">
      <data key="d6">
        <y:GenericNode configuration="com.yworks.flowchart.process">
          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="716.4553275126422"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" modelName="custom" textColor="#000000" visible="true" width="126.396484375" x="70.8017578125" y="11.8671875">Insert results into DB
-Reporting<y:LabelModel>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="42.595703125" x="112.7021484375" y="18.93359375">Report<y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
            </y:LabelModel>
            <y:ModelParameter>
@@ -216,14 +185,14 @@ Reporting<y:LabelModel>
        </y:GenericNode>
      </data>
    </node>
-    <node id="n12">
+    <node id="n10">
      <data key="d6">
        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="309.6849206349206" y="287.8409153761062"/>
+          <y:Geometry height="56.0" width="268.0" x="309.6849206349206" y="371.39590905499364"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" modelName="custom" textColor="#000000" visible="true" width="271.369140625" x="-1.6845703124999432" y="11.8671875">Get all changelogs by using package manager
-CentOS: yum update --changelog<y:LabelModel>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="293.06640625" x="-12.533203124999943" y="11.8671875">Get all changelogs of updatable packages at once
+yum changelog<y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
            </y:LabelModel>
            <y:ModelParameter>
@@ -233,13 +202,13 @@ CentOS: yum update --changelog<y:LabelModel>
        </y:GenericNode>
      </data>
    </node>
-    <node id="n13">
+    <node id="n11">
      <data key="d6">
        <y:GenericNode configuration="com.yworks.flowchart.process">
-          <y:Geometry height="56.0" width="268.0" x="309.6849206349206" y="373.8409153761062"/>
+          <y:Geometry height="56.0" width="268.0" x="309.68492063492056" y="459.8409153761062"/>
          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
          <y:BorderStyle color="#000000" type="line" width="1.0"/>
-          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" textColor="#000000" visible="true" width="205.52734375" x="31.236328125000057" y="18.93359375">Parse changelogs and get CVE IDs <y:LabelModel>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="205.52734375" x="31.236328125000057" y="18.93359375">Parse changelogs and get CVE IDs <y:LabelModel>
              <y:SmartNodeLabelModel distance="4.0"/>
            </y:LabelModel>
            <y:ModelParameter>
@@ -249,6 +218,86 @@ CentOS: yum update --changelog<y:LabelModel>
        </y:GenericNode>
      </data>
    </node>
+    <node id="n12">
+      <data key="d6">
+        <y:GenericNode configuration="com.yworks.flowchart.process">
+          <y:Geometry height="56.0" width="268.0" x="609.3698412698412" y="373.8409153761062"/>
+          <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+          <y:BorderStyle color="#000000" type="line" width="1.0"/>
+          <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="293.06640625" x="-12.533203124999886" y="11.8671875">Get all changelogs of updatable packages at once
+Amazon / RHEL: yum changelog<y:LabelModel>
+              <y:SmartNodeLabelModel distance="4.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="2.220446049250313E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+            </y:ModelParameter>
+          </y:NodeLabel>
+        </y:GenericNode>
+      </data>
+    </node>
+    <node id="n13" yfiles.foldertype="group">
+      <data key="d4"/>
+      <data key="d6">
+        <y:ProxyAutoBoundsNode>
+          <y:Realizers active="0">
+            <y:GroupNode>
+              <y:Geometry height="116.89483989807195" width="333.6788874841973" x="229.74083438685204" y="675.1748997511062"/>
+              <y:Fill color="#F5F5F5" transparent="false"/>
+              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
+              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="333.6788874841973" x="0.0" y="0.0">Vulnerability Database</y:NodeLabel>
+              <y:Shape type="roundrectangle"/>
+              <y:State closed="false" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
+              <y:Insets bottom="15" bottomF="15.0" left="15" leftF="15.0" right="15" rightF="15.0" top="15" topF="15.0"/>
+              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
+            </y:GroupNode>
+            <y:GroupNode>
+              <y:Geometry height="50.0" width="50.0" x="0.0" y="60.0"/>
+              <y:Fill color="#F5F5F5" transparent="false"/>
+              <y:BorderStyle color="#000000" type="dashed" width="1.0"/>
+              <y:NodeLabel alignment="right" autoSizePolicy="node_width" backgroundColor="#EBEBEB" borderDistance="0.0" fontFamily="Dialog" fontSize="15" fontStyle="plain" hasLineColor="false" height="21.666015625" horizontalTextPosition="center" iconTextGap="4" modelName="internal" modelPosition="t" textColor="#000000" verticalTextPosition="bottom" visible="true" width="63.75830078125" x="-6.879150390625" y="0.0">Folder 1</y:NodeLabel>
+              <y:Shape type="roundrectangle"/>
+              <y:State closed="true" closedHeight="50.0" closedWidth="50.0" innerGraphDisplayEnabled="false"/>
+              <y:Insets bottom="5" bottomF="5.0" left="5" leftF="5.0" right="5" rightF="5.0" top="5" topF="5.0"/>
+              <y:BorderInsets bottom="0" bottomF="0.0" left="0" leftF="0.0" right="0" rightF="0.0" top="0" topF="0.0"/>
+            </y:GroupNode>
+          </y:Realizers>
+        </y:ProxyAutoBoundsNode>
+      </data>
+      <graph edgedefault="directed" id="n13:">
+        <node id="n13::n0">
+          <data key="d6">
+            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
+              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="411.5802781289507" y="711.8409153761062"/>
+              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+              <y:BorderStyle color="#000000" type="line" width="1.0"/>
+              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="117.970703125" x="9.434370308549205" y="23.548005886535975">CVE DB (NVD / JVN)<y:LabelModel>
+                  <y:SmartNodeLabelModel distance="4.0"/>
+                </y:LabelModel>
+                <y:ModelParameter>
+                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+                </y:ModelParameter>
+              </y:NodeLabel>
+            </y:GenericNode>
+          </data>
+        </node>
+        <node id="n13::n1">
+          <data key="d6">
+            <y:GenericNode configuration="com.yworks.flowchart.dataBase">
+              <y:Geometry height="65.22882427307195" width="136.83944374209864" x="244.74083438685204" y="711.8409153761062"/>
+              <y:Fill color="#E8EEF7" color2="#B7C9E3" transparent="false"/>
+              <y:BorderStyle color="#000000" type="line" width="1.0"/>
+              <y:NodeLabel alignment="center" autoSizePolicy="content" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" textColor="#000000" verticalTextPosition="bottom" visible="true" width="55.533203125" x="40.653120308549205" y="23.548005886535975">OVAL DB<y:LabelModel>
+                  <y:SmartNodeLabelModel distance="4.0"/>
+                </y:LabelModel>
+                <y:ModelParameter>
+                  <y:SmartNodeLabelModelParameter labelRatioX="0.0" labelRatioY="0.0" nodeRatioX="-8.326672684688674E-16" nodeRatioY="0.0" offsetX="0.0" offsetY="0.0" upX="0.0" upY="-1.0"/>
+                </y:ModelParameter>
+              </y:NodeLabel>
+            </y:GenericNode>
+          </data>
+        </node>
+      </graph>
+    </node>
    <edge id="e0" source="n2" target="n1">
      <data key="d10">
        <y:PolyLineEdge>
@@ -267,12 +316,13 @@ CentOS: yum update --changelog<y:LabelModel>
          </y:Path>
          <y:LineStyle color="#000000" type="line" width="1.0"/>
          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" visible="true" width="46.697265625" x="-56.79057374984495" y="-34.26562148912808">Debian
-Ubuntu<y:LabelModel>
+          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="56.98046875" x="-257.65322875976574" y="2.0000035108718635">Debian
+Ubuntu
+Raspbian<y:LabelModel>
              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
            </y:LabelModel>
            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="1.9999999999998863" distanceToCenter="false" position="right" ratio="0.02215389573439544" segment="0"/>
+              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="1.9999999999998863" distanceToCenter="false" position="left" ratio="0.8652035780364729" segment="0"/>
            </y:ModelParameter>
            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
          </y:EdgeLabel>
@@ -330,13 +380,13 @@ Ubuntu<y:LabelModel>
          </y:Path>
          <y:LineStyle color="#000000" type="line" width="1.0"/>
          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" visible="true" width="51.806640625" x="10.125014629061297" y="-48.39843398912805">Amazon
+          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="46.3984375" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="51.806640625" x="200.87829463898197" y="4.000003510871693">Amazon
 RHEL
 FreeBSD<y:LabelModel>
              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
            </y:LabelModel>
            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="1.9999999999998863" distanceToCenter="false" position="left" ratio="0.022401276994204813" segment="0"/>
+              <y:SmartEdgeLabelModelParameter angle="6.283185307179586" distance="6.999999999999886" distanceToCenter="false" position="right" ratio="0.8192728556300707" segment="-1"/>
            </y:ModelParameter>
            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
          </y:EdgeLabel>
@@ -344,17 +394,7 @@ FreeBSD<y:LabelModel>
        </y:PolyLineEdge>
      </data>
    </edge>
-    <edge id="e7" source="n8" target="n7">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-28.0"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="standard"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e8" source="n0" target="n2">
+    <edge id="e7" source="n0" target="n2">
      <data key="d10">
        <y:PolyLineEdge>
          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-45.22123893805309"/>
@@ -364,7 +404,7 @@ FreeBSD<y:LabelModel>
        </y:PolyLineEdge>
      </data>
    </edge>
-    <edge id="e9" source="n7" target="n11">
+    <edge id="e8" source="n7" target="n9">
      <data key="d10">
        <y:PolyLineEdge>
          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-28.0"/>
@@ -374,40 +414,17 @@ FreeBSD<y:LabelModel>
        </y:PolyLineEdge>
      </data>
    </edge>
-    <edge id="e10" source="n7" target="n10">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="-134.01566143419018" sy="6.159084623893818" tx="0.0" ty="-29.333162136535975">
-            <y:Point x="480.0" y="660.0"/>
-          </y:Path>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e11" source="n11" target="n9">
-      <data key="d10">
-        <y:PolyLineEdge>
-          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-28.86721713021484"/>
-          <y:LineStyle color="#000000" type="line" width="1.0"/>
-          <y:Arrows source="none" target="none"/>
-          <y:BendStyle smoothed="false"/>
-        </y:PolyLineEdge>
-      </data>
-    </edge>
-    <edge id="e12" source="n1" target="n12">
-      <data key="d9"/>
+    <edge id="e9" source="n1" target="n10">
      <data key="d10">
        <y:PolyLineEdge>
          <y:Path sx="0.0" sy="20.0" tx="0.0" ty="-28.0"/>
          <y:LineStyle color="#000000" type="line" width="1.0"/>
          <y:Arrows source="none" target="standard"/>
-          <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" visible="true" width="46.708984375" x="-53.35447755843876" y="11.632816010871807">CentOS<y:LabelModel>
+          <y:EdgeLabel alignment="center" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="18.1328125" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="46.708984375" x="-53.35447755843876" y="5.000003510871807">CentOS<y:LabelModel>
              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
            </y:LabelModel>
            <y:ModelParameter>
-              <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="right" ratio="0.5" segment="0"/>
+              <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="right" ratio="0.0" segment="0"/>
            </y:ModelParameter>
            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
          </y:EdgeLabel>
@@ -415,8 +432,7 @@ FreeBSD<y:LabelModel>
        </y:PolyLineEdge>
      </data>
    </edge>
-    <edge id="e13" source="n12" target="n13">
-      <data key="d9"/>
+    <edge id="e10" source="n10" target="n11">
      <data key="d10">
        <y:PolyLineEdge>
          <y:Path sx="0.0" sy="28.0" tx="0.0" ty="-28.0"/>
@@ -426,12 +442,11 @@ FreeBSD<y:LabelModel>
        </y:PolyLineEdge>
      </data>
    </edge>
-    <edge id="e14" source="n13" target="n7">
-      <data key="d9"/>
+    <edge id="e11" source="n11" target="n7">
      <data key="d10">
        <y:PolyLineEdge>
-          <y:Path sx="134.00000000000006" sy="0.0" tx="0.0" ty="-28.0">
-            <y:Point x="743.3698412698412" y="401.8409153761062"/>
+          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="-24.34091537610618">
+            <y:Point x="743.3698412698412" y="487.8409153761062"/>
          </y:Path>
          <y:LineStyle color="#000000" type="line" width="1.0"/>
          <y:Arrows source="none" target="standard"/>
@@ -439,6 +454,60 @@ FreeBSD<y:LabelModel>
        </y:PolyLineEdge>
      </data>
    </edge>
+    <edge id="e12" source="n8" target="n12">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e13" source="n12" target="n7">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0"/>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="standard"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e14" source="n9" target="n13">
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="10.8330078125"/>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="none"/>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
+    <edge id="e15" source="n1" target="n7">
+      <data key="d9"/>
+      <data key="d10">
+        <y:PolyLineEdge>
+          <y:Path sx="0.0" sy="0.0" tx="0.0" ty="0.0">
+            <y:Point x="999.0" y="226.44247787610618"/>
+            <y:Point x="999.0" y="570.8409153761062"/>
+            <y:Point x="743.3698412698412" y="570.8409153761062"/>
+          </y:Path>
+          <y:LineStyle color="#000000" type="line" width="1.0"/>
+          <y:Arrows source="none" target="none"/>
+          <y:EdgeLabel alignment="right" configuration="AutoFlippingLabel" distance="2.0" fontFamily="Dialog" fontSize="12" fontStyle="plain" hasBackgroundColor="false" hasLineColor="false" height="32.265625" horizontalTextPosition="center" iconTextGap="4" modelName="custom" preferredPlacement="anywhere" ratio="0.5" textColor="#000000" verticalTextPosition="bottom" visible="true" width="76.8203125" x="422.923942251054" y="13.867191010871807">Alpine Linux
+SUSE<y:LabelModel>
+              <y:SmartEdgeLabelModel autoRotationEnabled="false" defaultAngle="0.0" defaultDistance="10.0"/>
+            </y:LabelModel>
+            <y:ModelParameter>
+              <y:SmartEdgeLabelModelParameter angle="0.0" distance="30.0" distanceToCenter="true" position="right" ratio="0.8856709076027529" segment="0"/>
+            </y:ModelParameter>
+            <y:PreferredPlacementDescriptor angle="0.0" angleOffsetOnRightSide="0" angleReference="absolute" angleRotationOnRightSide="co" distance="-1.0" frozen="true" placement="anywhere" side="anywhere" sideReference="relative_to_edge_flow"/>
+          </y:EdgeLabel>
+          <y:BendStyle smoothed="false"/>
+        </y:PolyLineEdge>
+      </data>
+    </edge>
  </graph>
  <data key="d7">
    <y:Resources/>
--- a/img/vuls-scan-flow.png
+++ b/img/vuls-scan-flow.png
--- a/main.go
+++ b/main.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -22,13 +22,11 @@ import (
 	"fmt"
 	"os"

-	"golang.org/x/net/context"
+	"context"

 	"github.com/future-architect/vuls/commands"
-	"github.com/future-architect/vuls/version"
+	"github.com/future-architect/vuls/config"
 	"github.com/google/subcommands"
-
-	_ "github.com/mattn/go-sqlite3"
 )

 func main() {
@@ -38,16 +36,17 @@ func main() {
 	subcommands.Register(&commands.DiscoverCmd{}, "discover")
 	subcommands.Register(&commands.TuiCmd{}, "tui")
 	subcommands.Register(&commands.ScanCmd{}, "scan")
-	subcommands.Register(&commands.PrepareCmd{}, "prepare")
 	subcommands.Register(&commands.HistoryCmd{}, "history")
+	subcommands.Register(&commands.ReportCmd{}, "report")
 	subcommands.Register(&commands.ConfigtestCmd{}, "configtest")
+	subcommands.Register(&commands.ServerCmd{}, "server")

 	var v = flag.Bool("v", false, "Show version")

 	flag.Parse()

 	if *v {
-		fmt.Printf("%s %s\n", version.Name, version.Version)
+		fmt.Printf("vuls %s %s\n", config.Version, config.Revision)
 		os.Exit(int(subcommands.ExitSuccess))
 	}

--- a/models/cvecontents.go
+++ b/models/cvecontents.go
@@ -0,0 +1,322 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package models
+
+import (
+	"time"
+)
+
+// CveContents has CveContent
+type CveContents map[CveContentType]CveContent
+
+// NewCveContents create CveContents
+func NewCveContents(conts ...CveContent) CveContents {
+	m := CveContents{}
+	for _, cont := range conts {
+		m[cont.Type] = cont
+	}
+	return m
+}
+
+// CveContentStr has CveContentType and Value
+type CveContentStr struct {
+	Type  CveContentType
+	Value string
+}
+
+// Except returns CveContents except given keys for enumeration
+func (v CveContents) Except(exceptCtypes ...CveContentType) (values CveContents) {
+	values = CveContents{}
+	for ctype, content := range v {
+		found := false
+		for _, exceptCtype := range exceptCtypes {
+			if ctype == exceptCtype {
+				found = true
+				break
+			}
+		}
+		if !found {
+			values[ctype] = content
+		}
+	}
+	return
+}
+
+// SourceLinks returns link of source
+func (v CveContents) SourceLinks(lang, myFamily, cveID string) (values []CveContentStr) {
+	if lang == "ja" {
+		if cont, found := v[Jvn]; found && 0 < len(cont.SourceLink) {
+			values = append(values, CveContentStr{Jvn, cont.SourceLink})
+		}
+	}
+
+	order := CveContentTypes{Nvd, NvdXML, NewCveContentType(myFamily)}
+	for _, ctype := range order {
+		if cont, found := v[ctype]; found {
+			values = append(values, CveContentStr{ctype, cont.SourceLink})
+		}
+	}
+
+	if len(values) == 0 {
+		return []CveContentStr{{
+			Type:  Nvd,
+			Value: "https://nvd.nist.gov/vuln/detail/" + cveID,
+		}}
+	}
+	return values
+}
+
+/*
+// Severities returns Severities
+func (v CveContents) Severities(myFamily string) (values []CveContentStr) {
+	order := CveContentTypes{NVD, NewCveContentType(myFamily)}
+	order = append(order, AllCveContetTypes.Except(append(order)...)...)
+
+	for _, ctype := range order {
+		if cont, found := v[ctype]; found && 0 < len(cont.Severity) {
+			values = append(values, CveContentStr{
+				Type:  ctype,
+				Value: cont.Severity,
+			})
+		}
+	}
+	return
+}
+*/
+
+// CveContentCpes has CveContentType and Value
+type CveContentCpes struct {
+	Type  CveContentType
+	Value []Cpe
+}
+
+// Cpes returns affected CPEs of this Vulnerability
+func (v CveContents) Cpes(myFamily string) (values []CveContentCpes) {
+	order := CveContentTypes{NewCveContentType(myFamily)}
+	order = append(order, AllCveContetTypes.Except(append(order)...)...)
+
+	for _, ctype := range order {
+		if cont, found := v[ctype]; found && 0 < len(cont.Cpes) {
+			values = append(values, CveContentCpes{
+				Type:  ctype,
+				Value: cont.Cpes,
+			})
+		}
+	}
+	return
+}
+
+// CveContentRefs has CveContentType and Cpes
+type CveContentRefs struct {
+	Type  CveContentType
+	Value []Reference
+}
+
+// References returns References
+func (v CveContents) References(myFamily string) (values []CveContentRefs) {
+	order := CveContentTypes{NewCveContentType(myFamily)}
+	order = append(order, AllCveContetTypes.Except(append(order)...)...)
+
+	for _, ctype := range order {
+		if cont, found := v[ctype]; found && 0 < len(cont.References) {
+			values = append(values, CveContentRefs{
+				Type:  ctype,
+				Value: cont.References,
+			})
+		}
+	}
+	return
+}
+
+// CweIDs returns related CweIDs of the vulnerability
+func (v CveContents) CweIDs(myFamily string) (values []CveContentStr) {
+	order := CveContentTypes{NewCveContentType(myFamily)}
+	order = append(order, AllCveContetTypes.Except(append(order)...)...)
+	for _, ctype := range order {
+		if cont, found := v[ctype]; found && 0 < len(cont.CweIDs) {
+			for _, cweID := range cont.CweIDs {
+				for _, val := range values {
+					if val.Value == cweID {
+						continue
+					}
+				}
+				values = append(values, CveContentStr{
+					Type:  ctype,
+					Value: cweID,
+				})
+			}
+		}
+	}
+	return
+}
+
+// UniqCweIDs returns Uniq CweIDs
+func (v CveContents) UniqCweIDs(myFamily string) (values []CveContentStr) {
+	uniq := map[string]CveContentStr{}
+	for _, cwes := range v.CweIDs(myFamily) {
+		uniq[cwes.Value] = cwes
+	}
+	for _, cwe := range uniq {
+		values = append(values, cwe)
+	}
+	return values
+}
+
+// CveContent has abstraction of various vulnerability information
+type CveContent struct {
+	Type          CveContentType    `json:"type"`
+	CveID         string            `json:"cveID"`
+	Title         string            `json:"title"`
+	Summary       string            `json:"summary"`
+	Cvss2Score    float64           `json:"cvss2Score"`
+	Cvss2Vector   string            `json:"cvss2Vector"`
+	Cvss2Severity string            `json:"cvss2Severity"`
+	Cvss3Score    float64           `json:"cvss3Score"`
+	Cvss3Vector   string            `json:"cvss3Vector"`
+	Cvss3Severity string            `json:"cvss3Severity"`
+	SourceLink    string            `json:"sourceLink"`
+	Cpes          []Cpe             `json:"cpes,omitempty"`
+	References    References        `json:"references,omitempty"`
+	CweIDs        []string          `json:"cweIDs,omitempty"`
+	Published     time.Time         `json:"published"`
+	LastModified  time.Time         `json:"lastModified"`
+	Mitigation    string            `json:"mitigation"` // RedHat API
+	Optional      map[string]string `json:"optional,omitempty"`
+}
+
+// Empty checks the content is empty
+func (c CveContent) Empty() bool {
+	return c.Summary == ""
+}
+
+// CveContentType is a source of CVE information
+type CveContentType string
+
+// NewCveContentType create CveContentType
+func NewCveContentType(name string) CveContentType {
+	switch name {
+	case "nvdxml":
+		return NvdXML
+	case "nvd":
+		return Nvd
+	case "jvn":
+		return Jvn
+	case "redhat", "centos":
+		return RedHat
+	case "oracle":
+		return Oracle
+	case "ubuntu":
+		return Ubuntu
+	case "debian":
+		return Debian
+	case "redhat_api":
+		return RedHatAPI
+	case "debian_security_tracker":
+		return DebianSecurityTracker
+	case "microsoft":
+		return Microsoft
+	default:
+		return Unknown
+	}
+}
+
+const (
+	// NvdXML is NvdXML
+	NvdXML CveContentType = "nvdxml"
+
+	// Nvd is Nvd
+	Nvd CveContentType = "nvd"
+
+	// Jvn is Jvn
+	Jvn CveContentType = "jvn"
+
+	// RedHat is RedHat
+	RedHat CveContentType = "redhat"
+
+	// RedHatAPI is RedHat
+	RedHatAPI CveContentType = "redhat_api"
+
+	// DebianSecurityTracker is Debian Secury tracker
+	DebianSecurityTracker CveContentType = "debian_security_tracker"
+
+	// Debian is Debian
+	Debian CveContentType = "debian"
+
+	// Ubuntu is Ubuntu
+	Ubuntu CveContentType = "ubuntu"
+
+	// Oracle is Oracle Linux
+	Oracle CveContentType = "oracle"
+
+	// SUSE is SUSE Linux
+	SUSE CveContentType = "suse"
+
+	// Microsoft is Microsoft
+	Microsoft CveContentType = "microsoft"
+
+	// Unknown is Unknown
+	Unknown CveContentType = "unknown"
+)
+
+// CveContentTypes has slide of CveContentType
+type CveContentTypes []CveContentType
+
+// AllCveContetTypes has all of CveContentTypes
+var AllCveContetTypes = CveContentTypes{
+	Nvd,
+	NvdXML,
+	Jvn,
+	RedHat,
+	Debian,
+	Ubuntu,
+	RedHatAPI,
+	DebianSecurityTracker,
+}
+
+// Except returns CveContentTypes except for given args
+func (c CveContentTypes) Except(excepts ...CveContentType) (excepted CveContentTypes) {
+	for _, ctype := range c {
+		found := false
+		for _, except := range excepts {
+			if ctype == except {
+				found = true
+				break
+			}
+		}
+		if !found {
+			excepted = append(excepted, ctype)
+		}
+	}
+	return
+}
+
+// Cpe is Common Platform Enumeration
+type Cpe struct {
+	URI             string `json:"uri"`
+	FormattedString string `json:"formattedString"`
+}
+
+// References is a slice of Reference
+type References []Reference
+
+// Reference has a related link of the CVE
+type Reference struct {
+	Source string `json:"source"`
+	Link   string `json:"link"`
+	RefID  string `json:"refID"`
+}
--- a/models/cvecontents_test.go
+++ b/models/cvecontents_test.go
@@ -0,0 +1,206 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+package models
+
+import (
+	"reflect"
+	"testing"
+)
+
+func TestExcept(t *testing.T) {
+	var tests = []struct {
+		in  CveContents
+		out CveContents
+	}{{
+		in: CveContents{
+			RedHat: {Type: RedHat},
+			Ubuntu: {Type: Ubuntu},
+			Debian: {Type: Debian},
+		},
+		out: CveContents{
+			RedHat: {Type: RedHat},
+		},
+	},
+	}
+	for _, tt := range tests {
+		actual := tt.in.Except(Ubuntu, Debian)
+		if !reflect.DeepEqual(tt.out, actual) {
+			t.Errorf("\nexpected: %v\n  actual: %v\n", tt.out, actual)
+		}
+	}
+}
+
+func TestSourceLinks(t *testing.T) {
+	type in struct {
+		lang  string
+		cveID string
+		cont  CveContents
+	}
+	var tests = []struct {
+		in  in
+		out []CveContentStr
+	}{
+		// lang: ja
+		{
+			in: in{
+				lang:  "ja",
+				cveID: "CVE-2017-6074",
+				cont: CveContents{
+					Jvn: {
+						Type:       Jvn,
+						SourceLink: "https://jvn.jp/vu/JVNVU93610402/",
+					},
+					RedHat: {
+						Type:       RedHat,
+						SourceLink: "https://access.redhat.com/security/cve/CVE-2017-6074",
+					},
+					NvdXML: {
+						Type:       NvdXML,
+						SourceLink: "https://nvd.nist.gov/vuln/detail/CVE-2017-6074",
+					},
+				},
+			},
+			out: []CveContentStr{
+				{
+					Type:  Jvn,
+					Value: "https://jvn.jp/vu/JVNVU93610402/",
+				},
+				{
+					Type:  NvdXML,
+					Value: "https://nvd.nist.gov/vuln/detail/CVE-2017-6074",
+				},
+				{
+					Type:  RedHat,
+					Value: "https://access.redhat.com/security/cve/CVE-2017-6074",
+				},
+			},
+		},
+		// lang: en
+		{
+			in: in{
+				lang:  "en",
+				cveID: "CVE-2017-6074",
+				cont: CveContents{
+					Jvn: {
+						Type:       Jvn,
+						SourceLink: "https://jvn.jp/vu/JVNVU93610402/",
+					},
+					RedHat: {
+						Type:       RedHat,
+						SourceLink: "https://access.redhat.com/security/cve/CVE-2017-6074",
+					},
+					NvdXML: {
+						Type:       NvdXML,
+						SourceLink: "https://nvd.nist.gov/vuln/detail/CVE-2017-6074",
+					},
+				},
+			},
+			out: []CveContentStr{
+				{
+					Type:  NvdXML,
+					Value: "https://nvd.nist.gov/vuln/detail/CVE-2017-6074",
+				},
+				{
+					Type:  RedHat,
+					Value: "https://access.redhat.com/security/cve/CVE-2017-6074",
+				},
+			},
+		},
+		// lang: empty
+		{
+			in: in{
+				lang:  "en",
+				cveID: "CVE-2017-6074",
+				cont:  CveContents{},
+			},
+			out: []CveContentStr{
+				{
+					Type:  Nvd,
+					Value: "https://nvd.nist.gov/vuln/detail/CVE-2017-6074",
+				},
+			},
+		},
+	}
+	for i, tt := range tests {
+		actual := tt.in.cont.SourceLinks(tt.in.lang, "redhat", tt.in.cveID)
+		if !reflect.DeepEqual(tt.out, actual) {
+			t.Errorf("\n[%d] expected: %v\n  actual: %v\n", i, tt.out, actual)
+		}
+	}
+}
+
+func TestVendorLink(t *testing.T) {
+	type in struct {
+		family string
+		vinfo  VulnInfo
+	}
+	var tests = []struct {
+		in  in
+		out map[string]string
+	}{
+		{
+			in: in{
+				family: "redhat",
+				vinfo: VulnInfo{
+					CveID: "CVE-2017-6074",
+					CveContents: CveContents{
+						Jvn: {
+							Type:       Jvn,
+							SourceLink: "https://jvn.jp/vu/JVNVU93610402/",
+						},
+						RedHat: {
+							Type:       RedHat,
+							SourceLink: "https://access.redhat.com/security/cve/CVE-2017-6074",
+						},
+						NvdXML: {
+							Type:       NvdXML,
+							SourceLink: "https://nvd.nist.gov/vuln/detail/CVE-2017-6074",
+						},
+					},
+				},
+			},
+			out: map[string]string{
+				"RHEL-CVE": "https://access.redhat.com/security/cve/CVE-2017-6074",
+			},
+		},
+		{
+			in: in{
+				family: "ubuntu",
+				vinfo: VulnInfo{
+					CveID: "CVE-2017-6074",
+					CveContents: CveContents{
+						RedHat: {
+							Type:       Ubuntu,
+							SourceLink: "https://access.redhat.com/security/cve/CVE-2017-6074",
+						},
+					},
+				},
+			},
+			out: map[string]string{
+				"Ubuntu-CVE": "http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-6074",
+			},
+		},
+	}
+	for _, tt := range tests {
+		actual := tt.in.vinfo.VendorLinks(tt.in.family)
+		for k := range tt.out {
+			if tt.out[k] != actual[k] {
+				t.Errorf("\nexpected: %s\n  actual: %s\n", tt.out[k], actual[k])
+			}
+		}
+	}
+}
--- a/models/models.go
+++ b/models/models.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -17,321 +17,5 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.

 package models

-import (
-	"fmt"
-	"sort"
-	"time"
-
-	"github.com/future-architect/vuls/config"
-	"github.com/jinzhu/gorm"
-	cve "github.com/kotakanbe/go-cve-dictionary/models"
-)
-
-// ScanHistory is the history of Scanning.
-type ScanHistory struct {
-	gorm.Model
-	ScanResults ScanResults
-	ScannedAt   time.Time
-}
-
-// ScanResults is slice of ScanResult.
-type ScanResults []ScanResult
-
-// Len implement Sort Interface
-func (s ScanResults) Len() int {
-	return len(s)
-}
-
-// Swap implement Sort Interface
-func (s ScanResults) Swap(i, j int) {
-	s[i], s[j] = s[j], s[i]
-}
-
-// Less implement Sort Interface
-func (s ScanResults) Less(i, j int) bool {
-	if s[i].ServerName == s[j].ServerName {
-		return s[i].Container.ContainerID < s[i].Container.ContainerID
-	}
-	return s[i].ServerName < s[j].ServerName
-}
-
-// FilterByCvssOver is filter function.
-func (s ScanResults) FilterByCvssOver() (filtered ScanResults) {
-	for _, result := range s {
-		cveInfos := []CveInfo{}
-		for _, cveInfo := range result.KnownCves {
-			if config.Conf.CvssScoreOver < cveInfo.CveDetail.CvssScore(config.Conf.Lang) {
-				cveInfos = append(cveInfos, cveInfo)
-			}
-		}
-		result.KnownCves = cveInfos
-		filtered = append(filtered, result)
-	}
-	return
-}
-
-// ScanResult has the result of scanned CVE information.
-type ScanResult struct {
-	gorm.Model    `json:"-"`
-	ScanHistoryID uint `json:"-"`
-
-	ServerName string // TOML Section key
-	//  Hostname    string
-	Family  string
-	Release string
-
-	Container Container
-
-	Platform Platform
-
-	//  Fqdn        string
-	//  NWLinks     []NWLink
-	KnownCves   []CveInfo
-	UnknownCves []CveInfo
-
-	Optional [][]interface{} `gorm:"-"`
-}
-
-// ServerInfo returns server name one line
-func (r ScanResult) ServerInfo() string {
-	hostinfo := ""
-	if r.Container.ContainerID == "" {
-		hostinfo = fmt.Sprintf(
-			"%s (%s%s)",
-			r.ServerName,
-			r.Family,
-			r.Release,
-		)
-	} else {
-		hostinfo = fmt.Sprintf(
-			"%s / %s (%s%s) on %s",
-			r.Container.Name,
-			r.Container.ContainerID,
-			r.Family,
-			r.Release,
-			r.ServerName,
-		)
-	}
-	return hostinfo
-}
-
-// ServerInfoTui returns server infromation for TUI sidebar
-func (r ScanResult) ServerInfoTui() string {
-	hostinfo := ""
-	if r.Container.ContainerID == "" {
-		hostinfo = fmt.Sprintf(
-			"%s (%s%s)",
-			r.ServerName,
-			r.Family,
-			r.Release,
-		)
-	} else {
-		hostinfo = fmt.Sprintf(
-			"|-- %s (%s%s)",
-			r.Container.Name,
-			r.Family,
-			r.Release,
-			//  r.Container.ContainerID,
-		)
-	}
-	return hostinfo
-}
-
-// CveSummary summarize the number of CVEs group by CVSSv2 Severity
-func (r ScanResult) CveSummary() string {
-	var high, middle, low, unknown int
-	cves := append(r.KnownCves, r.UnknownCves...)
-	for _, cveInfo := range cves {
-		score := cveInfo.CveDetail.CvssScore(config.Conf.Lang)
-		switch {
-		case 7.0 < score:
-			high++
-		case 4.0 < score:
-			middle++
-		case 0 < score:
-			low++
-		default:
-			unknown++
-		}
-	}
-
-	if config.Conf.IgnoreUnscoredCves {
-		return fmt.Sprintf("Total: %d (High:%d Middle:%d Low:%d)",
-			high+middle+low, high, middle, low)
-	}
-	return fmt.Sprintf("Total: %d (High:%d Middle:%d Low:%d ?:%d)",
-		high+middle+low+unknown, high, middle, low, unknown)
-}
-
-// NWLink has network link information.
-type NWLink struct {
-	gorm.Model   `json:"-"`
-	ScanResultID uint `json:"-"`
-
-	IPAddress string
-	Netmask   string
-	DevName   string
-	LinkState string
-}
-
-// CveInfos is for sorting
-type CveInfos []CveInfo
-
-func (c CveInfos) Len() int {
-	return len(c)
-}
-
-func (c CveInfos) Swap(i, j int) {
-	c[i], c[j] = c[j], c[i]
-}
-
-func (c CveInfos) Less(i, j int) bool {
-	lang := config.Conf.Lang
-	if c[i].CveDetail.CvssScore(lang) == c[j].CveDetail.CvssScore(lang) {
-		return c[i].CveDetail.CveID < c[j].CveDetail.CveID
-	}
-	return c[i].CveDetail.CvssScore(lang) > c[j].CveDetail.CvssScore(lang)
-}
-
-// CveInfo has Cve Information.
-type CveInfo struct {
-	gorm.Model   `json:"-"`
-	ScanResultID uint `json:"-"`
-
-	CveDetail        cve.CveDetail
-	Packages         []PackageInfo
-	DistroAdvisories []DistroAdvisory
-	CpeNames         []CpeName
-}
-
-// CpeName has CPE name
-type CpeName struct {
-	gorm.Model `json:"-"`
-	CveInfoID  uint `json:"-"`
-
-	Name string
-}
-
-// PackageInfoList is slice of PackageInfo
-type PackageInfoList []PackageInfo
-
-// Exists returns true if exists the name
-func (ps PackageInfoList) Exists(name string) bool {
-	for _, p := range ps {
-		if p.Name == name {
-			return true
-		}
-	}
-	return false
-}
-
-// UniqByName be uniq by name.
-func (ps PackageInfoList) UniqByName() (distincted PackageInfoList) {
-	set := make(map[string]PackageInfo)
-	for _, p := range ps {
-		set[p.Name] = p
-	}
-	//sort by key
-	keys := []string{}
-	for key := range set {
-		keys = append(keys, key)
-	}
-	sort.Strings(keys)
-	for _, key := range keys {
-		distincted = append(distincted, set[key])
-	}
-	return
-}
-
-// FindByName search PackageInfo by name
-func (ps PackageInfoList) FindByName(name string) (result PackageInfo, found bool) {
-	for _, p := range ps {
-		if p.Name == name {
-			return p, true
-		}
-	}
-	return PackageInfo{}, false
-}
-
-// Find search PackageInfo by name-version-release
-//  func (ps PackageInfoList) find(nameVersionRelease string) (PackageInfo, bool) {
-//      for _, p := range ps {
-//          joined := p.Name
-//          if 0 < len(p.Version) {
-//              joined = fmt.Sprintf("%s-%s", joined, p.Version)
-//          }
-//          if 0 < len(p.Release) {
-//              joined = fmt.Sprintf("%s-%s", joined, p.Release)
-//          }
-//          if joined == nameVersionRelease {
-//              return p, true
-//          }
-//      }
-//      return PackageInfo{}, false
-//  }
-
-// PackageInfo has installed packages.
-type PackageInfo struct {
-	gorm.Model `json:"-"`
-	CveInfoID  uint `json:"-"`
-
-	Name    string
-	Version string
-	Release string
-
-	NewVersion string
-	NewRelease string
-}
-
-// ToStringCurrentVersion returns package name-version-release
-func (p PackageInfo) ToStringCurrentVersion() string {
-	str := p.Name
-	if 0 < len(p.Version) {
-		str = fmt.Sprintf("%s-%s", str, p.Version)
-	}
-	if 0 < len(p.Release) {
-		str = fmt.Sprintf("%s-%s", str, p.Release)
-	}
-	return str
-}
-
-// ToStringNewVersion returns package name-version-release
-func (p PackageInfo) ToStringNewVersion() string {
-	str := p.Name
-	if 0 < len(p.NewVersion) {
-		str = fmt.Sprintf("%s-%s", str, p.NewVersion)
-	}
-	if 0 < len(p.NewRelease) {
-		str = fmt.Sprintf("%s-%s", str, p.NewRelease)
-	}
-	return str
-}
-
-// DistroAdvisory has Amazon Linux, RHEL, FreeBSD Security Advisory information.
-type DistroAdvisory struct {
-	gorm.Model `json:"-"`
-	CveInfoID  uint `json:"-"`
-
-	AdvisoryID string
-	Severity   string
-	Issued     time.Time
-	Updated    time.Time
-}
-
-// Container has Container information
-type Container struct {
-	gorm.Model   `json:"-"`
-	ScanResultID uint `json:"-"`
-
-	ContainerID string
-	Name        string
-}
-
-// Platform has platform information
-type Platform struct {
-	gorm.Model   `json:"-"`
-	ScanResultID uint `json:"-"`
-
-	Name       string // aws or azure or gcp or other...
-	InstanceID string
-}
+// JSONVersion is JSON Version
+const JSONVersion = 4
--- a/models/models_test.go
+++ b/models/models_test.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -16,39 +16,3 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

 package models
-
-import "testing"
-
-func TestPackageInfosUniqByName(t *testing.T) {
-	var test = struct {
-		in  PackageInfoList
-		out PackageInfoList
-	}{
-		PackageInfoList{
-			{
-				Name: "hoge",
-			},
-			{
-				Name: "fuga",
-			},
-			{
-				Name: "hoge",
-			},
-		},
-		PackageInfoList{
-			{
-				Name: "hoge",
-			},
-			{
-				Name: "fuga",
-			},
-		},
-	}
-
-	actual := test.in.UniqByName()
-	for i, ePack := range test.out {
-		if actual[i].Name == ePack.Name {
-			t.Errorf("expected %#v, actual %#v", ePack.Name, actual[i].Name)
-		}
-	}
-}
--- a/models/packages.go
+++ b/models/packages.go
@@ -0,0 +1,237 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package models
+
+import (
+	"bytes"
+	"fmt"
+	"strings"
+)
+
+// Packages is Map of Package
+// { "package-name": Package }
+type Packages map[string]Package
+
+// NewPackages create Packages
+func NewPackages(packs ...Package) Packages {
+	m := Packages{}
+	for _, pack := range packs {
+		m[pack.Name] = pack
+	}
+	return m
+}
+
+// MergeNewVersion merges candidate version information to the receiver struct
+func (ps Packages) MergeNewVersion(as Packages) {
+	for name, pack := range ps {
+		pack.NewVersion = pack.Version
+		pack.NewRelease = pack.Release
+		ps[name] = pack
+	}
+
+	for _, a := range as {
+		if pack, ok := ps[a.Name]; ok {
+			pack.NewVersion = a.NewVersion
+			pack.NewRelease = a.NewRelease
+			pack.Repository = a.Repository
+			ps[a.Name] = pack
+		}
+	}
+}
+
+// Merge returns merged map (immutable)
+func (ps Packages) Merge(other Packages) Packages {
+	merged := Packages{}
+	for k, v := range ps {
+		merged[k] = v
+	}
+	for k, v := range other {
+		merged[k] = v
+	}
+	return merged
+}
+
+// FindOne search a element
+func (ps Packages) FindOne(f func(Package) bool) (string, Package, bool) {
+	for key, p := range ps {
+		if f(p) {
+			return key, p, true
+		}
+	}
+	return "", Package{}, false
+}
+
+// FindByFQPN search a package by Fully-Qualified-Package-Name
+func (ps Packages) FindByFQPN(nameVerRelArc string) (*Package, error) {
+	for _, p := range ps {
+		if nameVerRelArc == p.FQPN() {
+			return &p, nil
+		}
+	}
+	return nil, fmt.Errorf("Failed to find the package: %s", nameVerRelArc)
+}
+
+// Package has installed binary packages.
+type Package struct {
+	Name             string               `json:"name"`
+	Version          string               `json:"version"`
+	Release          string               `json:"release"`
+	NewVersion       string               `json:"newVersion"`
+	NewRelease       string               `json:"newRelease"`
+	Arch             string               `json:"arch"`
+	Repository       string               `json:"repository"`
+	Changelog        Changelog            `json:"changelog"`
+	AffectedProcs    []AffectedProcess    `json:",omitempty"`
+	NeedRestartProcs []NeedRestartProcess `json:",omitempty"`
+}
+
+// FQPN returns Fully-Qualified-Package-Name
+// name-version-release.arch
+func (p Package) FQPN() string {
+	fqpn := p.Name
+	if p.Version != "" {
+		fqpn += fmt.Sprintf("-%s", p.Version)
+	}
+	if p.Release != "" {
+		fqpn += fmt.Sprintf("-%s", p.Release)
+	}
+	if p.Arch != "" {
+		fqpn += fmt.Sprintf(".%s", p.Arch)
+	}
+	return fqpn
+}
+
+// FormatVer returns package version-release
+func (p Package) FormatVer() string {
+	ver := p.Version
+	if 0 < len(p.Release) {
+		ver = fmt.Sprintf("%s-%s", ver, p.Release)
+	}
+	return ver
+}
+
+// FormatNewVer returns package version-release
+func (p Package) FormatNewVer() string {
+	ver := p.NewVersion
+	if 0 < len(p.NewRelease) {
+		ver = fmt.Sprintf("%s-%s", ver, p.NewRelease)
+	}
+	return ver
+}
+
+// FormatVersionFromTo formats installed and new package version
+func (p Package) FormatVersionFromTo(notFixedYet bool, status string) string {
+	to := p.FormatNewVer()
+	if notFixedYet {
+		if status != "" {
+			to = status
+		} else {
+			to = "Not Fixed Yet"
+		}
+	} else if p.NewVersion == "" {
+		to = "Unknown"
+	}
+	return fmt.Sprintf("%s-%s -> %s", p.Name, p.FormatVer(), to)
+}
+
+// FormatChangelog formats the changelog
+func (p Package) FormatChangelog() string {
+	buf := []string{}
+	packVer := fmt.Sprintf("%s-%s -> %s",
+		p.Name, p.FormatVer(), p.FormatNewVer())
+	var delim bytes.Buffer
+	for i := 0; i < len(packVer); i++ {
+		delim.WriteString("-")
+	}
+
+	clog := p.Changelog.Contents
+	if lines := strings.Split(clog, "\n"); len(lines) != 0 {
+		clog = strings.Join(lines[0:len(lines)-1], "\n")
+	}
+
+	switch p.Changelog.Method {
+	case FailedToGetChangelog:
+		clog = "No changelogs"
+	case FailedToFindVersionInChangelog:
+		clog = "Failed to parse changelogs. For details, check yourself"
+	}
+	buf = append(buf, packVer, delim.String(), clog)
+	return strings.Join(buf, "\n")
+}
+
+// Changelog has contents of changelog and how to get it.
+// Method: models.detectionMethodStr
+type Changelog struct {
+	Contents string          `json:"contents"`
+	Method   DetectionMethod `json:"method"`
+}
+
+// AffectedProcess keep a processes information affected by software update
+type AffectedProcess struct {
+	PID  string `json:"pid"`
+	Name string `json:"name"`
+}
+
+// NeedRestartProcess keep a processes information affected by software update
+type NeedRestartProcess struct {
+	PID         string `json:"pid"`
+	Path        string `json:"path"`
+	ServiceName string `json:"serviceName"`
+	InitSystem  string `json:"initSystem"`
+	HasInit     bool   `json:"-"`
+}
+
+// SrcPackage has installed source package information.
+// Debian based Linux has both of package and source information in dpkg.
+// OVAL database often includes a source version (Not a binary version),
+// so it is also needed to capture source version for OVAL version comparison.
+// https://github.com/future-architect/vuls/issues/504
+type SrcPackage struct {
+	Name        string   `json:"name"`
+	Version     string   `json:"version"`
+	BinaryNames []string `json:"binaryNames"`
+}
+
+// AddBinaryName add the name if not exists
+func (s *SrcPackage) AddBinaryName(name string) {
+	found := false
+	for _, n := range s.BinaryNames {
+		if n == name {
+			return
+		}
+	}
+	if !found {
+		s.BinaryNames = append(s.BinaryNames, name)
+	}
+}
+
+// SrcPackages is Map of SrcPackage
+// { "package-name": SrcPackage }
+type SrcPackages map[string]SrcPackage
+
+// FindByBinName finds by bin-package-name
+func (s SrcPackages) FindByBinName(name string) (*SrcPackage, bool) {
+	for _, p := range s {
+		for _, binName := range p.BinaryNames {
+			if binName == name {
+				return &p, true
+			}
+		}
+	}
+	return nil, false
+}
--- a/models/packages_test.go
+++ b/models/packages_test.go
@@ -0,0 +1,193 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+package models
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/k0kubun/pp"
+)
+
+func TestMergeNewVersion(t *testing.T) {
+	var test = struct {
+		a        Packages
+		b        Packages
+		expected Packages
+	}{
+		Packages{
+			"hoge": {
+				Name: "hoge",
+			},
+		},
+		Packages{
+			"hoge": {
+				Name:       "hoge",
+				NewVersion: "1.0.0",
+				NewRelease: "release1",
+			},
+		},
+		Packages{
+			"hoge": {
+				Name:       "hoge",
+				NewVersion: "1.0.0",
+				NewRelease: "release1",
+			},
+		},
+	}
+
+	test.a.MergeNewVersion(test.b)
+	if !reflect.DeepEqual(test.a, test.expected) {
+		e := pp.Sprintf("%v", test.a)
+		a := pp.Sprintf("%v", test.expected)
+		t.Errorf("expected %s, actual %s", e, a)
+	}
+}
+
+func TestMerge(t *testing.T) {
+	var test = struct {
+		a        Packages
+		b        Packages
+		expected Packages
+	}{
+		Packages{
+			"hoge": {Name: "hoge"},
+			"fuga": {Name: "fuga"},
+		},
+		Packages{
+			"hega": {Name: "hega"},
+			"hage": {Name: "hage"},
+		},
+		Packages{
+			"hoge": {Name: "hoge"},
+			"fuga": {Name: "fuga"},
+			"hega": {Name: "hega"},
+			"hage": {Name: "hage"},
+		},
+	}
+
+	actual := test.a.Merge(test.b)
+	if !reflect.DeepEqual(actual, test.expected) {
+		e := pp.Sprintf("%v", test.expected)
+		a := pp.Sprintf("%v", actual)
+		t.Errorf("expected %s, actual %s", e, a)
+	}
+}
+
+func TestAddBinaryName(t *testing.T) {
+	var tests = []struct {
+		in       SrcPackage
+		name     string
+		expected SrcPackage
+	}{
+		{
+			SrcPackage{Name: "hoge"},
+			"curl",
+			SrcPackage{
+				Name:        "hoge",
+				BinaryNames: []string{"curl"},
+			},
+		},
+		{
+			SrcPackage{
+				Name:        "hoge",
+				BinaryNames: []string{"curl"},
+			},
+			"curl",
+			SrcPackage{
+				Name:        "hoge",
+				BinaryNames: []string{"curl"},
+			},
+		},
+		{
+			SrcPackage{
+				Name:        "hoge",
+				BinaryNames: []string{"curl"},
+			},
+			"openssh",
+			SrcPackage{
+				Name:        "hoge",
+				BinaryNames: []string{"curl", "openssh"},
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		tt.in.AddBinaryName(tt.name)
+		if !reflect.DeepEqual(tt.in, tt.expected) {
+			t.Errorf("expected %#v, actual %#v", tt.in, tt.expected)
+		}
+	}
+}
+
+func TestFindByBinName(t *testing.T) {
+	var tests = []struct {
+		in       SrcPackages
+		name     string
+		expected *SrcPackage
+		ok       bool
+	}{
+		{
+			in: map[string]SrcPackage{
+				"packA": {
+					Name:        "srcA",
+					BinaryNames: []string{"binA"},
+					Version:     "1.0.0",
+				},
+				"packB": {
+					Name:        "srcB",
+					BinaryNames: []string{"binB"},
+					Version:     "2.0.0",
+				},
+			},
+			name: "binA",
+			expected: &SrcPackage{
+				Name:        "srcA",
+				BinaryNames: []string{"binA"},
+				Version:     "1.0.0",
+			},
+			ok: true,
+		},
+		{
+			in: map[string]SrcPackage{
+				"packA": {
+					Name:        "srcA",
+					BinaryNames: []string{"binA"},
+					Version:     "1.0.0",
+				},
+				"packB": {
+					Name:        "srcB",
+					BinaryNames: []string{"binB"},
+					Version:     "2.0.0",
+				},
+			},
+			name:     "nobin",
+			expected: nil,
+			ok:       false,
+		},
+	}
+
+	for i, tt := range tests {
+		act, ok := tt.in.FindByBinName(tt.name)
+		if ok != tt.ok {
+			t.Errorf("[%d] expected %#v, actual %#v", i, tt.in, tt.expected)
+		}
+		if act != nil && !reflect.DeepEqual(*tt.expected, *act) {
+			t.Errorf("[%d] expected %#v, actual %#v", i, tt.in, tt.expected)
+		}
+	}
+}
--- a/models/scanresults.go
+++ b/models/scanresults.go
@@ -0,0 +1,439 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package models
+
+import (
+	"bytes"
+	"fmt"
+	"regexp"
+	"strings"
+	"time"
+
+	"github.com/future-architect/vuls/alert"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/cwe"
+	"github.com/future-architect/vuls/util"
+)
+
+// ScanResults is a slide of ScanResult
+type ScanResults []ScanResult
+
+// ScanResult has the result of scanned CVE information.
+type ScanResult struct {
+	JSONVersion      int                    `json:"jsonVersion"`
+	Lang             string                 `json:"lang"`
+	ServerUUID       string                 `json:"serverUUID"`
+	ServerName       string                 `json:"serverName"` // TOML Section key
+	Family           string                 `json:"family"`
+	Release          string                 `json:"release"`
+	Container        Container              `json:"container"`
+	Platform         Platform               `json:"platform"`
+	IPv4Addrs        []string               `json:"ipv4Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
+	IPv6Addrs        []string               `json:"ipv6Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
+	ScannedAt        time.Time              `json:"scannedAt"`
+	ScanMode         string                 `json:"scanMode"`
+	ScannedVersion   string                 `json:"scannedVersion"`
+	ScannedRevision  string                 `json:"scannedRevision"`
+	ScannedBy        string                 `json:"scannedBy"`
+	ScannedIPv4Addrs []string               `json:"scannedIpv4Addrs"`
+	ScannedIPv6Addrs []string               `json:"scannedIpv6Addrs"`
+	ReportedAt       time.Time              `json:"reportedAt"`
+	ReportedVersion  string                 `json:"reportedVersion"`
+	ReportedRevision string                 `json:"reportedRevision"`
+	ReportedBy       string                 `json:"reportedBy"`
+	ScannedCves      VulnInfos              `json:"scannedCves"`
+	RunningKernel    Kernel                 `json:"runningKernel"`
+	Packages         Packages               `json:"packages"`
+	CweDict          CweDict                `json:"cweDict"`
+	Optional         map[string]interface{} `json:",omitempty"`
+	SrcPackages      SrcPackages            `json:",omitempty"`
+	Errors           []string               `json:"errors"`
+	Config           struct {
+		Scan   config.Config `json:"scan"`
+		Report config.Config `json:"report"`
+	} `json:"config"`
+}
+
+// CweDict is a dictionary for CWE
+type CweDict map[string]CweDictEntry
+
+// Get the name, url, top10URL for the specified cweID, lang
+func (c CweDict) Get(cweID, lang string) (name, url, top10Rank, top10URL string) {
+	cweNum := strings.TrimPrefix(cweID, "CWE-")
+	switch config.Conf.Lang {
+	case "ja":
+		if dict, ok := c[cweNum]; ok && dict.OwaspTopTen2017 != "" {
+			top10Rank = dict.OwaspTopTen2017
+			top10URL = cwe.OwaspTopTen2017GitHubURLJa[dict.OwaspTopTen2017]
+		}
+		if dict, ok := cwe.CweDictJa[cweNum]; ok {
+			name = dict.Name
+			url = fmt.Sprintf("http://jvndb.jvn.jp/ja/cwe/%s.html", cweID)
+		} else {
+			if dict, ok := cwe.CweDictEn[cweNum]; ok {
+				name = dict.Name
+			}
+			url = fmt.Sprintf("https://cwe.mitre.org/data/definitions/%s.html", cweID)
+		}
+	default:
+		if dict, ok := c[cweNum]; ok && dict.OwaspTopTen2017 != "" {
+			top10Rank = dict.OwaspTopTen2017
+			top10URL = cwe.OwaspTopTen2017GitHubURLEn[dict.OwaspTopTen2017]
+		}
+		url = fmt.Sprintf("https://cwe.mitre.org/data/definitions/%s.html", cweID)
+		if dict, ok := cwe.CweDictEn[cweNum]; ok {
+			name = dict.Name
+		}
+	}
+	return
+}
+
+// CweDictEntry is a entry of CWE
+type CweDictEntry struct {
+	En              *cwe.Cwe `json:"en,omitempty"`
+	Ja              *cwe.Cwe `json:"ja,omitempty"`
+	OwaspTopTen2017 string   `json:"owaspTopTen2017"`
+}
+
+// GetAlertsByCveID return alerts fetched by cveID
+func GetAlertsByCveID(cveID string, lang string) (alerts []alert.Alert) {
+	alerts = alert.GenerateAlertDict(cveID, lang)
+	return alerts
+}
+
+// Kernel has the Release, version and whether need restart
+type Kernel struct {
+	Release        string `json:"release"`
+	Version        string `json:"version"`
+	RebootRequired bool   `json:"rebootRequired"`
+}
+
+// FilterByCvssOver is filter function.
+func (r ScanResult) FilterByCvssOver(over float64) ScanResult {
+	filtered := r.ScannedCves.Find(func(v VulnInfo) bool {
+		v2Max := v.MaxCvss2Score()
+		v3Max := v.MaxCvss3Score()
+		max := v2Max.Value.Score
+		if max < v3Max.Value.Score {
+			max = v3Max.Value.Score
+		}
+		if over <= max {
+			return true
+		}
+		return false
+	})
+	r.ScannedCves = filtered
+	return r
+}
+
+// FilterIgnoreCves is filter function.
+func (r ScanResult) FilterIgnoreCves() ScanResult {
+
+	ignoreCves := []string{}
+	if len(r.Container.Name) == 0 {
+		ignoreCves = config.Conf.Servers[r.ServerName].IgnoreCves
+	} else {
+		if s, ok := config.Conf.Servers[r.ServerName]; ok {
+			if con, ok := s.Containers[r.Container.Name]; ok {
+				ignoreCves = con.IgnoreCves
+			} else {
+				util.Log.Errorf("%s is not found in config.toml",
+					r.Container.Name)
+				return r
+			}
+		} else {
+			util.Log.Errorf("%s is not found in config.toml",
+				r.ServerName)
+			return r
+		}
+	}
+
+	filtered := r.ScannedCves.Find(func(v VulnInfo) bool {
+		for _, c := range ignoreCves {
+			if v.CveID == c {
+				return false
+			}
+		}
+		return true
+	})
+	r.ScannedCves = filtered
+	return r
+}
+
+// FilterUnfixed is filter function.
+func (r ScanResult) FilterUnfixed() ScanResult {
+	if !config.Conf.IgnoreUnfixed {
+		return r
+	}
+	filtered := r.ScannedCves.Find(func(v VulnInfo) bool {
+		if len(v.CpeURIs) != 0 {
+			return true
+		}
+		NotFixedAll := true
+		for _, p := range v.AffectedPackages {
+			NotFixedAll = NotFixedAll && p.NotFixedYet
+		}
+		return !NotFixedAll
+	})
+	r.ScannedCves = filtered
+	return r
+}
+
+// FilterIgnorePkgs is filter function.
+func (r ScanResult) FilterIgnorePkgs() ScanResult {
+	ignorePkgsRegexps := []string{}
+	if len(r.Container.Name) == 0 {
+		ignorePkgsRegexps = config.Conf.Servers[r.ServerName].IgnorePkgsRegexp
+	} else {
+		if s, ok := config.Conf.Servers[r.ServerName]; ok {
+			if con, ok := s.Containers[r.Container.Name]; ok {
+				ignorePkgsRegexps = con.IgnorePkgsRegexp
+			} else {
+				util.Log.Errorf("%s is not found in config.toml",
+					r.Container.Name)
+				return r
+			}
+		} else {
+			util.Log.Errorf("%s is not found in config.toml",
+				r.ServerName)
+			return r
+		}
+	}
+
+	regexps := []*regexp.Regexp{}
+	for _, pkgRegexp := range ignorePkgsRegexps {
+		re, err := regexp.Compile(pkgRegexp)
+		if err != nil {
+			util.Log.Errorf("Faild to parse %s, %s", pkgRegexp, err)
+			continue
+		} else {
+			regexps = append(regexps, re)
+		}
+	}
+	if len(regexps) == 0 {
+		return r
+	}
+
+	filtered := r.ScannedCves.Find(func(v VulnInfo) bool {
+		if len(v.AffectedPackages) == 0 {
+			return true
+		}
+		for _, p := range v.AffectedPackages {
+			match := false
+			for _, re := range regexps {
+				if re.MatchString(p.Name) {
+					match = true
+				}
+			}
+			if !match {
+				return true
+			}
+		}
+		return false
+	})
+
+	r.ScannedCves = filtered
+	return r
+}
+
+// ReportFileName returns the filename on localhost without extention
+func (r ScanResult) ReportFileName() (name string) {
+	if len(r.Container.ContainerID) == 0 {
+		return fmt.Sprintf("%s", r.ServerName)
+	}
+	return fmt.Sprintf("%s@%s", r.Container.Name, r.ServerName)
+}
+
+// ReportKeyName returns the name of key on S3, Azure-Blob without extention
+func (r ScanResult) ReportKeyName() (name string) {
+	timestr := r.ScannedAt.Format(time.RFC3339)
+	if len(r.Container.ContainerID) == 0 {
+		return fmt.Sprintf("%s/%s", timestr, r.ServerName)
+	}
+	return fmt.Sprintf("%s/%s@%s", timestr, r.Container.Name, r.ServerName)
+}
+
+// ServerInfo returns server name one line
+func (r ScanResult) ServerInfo() string {
+	if len(r.Container.ContainerID) == 0 {
+		return fmt.Sprintf("%s (%s%s)",
+			r.FormatServerName(), r.Family, r.Release)
+	}
+	return fmt.Sprintf(
+		"%s (%s%s) on %s",
+		r.FormatServerName(),
+		r.Family,
+		r.Release,
+		r.ServerName,
+	)
+}
+
+// ServerInfoTui returns server information for TUI sidebar
+func (r ScanResult) ServerInfoTui() string {
+	if len(r.Container.ContainerID) == 0 {
+		line := fmt.Sprintf("%s (%s%s)",
+			r.ServerName, r.Family, r.Release)
+		if r.RunningKernel.RebootRequired {
+			return "[Reboot] " + line
+		}
+		return line
+	}
+
+	fmtstr := "|-- %s (%s%s)"
+	if r.RunningKernel.RebootRequired {
+		fmtstr = "|-- [Reboot] %s (%s%s)"
+	}
+	return fmt.Sprintf(fmtstr, r.Container.Name, r.Family, r.Release)
+}
+
+// FormatServerName returns server and container name
+func (r ScanResult) FormatServerName() (name string) {
+	if len(r.Container.ContainerID) == 0 {
+		name = r.ServerName
+	} else {
+		name = fmt.Sprintf("%s@%s",
+			r.Container.Name, r.ServerName)
+	}
+	if r.RunningKernel.RebootRequired {
+		name = "[Reboot Required] " + name
+	}
+	return
+}
+
+// FormatTextReportHeadedr returns header of text report
+func (r ScanResult) FormatTextReportHeadedr() string {
+	var buf bytes.Buffer
+	for i := 0; i < len(r.ServerInfo()); i++ {
+		buf.WriteString("=")
+	}
+
+	return fmt.Sprintf("%s\n%s\n%s, %s, %s, %s, %s\n",
+		r.ServerInfo(),
+		buf.String(),
+		r.ScannedCves.FormatCveSummary(),
+		r.ScannedCves.FormatFixedStatus(r.Packages),
+		r.FormatUpdatablePacksSummary(),
+		r.FormatExploitCveSummary(),
+		r.FormatAlertSummary(),
+	)
+}
+
+// FormatUpdatablePacksSummary returns a summary of updatable packages
+func (r ScanResult) FormatUpdatablePacksSummary() string {
+	if !r.isDisplayUpdatableNum() {
+		return fmt.Sprintf("%d installed", len(r.Packages))
+	}
+
+	nUpdatable := 0
+	for _, p := range r.Packages {
+		if p.NewVersion == "" {
+			continue
+		}
+		if p.Version != p.NewVersion || p.Release != p.NewRelease {
+			nUpdatable++
+		}
+	}
+	return fmt.Sprintf("%d installed, %d updatable",
+		len(r.Packages),
+		nUpdatable)
+}
+
+// FormatExploitCveSummary returns a summary of exploit cve
+func (r ScanResult) FormatExploitCveSummary() string {
+	nExploitCve := 0
+	for _, vuln := range r.ScannedCves {
+		if 0 < len(vuln.Exploits) {
+			nExploitCve++
+		}
+	}
+	return fmt.Sprintf("%d exploits", nExploitCve)
+}
+
+// FormatAlertSummary returns a summary of XCERT alerts
+func (r ScanResult) FormatAlertSummary() string {
+	jaCnt := 0
+	enCnt := 0
+	for _, vuln := range r.ScannedCves {
+		if len(vuln.AlertDict.En) > 0 {
+			enCnt += len(vuln.AlertDict.En)
+		}
+		if len(vuln.AlertDict.Ja) > 0 {
+			jaCnt += len(vuln.AlertDict.Ja)
+		}
+	}
+	return fmt.Sprintf("en: %d, ja: %d alerts", enCnt, jaCnt)
+}
+
+func (r ScanResult) isDisplayUpdatableNum() bool {
+	var mode config.ScanMode
+	s, _ := config.Conf.Servers[r.ServerName]
+	mode = s.Mode
+
+	if mode.IsOffline() {
+		return false
+	}
+	if mode.IsFastRoot() || mode.IsDeep() {
+		return true
+	}
+	if mode.IsFast() {
+		switch r.Family {
+		case config.RedHat,
+			config.Oracle,
+			config.Debian,
+			config.Ubuntu,
+			config.Raspbian:
+			return false
+		default:
+			return true
+		}
+	}
+	return false
+}
+
+// IsContainer returns whether this ServerInfo is about container
+func (r ScanResult) IsContainer() bool {
+	return 0 < len(r.Container.ContainerID)
+}
+
+// IsDeepScanMode checks if the scan mode is deep scan mode.
+func (r ScanResult) IsDeepScanMode() bool {
+	for _, s := range r.Config.Scan.Servers {
+		for _, m := range s.ScanMode {
+			if m == "deep" {
+				return true
+			}
+		}
+	}
+	return false
+}
+
+// Container has Container information
+type Container struct {
+	ContainerID string `json:"containerID"`
+	Name        string `json:"name"`
+	Image       string `json:"image"`
+	Type        string `json:"type"`
+	UUID        string `json:"uuid"`
+}
+
+// Platform has platform information
+type Platform struct {
+	Name       string `json:"name"` // aws or azure or gcp or other...
+	InstanceID string `json:"instanceID"`
+}
--- a/models/scanresults_test.go
+++ b/models/scanresults_test.go
@@ -0,0 +1,738 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+package models
+
+import (
+	"reflect"
+	"testing"
+	"time"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/k0kubun/pp"
+)
+
+func TestFilterByCvssOver(t *testing.T) {
+	type in struct {
+		over float64
+		rs   ScanResult
+	}
+	var tests = []struct {
+		in  in
+		out ScanResult
+	}{
+		{
+			in: in{
+				over: 7.0,
+				rs: ScanResult{
+					ScannedCves: VulnInfos{
+						"CVE-2017-0001": {
+							CveID: "CVE-2017-0001",
+							CveContents: NewCveContents(
+								CveContent{
+									Type:         NvdXML,
+									CveID:        "CVE-2017-0001",
+									Cvss2Score:   7.1,
+									LastModified: time.Time{},
+								},
+							),
+						},
+						"CVE-2017-0002": {
+							CveID: "CVE-2017-0002",
+							CveContents: NewCveContents(
+								CveContent{
+									Type:         NvdXML,
+									CveID:        "CVE-2017-0002",
+									Cvss2Score:   6.9,
+									LastModified: time.Time{},
+								},
+							),
+						},
+						"CVE-2017-0003": {
+							CveID: "CVE-2017-0003",
+							CveContents: NewCveContents(
+								CveContent{
+									Type:         NvdXML,
+									CveID:        "CVE-2017-0003",
+									Cvss2Score:   6.9,
+									LastModified: time.Time{},
+								},
+								CveContent{
+									Type:         Jvn,
+									CveID:        "CVE-2017-0003",
+									Cvss2Score:   7.2,
+									LastModified: time.Time{},
+								},
+							),
+						},
+					},
+				},
+			},
+			out: ScanResult{
+				ScannedCves: VulnInfos{
+					"CVE-2017-0001": {
+						CveID: "CVE-2017-0001",
+						CveContents: NewCveContents(
+							CveContent{
+								Type:         NvdXML,
+								CveID:        "CVE-2017-0001",
+								Cvss2Score:   7.1,
+								LastModified: time.Time{},
+							},
+						),
+					},
+					"CVE-2017-0003": {
+						CveID: "CVE-2017-0003",
+						CveContents: NewCveContents(
+							CveContent{
+								Type:         NvdXML,
+								CveID:        "CVE-2017-0003",
+								Cvss2Score:   6.9,
+								LastModified: time.Time{},
+							},
+							CveContent{
+								Type:         Jvn,
+								CveID:        "CVE-2017-0003",
+								Cvss2Score:   7.2,
+								LastModified: time.Time{},
+							},
+						),
+					},
+				},
+			},
+		},
+		// OVAL Severity
+		{
+			in: in{
+				over: 7.0,
+				rs: ScanResult{
+					ScannedCves: VulnInfos{
+						"CVE-2017-0001": {
+							CveID: "CVE-2017-0001",
+							CveContents: NewCveContents(
+								CveContent{
+									Type:          Ubuntu,
+									CveID:         "CVE-2017-0001",
+									Cvss2Severity: "HIGH",
+									LastModified:  time.Time{},
+								},
+							),
+						},
+						"CVE-2017-0002": {
+							CveID: "CVE-2017-0002",
+							CveContents: NewCveContents(
+								CveContent{
+									Type:          RedHat,
+									CveID:         "CVE-2017-0002",
+									Cvss2Severity: "CRITICAL",
+									LastModified:  time.Time{},
+								},
+							),
+						},
+						"CVE-2017-0003": {
+							CveID: "CVE-2017-0003",
+							CveContents: NewCveContents(
+								CveContent{
+									Type:          Oracle,
+									CveID:         "CVE-2017-0003",
+									Cvss2Severity: "IMPORTANT",
+									LastModified:  time.Time{},
+								},
+							),
+						},
+					},
+				},
+			},
+			out: ScanResult{
+				ScannedCves: VulnInfos{
+					"CVE-2017-0001": {
+						CveID: "CVE-2017-0001",
+						CveContents: NewCveContents(
+							CveContent{
+								Type:          Ubuntu,
+								CveID:         "CVE-2017-0001",
+								Cvss2Severity: "HIGH",
+								LastModified:  time.Time{},
+							},
+						),
+					},
+					"CVE-2017-0002": {
+						CveID: "CVE-2017-0002",
+						CveContents: NewCveContents(
+							CveContent{
+								Type:          RedHat,
+								CveID:         "CVE-2017-0002",
+								Cvss2Severity: "CRITICAL",
+								LastModified:  time.Time{},
+							},
+						),
+					},
+					"CVE-2017-0003": {
+						CveID: "CVE-2017-0003",
+						CveContents: NewCveContents(
+							CveContent{
+								Type:          Oracle,
+								CveID:         "CVE-2017-0003",
+								Cvss2Severity: "IMPORTANT",
+								LastModified:  time.Time{},
+							},
+						),
+					},
+				},
+			},
+		},
+	}
+	for _, tt := range tests {
+		actual := tt.in.rs.FilterByCvssOver(tt.in.over)
+		for k := range tt.out.ScannedCves {
+			if !reflect.DeepEqual(tt.out.ScannedCves[k], actual.ScannedCves[k]) {
+				o := pp.Sprintf("%v", tt.out.ScannedCves[k])
+				a := pp.Sprintf("%v", actual.ScannedCves[k])
+				t.Errorf("[%s] expected: %v\n  actual: %v\n", k, o, a)
+			}
+		}
+	}
+}
+func TestFilterIgnoreCveIDs(t *testing.T) {
+	type in struct {
+		cves []string
+		rs   ScanResult
+	}
+	var tests = []struct {
+		in  in
+		out ScanResult
+	}{
+		{
+			in: in{
+				cves: []string{"CVE-2017-0002"},
+				rs: ScanResult{
+					ServerName: "name",
+					ScannedCves: VulnInfos{
+						"CVE-2017-0001": {
+							CveID: "CVE-2017-0001",
+						},
+						"CVE-2017-0002": {
+							CveID: "CVE-2017-0002",
+						},
+						"CVE-2017-0003": {
+							CveID: "CVE-2017-0003",
+						},
+					},
+				},
+			},
+			out: ScanResult{
+				ServerName: "name",
+				ScannedCves: VulnInfos{
+					"CVE-2017-0001": {
+						CveID: "CVE-2017-0001",
+					},
+					"CVE-2017-0003": {
+						CveID: "CVE-2017-0003",
+					},
+				},
+			},
+		},
+	}
+	for _, tt := range tests {
+		config.Conf.Servers = map[string]config.ServerInfo{
+			"name": {IgnoreCves: tt.in.cves},
+		}
+		actual := tt.in.rs.FilterIgnoreCves()
+		for k := range tt.out.ScannedCves {
+			if !reflect.DeepEqual(tt.out.ScannedCves[k], actual.ScannedCves[k]) {
+				o := pp.Sprintf("%v", tt.out.ScannedCves[k])
+				a := pp.Sprintf("%v", actual.ScannedCves[k])
+				t.Errorf("[%s] expected: %v\n  actual: %v\n", k, o, a)
+			}
+		}
+		for k := range actual.ScannedCves {
+			if !reflect.DeepEqual(tt.out.ScannedCves[k], actual.ScannedCves[k]) {
+				o := pp.Sprintf("%v", tt.out.ScannedCves[k])
+				a := pp.Sprintf("%v", actual.ScannedCves[k])
+				t.Errorf("[%s] expected: %v\n  actual: %v\n", k, o, a)
+			}
+		}
+	}
+}
+
+func TestFilterIgnoreCveIDsContainer(t *testing.T) {
+	type in struct {
+		cves []string
+		rs   ScanResult
+	}
+	var tests = []struct {
+		in  in
+		out ScanResult
+	}{
+		{
+			in: in{
+				cves: []string{"CVE-2017-0002"},
+				rs: ScanResult{
+					ServerName: "name",
+					Container:  Container{Name: "dockerA"},
+					ScannedCves: VulnInfos{
+						"CVE-2017-0001": {
+							CveID: "CVE-2017-0001",
+						},
+						"CVE-2017-0002": {
+							CveID: "CVE-2017-0002",
+						},
+						"CVE-2017-0003": {
+							CveID: "CVE-2017-0003",
+						},
+					},
+				},
+			},
+			out: ScanResult{
+				ServerName: "name",
+				Container:  Container{Name: "dockerA"},
+				ScannedCves: VulnInfos{
+					"CVE-2017-0001": {
+						CveID: "CVE-2017-0001",
+					},
+					"CVE-2017-0003": {
+						CveID: "CVE-2017-0003",
+					},
+				},
+			},
+		},
+	}
+	for _, tt := range tests {
+		config.Conf.Servers = map[string]config.ServerInfo{
+			"name": {
+				Containers: map[string]config.ContainerSetting{
+					"dockerA": {
+						IgnoreCves: tt.in.cves,
+					},
+				},
+			},
+		}
+		actual := tt.in.rs.FilterIgnoreCves()
+		for k := range tt.out.ScannedCves {
+			if !reflect.DeepEqual(tt.out.ScannedCves[k], actual.ScannedCves[k]) {
+				o := pp.Sprintf("%v", tt.out.ScannedCves[k])
+				a := pp.Sprintf("%v", actual.ScannedCves[k])
+				t.Errorf("[%s] expected: %v\n  actual: %v\n", k, o, a)
+			}
+		}
+		for k := range actual.ScannedCves {
+			if !reflect.DeepEqual(tt.out.ScannedCves[k], actual.ScannedCves[k]) {
+				o := pp.Sprintf("%v", tt.out.ScannedCves[k])
+				a := pp.Sprintf("%v", actual.ScannedCves[k])
+				t.Errorf("[%s] expected: %v\n  actual: %v\n", k, o, a)
+			}
+		}
+	}
+}
+
+func TestFilterUnfixed(t *testing.T) {
+	var tests = []struct {
+		in  ScanResult
+		out ScanResult
+	}{
+		{
+			in: ScanResult{
+				ScannedCves: VulnInfos{
+					"CVE-2017-0001": {
+						CveID: "CVE-2017-0001",
+						AffectedPackages: PackageStatuses{
+							{
+								Name:        "a",
+								NotFixedYet: true,
+							},
+						},
+					},
+					"CVE-2017-0002": {
+						CveID: "CVE-2017-0002",
+						AffectedPackages: PackageStatuses{
+							{
+								Name:        "b",
+								NotFixedYet: false,
+							},
+						},
+					},
+					"CVE-2017-0003": {
+						CveID: "CVE-2017-0003",
+						AffectedPackages: PackageStatuses{
+							{
+								Name:        "c",
+								NotFixedYet: true,
+							},
+							{
+								Name:        "d",
+								NotFixedYet: false,
+							},
+						},
+					},
+				},
+			},
+			out: ScanResult{
+				ScannedCves: VulnInfos{
+					"CVE-2017-0002": {
+						CveID: "CVE-2017-0002",
+						AffectedPackages: PackageStatuses{
+							{
+								Name:        "b",
+								NotFixedYet: false,
+							},
+						},
+					},
+					"CVE-2017-0003": {
+						CveID: "CVE-2017-0003",
+						AffectedPackages: PackageStatuses{
+							{
+								Name:        "c",
+								NotFixedYet: true,
+							},
+							{
+								Name:        "d",
+								NotFixedYet: false,
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+	for i, tt := range tests {
+		config.Conf.IgnoreUnfixed = true
+		actual := tt.in.FilterUnfixed()
+		if !reflect.DeepEqual(tt.out.ScannedCves, actual.ScannedCves) {
+			o := pp.Sprintf("%v", tt.out.ScannedCves)
+			a := pp.Sprintf("%v", actual.ScannedCves)
+			t.Errorf("[%d] expected: %v\n  actual: %v\n", i, o, a)
+		}
+	}
+}
+
+func TestFilterIgnorePkgs(t *testing.T) {
+	type in struct {
+		ignorePkgsRegexp []string
+		rs               ScanResult
+	}
+	var tests = []struct {
+		in  in
+		out ScanResult
+	}{
+		{
+			in: in{
+				ignorePkgsRegexp: []string{"^kernel"},
+				rs: ScanResult{
+					ServerName: "name",
+					ScannedCves: VulnInfos{
+						"CVE-2017-0001": {
+							CveID: "CVE-2017-0001",
+							AffectedPackages: PackageStatuses{
+								{Name: "kernel"},
+							},
+						},
+						"CVE-2017-0002": {
+							CveID: "CVE-2017-0002",
+						},
+					},
+				},
+			},
+			out: ScanResult{
+				ServerName: "name",
+				ScannedCves: VulnInfos{
+					"CVE-2017-0002": {
+						CveID: "CVE-2017-0002",
+					},
+				},
+			},
+		},
+		{
+			in: in{
+				ignorePkgsRegexp: []string{"^kernel"},
+				rs: ScanResult{
+					ServerName: "name",
+					ScannedCves: VulnInfos{
+						"CVE-2017-0001": {
+							CveID: "CVE-2017-0001",
+							AffectedPackages: PackageStatuses{
+								{Name: "kernel"},
+								{Name: "vim"},
+							},
+						},
+					},
+				},
+			},
+			out: ScanResult{
+				ServerName: "name",
+				ScannedCves: VulnInfos{
+					"CVE-2017-0001": {
+						CveID: "CVE-2017-0001",
+						AffectedPackages: PackageStatuses{
+							{Name: "kernel"},
+							{Name: "vim"},
+						},
+					},
+				},
+			},
+		},
+		{
+			in: in{
+				ignorePkgsRegexp: []string{"^kernel", "^vim", "^bind"},
+				rs: ScanResult{
+					ServerName: "name",
+					ScannedCves: VulnInfos{
+						"CVE-2017-0001": {
+							CveID: "CVE-2017-0001",
+							AffectedPackages: PackageStatuses{
+								{Name: "kernel"},
+								{Name: "vim"},
+							},
+						},
+					},
+				},
+			},
+			out: ScanResult{
+				ServerName:  "name",
+				ScannedCves: VulnInfos{},
+			},
+		},
+	}
+	for _, tt := range tests {
+		config.Conf.Servers = map[string]config.ServerInfo{
+			"name": {IgnorePkgsRegexp: tt.in.ignorePkgsRegexp},
+		}
+		actual := tt.in.rs.FilterIgnorePkgs()
+		for k := range tt.out.ScannedCves {
+			if !reflect.DeepEqual(tt.out.ScannedCves[k], actual.ScannedCves[k]) {
+				o := pp.Sprintf("%v", tt.out.ScannedCves[k])
+				a := pp.Sprintf("%v", actual.ScannedCves[k])
+				t.Errorf("[%s] expected: %v\n  actual: %v\n", k, o, a)
+			}
+		}
+		for k := range actual.ScannedCves {
+			if !reflect.DeepEqual(tt.out.ScannedCves[k], actual.ScannedCves[k]) {
+				o := pp.Sprintf("%v", tt.out.ScannedCves[k])
+				a := pp.Sprintf("%v", actual.ScannedCves[k])
+				t.Errorf("[%s] expected: %v\n  actual: %v\n", k, o, a)
+			}
+		}
+	}
+}
+
+func TestFilterIgnorePkgsContainer(t *testing.T) {
+	type in struct {
+		ignorePkgsRegexp []string
+		rs               ScanResult
+	}
+	var tests = []struct {
+		in  in
+		out ScanResult
+	}{
+		{
+			in: in{
+				ignorePkgsRegexp: []string{"^kernel"},
+				rs: ScanResult{
+					ServerName: "name",
+					Container:  Container{Name: "dockerA"},
+					ScannedCves: VulnInfos{
+						"CVE-2017-0001": {
+							CveID: "CVE-2017-0001",
+							AffectedPackages: PackageStatuses{
+								{Name: "kernel"},
+							},
+						},
+						"CVE-2017-0002": {
+							CveID: "CVE-2017-0002",
+						},
+					},
+				},
+			},
+			out: ScanResult{
+				ServerName: "name",
+				Container:  Container{Name: "dockerA"},
+				ScannedCves: VulnInfos{
+					"CVE-2017-0002": {
+						CveID: "CVE-2017-0002",
+					},
+				},
+			},
+		},
+		{
+			in: in{
+				ignorePkgsRegexp: []string{"^kernel"},
+				rs: ScanResult{
+					ServerName: "name",
+					Container:  Container{Name: "dockerA"},
+					ScannedCves: VulnInfos{
+						"CVE-2017-0001": {
+							CveID: "CVE-2017-0001",
+							AffectedPackages: PackageStatuses{
+								{Name: "kernel"},
+								{Name: "vim"},
+							},
+						},
+					},
+				},
+			},
+			out: ScanResult{
+				ServerName: "name",
+				Container:  Container{Name: "dockerA"},
+				ScannedCves: VulnInfos{
+					"CVE-2017-0001": {
+						CveID: "CVE-2017-0001",
+						AffectedPackages: PackageStatuses{
+							{Name: "kernel"},
+							{Name: "vim"},
+						},
+					},
+				},
+			},
+		},
+		{
+			in: in{
+				ignorePkgsRegexp: []string{"^kernel", "^vim", "^bind"},
+				rs: ScanResult{
+					ServerName: "name",
+					Container:  Container{Name: "dockerA"},
+					ScannedCves: VulnInfos{
+						"CVE-2017-0001": {
+							CveID: "CVE-2017-0001",
+							AffectedPackages: PackageStatuses{
+								{Name: "kernel"},
+								{Name: "vim"},
+							},
+						},
+					},
+				},
+			},
+			out: ScanResult{
+				ServerName:  "name",
+				Container:   Container{Name: "dockerA"},
+				ScannedCves: VulnInfos{},
+			},
+		},
+	}
+	for _, tt := range tests {
+		config.Conf.Servers = map[string]config.ServerInfo{
+			"name": {
+				Containers: map[string]config.ContainerSetting{
+					"dockerA": {
+						IgnorePkgsRegexp: tt.in.ignorePkgsRegexp,
+					},
+				},
+			},
+		}
+		actual := tt.in.rs.FilterIgnorePkgs()
+		for k := range tt.out.ScannedCves {
+			if !reflect.DeepEqual(tt.out.ScannedCves[k], actual.ScannedCves[k]) {
+				o := pp.Sprintf("%v", tt.out.ScannedCves[k])
+				a := pp.Sprintf("%v", actual.ScannedCves[k])
+				t.Errorf("[%s] expected: %v\n  actual: %v\n", k, o, a)
+			}
+		}
+		for k := range actual.ScannedCves {
+			if !reflect.DeepEqual(tt.out.ScannedCves[k], actual.ScannedCves[k]) {
+				o := pp.Sprintf("%v", tt.out.ScannedCves[k])
+				a := pp.Sprintf("%v", actual.ScannedCves[k])
+				t.Errorf("[%s] expected: %v\n  actual: %v\n", k, o, a)
+			}
+		}
+	}
+}
+
+func TestIsDisplayUpdatableNum(t *testing.T) {
+	var tests = []struct {
+		mode     []byte
+		family   string
+		expected bool
+	}{
+		{
+			mode:     []byte{config.Offline},
+			expected: false,
+		},
+		{
+			mode:     []byte{config.FastRoot},
+			expected: true,
+		},
+		{
+			mode:     []byte{config.Deep},
+			expected: true,
+		},
+		{
+			mode:     []byte{config.Fast},
+			family:   config.RedHat,
+			expected: false,
+		},
+		{
+			mode:     []byte{config.Fast},
+			family:   config.Oracle,
+			expected: false,
+		},
+		{
+			mode:     []byte{config.Fast},
+			family:   config.Debian,
+			expected: false,
+		},
+		{
+			mode:     []byte{config.Fast},
+			family:   config.Ubuntu,
+			expected: false,
+		},
+		{
+			mode:     []byte{config.Fast},
+			family:   config.Raspbian,
+			expected: false,
+		},
+		{
+			mode:     []byte{config.Fast},
+			family:   config.CentOS,
+			expected: true,
+		},
+		{
+			mode:     []byte{config.Fast},
+			family:   config.Amazon,
+			expected: true,
+		},
+		{
+			mode:     []byte{config.Fast},
+			family:   config.FreeBSD,
+			expected: true,
+		},
+		{
+			mode:     []byte{config.Fast},
+			family:   config.OpenSUSE,
+			expected: true,
+		},
+		{
+			mode:     []byte{config.Fast},
+			family:   config.Alpine,
+			expected: true,
+		},
+	}
+
+	for i, tt := range tests {
+		mode := config.ScanMode{}
+		for _, m := range tt.mode {
+			mode.Set(m)
+		}
+		config.Conf.Servers = map[string]config.ServerInfo{
+			"name": {Mode: mode},
+		}
+		r := ScanResult{
+			ServerName: "name",
+			Family:     tt.family,
+		}
+		act := r.isDisplayUpdatableNum()
+		if tt.expected != act {
+			t.Errorf("[%d] expected %#v, actual %#v", i, tt.expected, act)
+		}
+	}
+}
--- a/models/utils.go
+++ b/models/utils.go
@@ -0,0 +1,156 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package models
+
+import (
+	"strings"
+
+	cvedict "github.com/kotakanbe/go-cve-dictionary/models"
+)
+
+// ConvertNvdXMLToModel convert NVD to CveContent
+func ConvertNvdXMLToModel(cveID string, nvd *cvedict.NvdXML) *CveContent {
+	if nvd == nil {
+		return nil
+	}
+	var cpes []Cpe
+	for _, c := range nvd.Cpes {
+		cpes = append(cpes, Cpe{
+			FormattedString: c.FormattedString,
+			URI:             c.URI,
+		})
+	}
+
+	var refs []Reference
+	for _, r := range nvd.References {
+		refs = append(refs, Reference{
+			Link:   r.Link,
+			Source: r.Source,
+		})
+	}
+
+	cweIDs := []string{}
+	for _, cid := range nvd.Cwes {
+		cweIDs = append(cweIDs, cid.CweID)
+	}
+
+	return &CveContent{
+		Type:          Nvd,
+		CveID:         cveID,
+		Summary:       nvd.Summary,
+		Cvss2Score:    nvd.Cvss2.BaseScore,
+		Cvss2Vector:   nvd.Cvss2.VectorString,
+		Cvss2Severity: nvd.Cvss2.Severity,
+		SourceLink:    "https://nvd.nist.gov/vuln/detail/" + cveID,
+		// Cpes:          cpes,
+		CweIDs:       cweIDs,
+		References:   refs,
+		Published:    nvd.PublishedDate,
+		LastModified: nvd.LastModifiedDate,
+	}
+}
+
+// ConvertJvnToModel convert JVN to CveContent
+func ConvertJvnToModel(cveID string, jvn *cvedict.Jvn) *CveContent {
+	if jvn == nil {
+		return nil
+	}
+	var cpes []Cpe
+	for _, c := range jvn.Cpes {
+		cpes = append(cpes, Cpe{
+			FormattedString: c.FormattedString,
+			URI:             c.URI,
+		})
+	}
+
+	refs := []Reference{}
+	for _, r := range jvn.References {
+		refs = append(refs, Reference{
+			Link:   r.Link,
+			Source: r.Source,
+		})
+	}
+
+	return &CveContent{
+		Type:          Jvn,
+		CveID:         cveID,
+		Title:         jvn.Title,
+		Summary:       jvn.Summary,
+		Cvss2Score:    jvn.Cvss2.BaseScore,
+		Cvss2Vector:   jvn.Cvss2.VectorString,
+		Cvss2Severity: jvn.Cvss2.Severity,
+		Cvss3Score:    jvn.Cvss3.BaseScore,
+		Cvss3Vector:   jvn.Cvss3.VectorString,
+		Cvss3Severity: jvn.Cvss3.BaseSeverity,
+		SourceLink:    jvn.JvnLink,
+		// Cpes:          cpes,
+		References:   refs,
+		Published:    jvn.PublishedDate,
+		LastModified: jvn.LastModifiedDate,
+	}
+}
+
+// ConvertNvdJSONToModel convert NVD to CveContent
+func ConvertNvdJSONToModel(cveID string, nvd *cvedict.NvdJSON) *CveContent {
+	if nvd == nil {
+		return nil
+	}
+	var cpes []Cpe
+	for _, c := range nvd.Cpes {
+		cpes = append(cpes, Cpe{
+			FormattedString: c.FormattedString,
+			URI:             c.URI,
+		})
+	}
+
+	var refs []Reference
+	for _, r := range nvd.References {
+		refs = append(refs, Reference{
+			Link:   r.Link,
+			Source: r.Source,
+		})
+	}
+
+	cweIDs := []string{}
+	for _, cid := range nvd.Cwes {
+		cweIDs = append(cweIDs, cid.CweID)
+	}
+
+	desc := []string{}
+	for _, d := range nvd.Descriptions {
+		desc = append(desc, d.Value)
+	}
+
+	return &CveContent{
+		Type:          Nvd,
+		CveID:         cveID,
+		Summary:       strings.Join(desc, "\n"),
+		Cvss2Score:    nvd.Cvss2.BaseScore,
+		Cvss2Vector:   nvd.Cvss2.VectorString,
+		Cvss2Severity: nvd.Cvss2.Severity,
+		Cvss3Score:    nvd.Cvss3.BaseScore,
+		Cvss3Vector:   nvd.Cvss3.VectorString,
+		Cvss3Severity: nvd.Cvss3.BaseSeverity,
+		SourceLink:    "https://nvd.nist.gov/vuln/detail/" + cveID,
+		// Cpes:          cpes,
+		CweIDs:       cweIDs,
+		References:   refs,
+		Published:    nvd.PublishedDate,
+		LastModified: nvd.LastModifiedDate,
+	}
+}
--- a/models/vulninfos.go
+++ b/models/vulninfos.go
@@ -0,0 +1,808 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package models
+
+import (
+	"bytes"
+	"fmt"
+	"sort"
+	"strings"
+	"time"
+
+	"github.com/future-architect/vuls/alert"
+
+	"github.com/future-architect/vuls/config"
+	exploitmodels "github.com/mozqnet/go-exploitdb/models"
+)
+
+// VulnInfos has a map of VulnInfo
+// Key: CveID
+type VulnInfos map[string]VulnInfo
+
+// Find elements that matches the function passed in argument
+func (v VulnInfos) Find(f func(VulnInfo) bool) VulnInfos {
+	filtered := VulnInfos{}
+	for _, vv := range v {
+		if f(vv) {
+			filtered[vv.CveID] = vv
+		}
+	}
+	return filtered
+}
+
+// FindScoredVulns return scored vulnerabilities
+func (v VulnInfos) FindScoredVulns() VulnInfos {
+	return v.Find(func(vv VulnInfo) bool {
+		if 0 < vv.MaxCvss2Score().Value.Score ||
+			0 < vv.MaxCvss3Score().Value.Score {
+			return true
+		}
+		return false
+	})
+}
+
+// ToSortedSlice returns slice of VulnInfos that is sorted by Score, CVE-ID
+func (v VulnInfos) ToSortedSlice() (sorted []VulnInfo) {
+	for k := range v {
+		sorted = append(sorted, v[k])
+	}
+	sort.Slice(sorted, func(i, j int) bool {
+		maxI := sorted[i].MaxCvssScore()
+		maxJ := sorted[j].MaxCvssScore()
+		if maxI.Value.Score != maxJ.Value.Score {
+			return maxJ.Value.Score < maxI.Value.Score
+		}
+		return sorted[i].CveID < sorted[j].CveID
+	})
+	return
+}
+
+// CountGroupBySeverity summarize the number of CVEs group by CVSSv2 Severity
+func (v VulnInfos) CountGroupBySeverity() map[string]int {
+	m := map[string]int{}
+	for _, vInfo := range v {
+		score := vInfo.MaxCvss2Score().Value.Score
+		if score < 0.1 {
+			score = vInfo.MaxCvss3Score().Value.Score
+		}
+		switch {
+		case 7.0 <= score:
+			m["High"]++
+		case 4.0 <= score:
+			m["Medium"]++
+		case 0 < score:
+			m["Low"]++
+		default:
+			m["Unknown"]++
+		}
+	}
+	return m
+}
+
+// FormatCveSummary summarize the number of CVEs group by CVSSv2 Severity
+func (v VulnInfos) FormatCveSummary() string {
+	m := v.CountGroupBySeverity()
+
+	if config.Conf.IgnoreUnscoredCves {
+		return fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d)",
+			m["High"]+m["Medium"]+m["Low"], m["High"], m["Medium"], m["Low"])
+	}
+	return fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d ?:%d)",
+		m["High"]+m["Medium"]+m["Low"]+m["Unknown"],
+		m["High"], m["Medium"], m["Low"], m["Unknown"])
+}
+
+// FormatFixedStatus summarize the number of cves are fixed.
+func (v VulnInfos) FormatFixedStatus(packs Packages) string {
+	total, fixed := 0, 0
+	for _, vInfo := range v {
+		if len(vInfo.CpeURIs) != 0 {
+			continue
+		}
+		total++
+		if vInfo.PatchStatus(packs) == "Fixed" {
+			fixed++
+		}
+	}
+	return fmt.Sprintf("%d/%d Fixed", fixed, total)
+}
+
+// PackageStatuses is a list of PackageStatus
+type PackageStatuses []PackageStatus
+
+// FormatTuiSummary format packname to show TUI summary
+func (ps PackageStatuses) FormatTuiSummary() string {
+	names := []string{}
+	for _, p := range ps {
+		names = append(names, p.Name)
+	}
+	return strings.Join(names, ", ")
+}
+
+// Store insert given pkg if missing, update pkg if exists
+func (ps PackageStatuses) Store(pkg PackageStatus) PackageStatuses {
+	for i, p := range ps {
+		if p.Name == pkg.Name {
+			ps[i] = pkg
+			return ps
+		}
+	}
+	ps = append(ps, pkg)
+	return ps
+}
+
+// Sort by Name
+func (ps PackageStatuses) Sort() {
+	sort.Slice(ps, func(i, j int) bool {
+		return ps[i].Name < ps[j].Name
+	})
+	return
+}
+
+// PackageStatus has name and other status abount the package
+type PackageStatus struct {
+	Name        string `json:"name"`
+	NotFixedYet bool   `json:"notFixedYet"`
+	FixState    string `json:"fixState"`
+}
+
+// VulnInfo has a vulnerability information and unsecure packages
+type VulnInfo struct {
+	CveID            string           `json:"cveID"`
+	Confidences      Confidences      `json:"confidences"`
+	AffectedPackages PackageStatuses  `json:"affectedPackages"`
+	DistroAdvisories []DistroAdvisory `json:"distroAdvisories,omitempty"` // for Aamazon, RHEL, FreeBSD
+	CpeURIs          []string         `json:"cpeURIs,omitempty"`          // CpeURIs related to this CVE defined in config.toml
+	CveContents      CveContents      `json:"cveContents"`
+	Exploits         []Exploit        `json:"exploits"`
+	AlertDict        AlertDict        `json:"alertDict"`
+}
+
+// Titles returns tilte (TUI)
+func (v VulnInfo) Titles(lang, myFamily string) (values []CveContentStr) {
+	if lang == "ja" {
+		if cont, found := v.CveContents[Jvn]; found && 0 < len(cont.Title) {
+			values = append(values, CveContentStr{Jvn, cont.Title})
+		}
+	}
+
+	// RedHat API has one line title.
+	if cont, found := v.CveContents[RedHatAPI]; found && 0 < len(cont.Title) {
+		values = append(values, CveContentStr{RedHatAPI, cont.Title})
+	}
+
+	order := CveContentTypes{Nvd, NvdXML, NewCveContentType(myFamily)}
+	order = append(order, AllCveContetTypes.Except(append(order, Jvn)...)...)
+	for _, ctype := range order {
+		// Only JVN has meaningful title. so return first 100 char of summary
+		if cont, found := v.CveContents[ctype]; found && 0 < len(cont.Summary) {
+			summary := strings.Replace(cont.Summary, "\n", " ", -1)
+			values = append(values, CveContentStr{
+				Type:  ctype,
+				Value: summary,
+			})
+		}
+	}
+
+	for _, adv := range v.DistroAdvisories {
+		values = append(values, CveContentStr{
+			Type:  "Vendor",
+			Value: strings.Replace(adv.Description, "\n", " ", -1),
+		})
+	}
+
+	if len(values) == 0 {
+		values = []CveContentStr{{
+			Type:  Unknown,
+			Value: "-",
+		}}
+	}
+	return
+}
+
+// Summaries returns summaries
+func (v VulnInfo) Summaries(lang, myFamily string) (values []CveContentStr) {
+	if lang == "ja" {
+		if cont, found := v.CveContents[Jvn]; found && 0 < len(cont.Summary) {
+			summary := cont.Title
+			summary += "\n" + strings.Replace(
+				strings.Replace(cont.Summary, "\n", " ", -1), "\r", " ", -1)
+			values = append(values, CveContentStr{Jvn, summary})
+		}
+	}
+
+	order := CveContentTypes{Nvd, NvdXML, NewCveContentType(myFamily)}
+	order = append(order, AllCveContetTypes.Except(append(order, Jvn)...)...)
+	for _, ctype := range order {
+		if cont, found := v.CveContents[ctype]; found && 0 < len(cont.Summary) {
+			summary := strings.Replace(cont.Summary, "\n", " ", -1)
+			values = append(values, CveContentStr{
+				Type:  ctype,
+				Value: summary,
+			})
+		}
+	}
+
+	for _, adv := range v.DistroAdvisories {
+		values = append(values, CveContentStr{
+			Type:  "Vendor",
+			Value: adv.Description,
+		})
+	}
+
+	if len(values) == 0 {
+		return []CveContentStr{{
+			Type:  Unknown,
+			Value: "-",
+		}}
+	}
+
+	return
+}
+
+// Mitigations returns mitigations
+func (v VulnInfo) Mitigations(myFamily string) (values []CveContentStr) {
+	order := CveContentTypes{RedHatAPI}
+	for _, ctype := range order {
+		if cont, found := v.CveContents[ctype]; found && 0 < len(cont.Mitigation) {
+			values = append(values, CveContentStr{
+				Type:  ctype,
+				Value: cont.Mitigation,
+			})
+		}
+	}
+
+	if len(values) == 0 {
+		return []CveContentStr{{
+			Type:  Unknown,
+			Value: "-",
+		}}
+	}
+	return
+}
+
+// Cvss2Scores returns CVSS V2 Scores
+func (v VulnInfo) Cvss2Scores(myFamily string) (values []CveContentCvss) {
+	order := []CveContentType{Nvd, NvdXML, RedHatAPI, RedHat, Jvn}
+	if myFamily != config.RedHat && myFamily != config.CentOS {
+		order = append(order, NewCveContentType(myFamily))
+	}
+	for _, ctype := range order {
+		if cont, found := v.CveContents[ctype]; found {
+			if cont.Cvss2Score == 0 && cont.Cvss2Severity == "" {
+				continue
+			}
+			// https://nvd.nist.gov/vuln-metrics/cvss
+			values = append(values, CveContentCvss{
+				Type: ctype,
+				Value: Cvss{
+					Type:     CVSS2,
+					Score:    cont.Cvss2Score,
+					Vector:   cont.Cvss2Vector,
+					Severity: strings.ToUpper(cont.Cvss2Severity),
+				},
+			})
+		}
+	}
+
+	for _, adv := range v.DistroAdvisories {
+		if adv.Severity != "" {
+			values = append(values, CveContentCvss{
+				Type: "Advisory",
+				Value: Cvss{
+					Type:                 CVSS2,
+					Score:                severityToV2ScoreRoughly(adv.Severity),
+					CalculatedBySeverity: true,
+					Vector:               "-",
+					Severity:             strings.ToUpper(adv.Severity),
+				},
+			})
+		}
+	}
+
+	// An OVAL entry in Ubuntu and Debian has only severity (CVSS score isn't included).
+	// Show severity and dummy score calculated roughly.
+	order = append(order, AllCveContetTypes.Except(order...)...)
+	for _, ctype := range order {
+		if cont, found := v.CveContents[ctype]; found &&
+			cont.Cvss2Score == 0 &&
+			cont.Cvss3Score == 0 &&
+			cont.Cvss2Severity != "" {
+
+			values = append(values, CveContentCvss{
+				Type: cont.Type,
+				Value: Cvss{
+					Type:                 CVSS2,
+					Score:                severityToV2ScoreRoughly(cont.Cvss2Severity),
+					CalculatedBySeverity: true,
+					Vector:               "-",
+					Severity:             strings.ToUpper(cont.Cvss2Severity),
+				},
+			})
+		}
+	}
+
+	return
+}
+
+// Cvss3Scores returns CVSS V3 Score
+func (v VulnInfo) Cvss3Scores() (values []CveContentCvss) {
+	order := []CveContentType{Nvd, RedHatAPI, RedHat, Jvn}
+	for _, ctype := range order {
+		if cont, found := v.CveContents[ctype]; found {
+			// https://nvd.nist.gov/vuln-metrics/cvss
+			values = append(values, CveContentCvss{
+				Type: ctype,
+				Value: Cvss{
+					Type:     CVSS3,
+					Score:    cont.Cvss3Score,
+					Vector:   cont.Cvss3Vector,
+					Severity: strings.ToUpper(cont.Cvss3Severity),
+				},
+			})
+		}
+	}
+	return
+}
+
+// MaxCvss3Score returns Max CVSS V3 Score
+func (v VulnInfo) MaxCvss3Score() CveContentCvss {
+	order := []CveContentType{Nvd, RedHat, RedHatAPI, Jvn}
+	max := 0.0
+	value := CveContentCvss{
+		Type:  Unknown,
+		Value: Cvss{Type: CVSS3},
+	}
+	for _, ctype := range order {
+		if cont, found := v.CveContents[ctype]; found && max < cont.Cvss3Score {
+			// https://nvd.nist.gov/vuln-metrics/cvss
+			value = CveContentCvss{
+				Type: ctype,
+				Value: Cvss{
+					Type:     CVSS3,
+					Score:    cont.Cvss3Score,
+					Vector:   cont.Cvss3Vector,
+					Severity: strings.ToUpper(cont.Cvss3Severity),
+				},
+			}
+			max = cont.Cvss3Score
+		}
+	}
+	return value
+}
+
+// MaxCvssScore returns max CVSS Score
+// If there is no CVSS Score, return Severity as a numerical value.
+func (v VulnInfo) MaxCvssScore() CveContentCvss {
+	v3Max := v.MaxCvss3Score()
+	v2Max := v.MaxCvss2Score()
+	max := v3Max
+	if max.Type == Unknown {
+		return v2Max
+	}
+
+	if max.Value.Score < v2Max.Value.Score && !v2Max.Value.CalculatedBySeverity {
+		max = v2Max
+	}
+	return max
+}
+
+// MaxCvss2Score returns Max CVSS V2 Score
+func (v VulnInfo) MaxCvss2Score() CveContentCvss {
+	order := []CveContentType{Nvd, NvdXML, RedHat, RedHatAPI, Jvn}
+	max := 0.0
+	value := CveContentCvss{
+		Type:  Unknown,
+		Value: Cvss{Type: CVSS2},
+	}
+	for _, ctype := range order {
+		if cont, found := v.CveContents[ctype]; found && max < cont.Cvss2Score {
+			// https://nvd.nist.gov/vuln-metrics/cvss
+			value = CveContentCvss{
+				Type: ctype,
+				Value: Cvss{
+					Type:     CVSS2,
+					Score:    cont.Cvss2Score,
+					Vector:   cont.Cvss2Vector,
+					Severity: strings.ToUpper(cont.Cvss2Severity),
+				},
+			}
+			max = cont.Cvss2Score
+		}
+	}
+	if 0 < max {
+		return value
+	}
+
+	// If CVSS score isn't on NVD, RedHat and JVN, use OVAL and advisory Severity.
+	// Convert severity to cvss srore roughly, then returns max severity.
+	// Only Ubuntu, RedHat and Oracle have severity data in OVAL.
+	order = []CveContentType{Ubuntu, RedHat, Oracle}
+	for _, ctype := range order {
+		if cont, found := v.CveContents[ctype]; found && 0 < len(cont.Cvss2Severity) {
+			score := severityToV2ScoreRoughly(cont.Cvss2Severity)
+			if max < score {
+				value = CveContentCvss{
+					Type: ctype,
+					Value: Cvss{
+						Type:                 CVSS2,
+						Score:                score,
+						CalculatedBySeverity: true,
+						Vector:               cont.Cvss2Vector,
+						Severity:             strings.ToUpper(cont.Cvss2Severity),
+					},
+				}
+			}
+			max = score
+		}
+	}
+
+	// Only RedHat, Oracle and Amazon has severity data in advisory.
+	for _, adv := range v.DistroAdvisories {
+		if adv.Severity != "" {
+			score := severityToV2ScoreRoughly(adv.Severity)
+			if max < score {
+				value = CveContentCvss{
+					Type: "Vendor",
+					Value: Cvss{
+						Type:                 CVSS2,
+						Score:                score,
+						CalculatedBySeverity: true,
+						Vector:               "-",
+						Severity:             adv.Severity,
+					},
+				}
+			}
+		}
+	}
+	return value
+}
+
+// AttackVector returns attack vector string
+func (v VulnInfo) AttackVector() string {
+	for _, cnt := range v.CveContents {
+		if strings.HasPrefix(cnt.Cvss2Vector, "AV:N") ||
+			strings.HasPrefix(cnt.Cvss3Vector, "CVSS:3.0/AV:N") {
+			return "Network"
+		} else if strings.HasPrefix(cnt.Cvss2Vector, "AV:A") ||
+			strings.HasPrefix(cnt.Cvss3Vector, "CVSS:3.0/AV:A") {
+			return "Adjacent"
+		} else if strings.HasPrefix(cnt.Cvss2Vector, "AV:L") ||
+			strings.HasPrefix(cnt.Cvss3Vector, "CVSS:3.0/AV:L") {
+			return "Local"
+		} else if strings.HasPrefix(cnt.Cvss3Vector, "CVSS:3.0/AV:P") {
+			return "Physical"
+		}
+	}
+	if cont, found := v.CveContents[DebianSecurityTracker]; found {
+		if attackRange, found := cont.Optional["attack range"]; found {
+			return attackRange
+		}
+	}
+	return ""
+}
+
+// PatchStatus returns attack vector string
+func (v VulnInfo) PatchStatus(packs Packages) string {
+	// Vuls don't know patch status of the CPE
+	if len(v.CpeURIs) != 0 {
+		return ""
+	}
+	for _, p := range v.AffectedPackages {
+		if p.NotFixedYet {
+			return "Unfixed"
+		}
+
+		// fast, offline mode doesn't have new version
+		if pack, ok := packs[p.Name]; ok {
+			if pack.NewVersion == "" {
+				return "Unknown"
+			}
+		}
+	}
+	return "Fixed"
+}
+
+// CveContentCvss has CVSS information
+type CveContentCvss struct {
+	Type  CveContentType `json:"type"`
+	Value Cvss           `json:"value"`
+}
+
+// CvssType Represent the type of CVSS
+type CvssType string
+
+const (
+	// CVSS2 means CVSS vesion2
+	CVSS2 CvssType = "2"
+
+	// CVSS3 means CVSS vesion3
+	CVSS3 CvssType = "3"
+)
+
+// Cvss has CVSS Score
+type Cvss struct {
+	Type                 CvssType `json:"type"`
+	Score                float64  `json:"score"`
+	CalculatedBySeverity bool     `json:"calculatedBySeverity"`
+	Vector               string   `json:"vector"`
+	Severity             string   `json:"severity"`
+}
+
+// Format CVSS Score and Vector
+func (c Cvss) Format() string {
+	if c.Score == 0 || c.Vector == "" {
+		return c.Severity
+	}
+	switch c.Type {
+	case CVSS2:
+		return fmt.Sprintf("%3.1f/%s %s", c.Score, c.Vector, c.Severity)
+	case CVSS3:
+		return fmt.Sprintf("%3.1f/%s %s", c.Score, c.Vector, c.Severity)
+	}
+	return ""
+}
+
+func cvss2ScoreToSeverity(score float64) string {
+	if 7.0 <= score {
+		return "HIGH"
+	} else if 4.0 <= score {
+		return "MEDIUM"
+	}
+	return "LOW"
+}
+
+// Amazon Linux Security Advisory
+// Critical, Important, Medium, Low
+// https://alas.aws.amazon.com/
+//
+// RedHat, Oracle OVAL
+// Critical, Important, Moderate, Low
+// https://access.redhat.com/security/updates/classification
+//
+// Ubuntu OVAL
+// Critical, High, Medium, Low
+// https://wiki.ubuntu.com/Bugs/Importance
+// https://people.canonical.com/~ubuntu-security/cve/priority.html
+func severityToV2ScoreRoughly(severity string) float64 {
+	switch strings.ToUpper(severity) {
+	case "CRITICAL":
+		return 10.0
+	case "IMPORTANT", "HIGH":
+		return 8.9
+	case "MODERATE", "MEDIUM":
+		return 6.9
+	case "LOW":
+		return 3.9
+	}
+	return 0
+}
+
+// FormatMaxCvssScore returns Max CVSS Score
+func (v VulnInfo) FormatMaxCvssScore() string {
+	max := v.MaxCvssScore()
+	return fmt.Sprintf("%3.1f %s (%s)",
+		max.Value.Score,
+		strings.ToUpper(max.Value.Severity),
+		max.Type)
+}
+
+// Cvss2CalcURL returns CVSS v2 caluclator's URL
+func (v VulnInfo) Cvss2CalcURL() string {
+	return "https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?name=" + v.CveID
+}
+
+// Cvss3CalcURL returns CVSS v3 caluclator's URL
+func (v VulnInfo) Cvss3CalcURL() string {
+	return "https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=" + v.CveID
+}
+
+// VendorLinks returns links of vendor support's URL
+func (v VulnInfo) VendorLinks(family string) map[string]string {
+	links := map[string]string{}
+	switch family {
+	case config.RedHat, config.CentOS:
+		links["RHEL-CVE"] = "https://access.redhat.com/security/cve/" + v.CveID
+		for _, advisory := range v.DistroAdvisories {
+			aidURL := strings.Replace(advisory.AdvisoryID, ":", "-", -1)
+			links[advisory.AdvisoryID] = fmt.Sprintf("https://rhn.redhat.com/errata/%s.html", aidURL)
+		}
+		return links
+	case config.Oracle:
+		links["Oracle-CVE"] = fmt.Sprintf("https://linux.oracle.com/cve/%s.html", v.CveID)
+		for _, advisory := range v.DistroAdvisories {
+			links[advisory.AdvisoryID] =
+				fmt.Sprintf("https://linux.oracle.com/errata/%s.html", advisory.AdvisoryID)
+		}
+		return links
+	case config.Amazon:
+		links["RHEL-CVE"] = "https://access.redhat.com/security/cve/" + v.CveID
+		for _, advisory := range v.DistroAdvisories {
+			links[advisory.AdvisoryID] =
+				fmt.Sprintf("https://alas.aws.amazon.com/%s.html", advisory.AdvisoryID)
+		}
+		return links
+	case config.Ubuntu:
+		links["Ubuntu-CVE"] = "http://people.ubuntu.com/~ubuntu-security/cve/" + v.CveID
+		return links
+	case config.Debian:
+		links["Debian-CVE"] = "https://security-tracker.debian.org/tracker/" + v.CveID
+	case config.SUSEEnterpriseServer:
+		links["SUSE-CVE"] = "https://www.suse.com/security/cve/" + v.CveID
+	case config.FreeBSD:
+		for _, advisory := range v.DistroAdvisories {
+			links["FreeBSD-VuXML"] = fmt.Sprintf("https://vuxml.freebsd.org/freebsd/%s.html", advisory.AdvisoryID)
+
+		}
+		return links
+	}
+	return links
+}
+
+// DistroAdvisory has Amazon Linux, RHEL, FreeBSD Security Advisory information.
+type DistroAdvisory struct {
+	AdvisoryID  string    `json:"advisoryID"`
+	Severity    string    `json:"severity"`
+	Issued      time.Time `json:"issued"`
+	Updated     time.Time `json:"updated"`
+	Description string    `json:"description"`
+}
+
+// Format the distro advisory information
+func (p DistroAdvisory) Format() string {
+	if p.AdvisoryID == "" {
+		return ""
+	}
+
+	var delim bytes.Buffer
+	for i := 0; i < len(p.AdvisoryID); i++ {
+		delim.WriteString("-")
+	}
+	buf := []string{p.AdvisoryID, delim.String(), p.Description}
+	return strings.Join(buf, "\n")
+}
+
+// Exploit :
+type Exploit struct {
+	ExploitType  exploitmodels.ExploitType `json:"exploitType"`
+	ID           string                    `json:"id"`
+	URL          string                    `json:"url"`
+	Description  string                    `json:"description"`
+	DocumentURL  *string                   `json:"documentURL,omitempty"`
+	ShellCodeURL *string                   `json:"shellCodeURL,omitempty"`
+	BinaryURL    *string                   `json:"binaryURL,omitempty"`
+}
+
+// AlertDict has target cve's JPCERT and USCERT alert data
+type AlertDict struct {
+	Ja []alert.Alert `json:"ja"`
+	En []alert.Alert `json:"en"`
+}
+
+// HasAlert returns whether or not it has En or Ja entries.
+func (a AlertDict) HasAlert() bool {
+	return len(a.En) != 0 || len(a.Ja) != 0
+}
+
+// FormatSource returns which source has this alert
+func (a AlertDict) FormatSource() string {
+	s := []string{}
+	if len(a.En) != 0 {
+		s = append(s, "USCERT")
+	}
+	if len(a.Ja) != 0 {
+		s = append(s, "JPCERT")
+	}
+	return strings.Join(s, "/")
+}
+
+// Confidences is a list of Confidence
+type Confidences []Confidence
+
+// AppendIfMissing appends confidence to the list if missiong
+func (cs *Confidences) AppendIfMissing(confidence Confidence) {
+	for _, c := range *cs {
+		if c.DetectionMethod == confidence.DetectionMethod {
+			return
+		}
+	}
+	*cs = append(*cs, confidence)
+}
+
+// SortByConfident sorts Confidences
+func (cs Confidences) SortByConfident() Confidences {
+	sort.Slice(cs, func(i, j int) bool {
+		return cs[i].SortOrder < cs[j].SortOrder
+	})
+	return cs
+}
+
+// Confidence is a ranking how confident the CVE-ID was deteted correctly
+// Score: 0 - 100
+type Confidence struct {
+	Score           int             `json:"score"`
+	DetectionMethod DetectionMethod `json:"detectionMethod"`
+	SortOrder       int             `json:"-"`
+}
+
+func (c Confidence) String() string {
+	return fmt.Sprintf("%d / %s", c.Score, c.DetectionMethod)
+}
+
+// DetectionMethod indicates
+// - How to detect the CveID
+// - How to get the changelog difference between installed and candidate version
+type DetectionMethod string
+
+const (
+	// CpeNameMatchStr is a String representation of CpeNameMatch
+	CpeNameMatchStr = "CpeNameMatch"
+
+	// YumUpdateSecurityMatchStr is a String representation of YumUpdateSecurityMatch
+	YumUpdateSecurityMatchStr = "YumUpdateSecurityMatch"
+
+	// PkgAuditMatchStr is a String representation of PkgAuditMatch
+	PkgAuditMatchStr = "PkgAuditMatch"
+
+	// OvalMatchStr is a String representation of OvalMatch
+	OvalMatchStr = "OvalMatch"
+
+	// RedHatAPIStr is a String representation of RedHatAPIMatch
+	RedHatAPIStr = "RedHatAPIMatch"
+
+	// DebianSecurityTrackerMatchStr is a String representation of DebianSecurityTrackerMatch
+	DebianSecurityTrackerMatchStr = "DebianSecurityTrackerMatch"
+
+	// ChangelogExactMatchStr is a String representation of ChangelogExactMatch
+	ChangelogExactMatchStr = "ChangelogExactMatch"
+
+	// ChangelogLenientMatchStr is a String representation of ChangelogLenientMatch
+	ChangelogLenientMatchStr = "ChangelogLenientMatch"
+
+	// FailedToGetChangelog is a String representation of FailedToGetChangelog
+	FailedToGetChangelog = "FailedToGetChangelog"
+
+	// FailedToFindVersionInChangelog is a String representation of FailedToFindVersionInChangelog
+	FailedToFindVersionInChangelog = "FailedToFindVersionInChangelog"
+)
+
+var (
+	// CpeNameMatch is a ranking how confident the CVE-ID was deteted correctly
+	CpeNameMatch = Confidence{100, CpeNameMatchStr, 1}
+
+	// YumUpdateSecurityMatch is a ranking how confident the CVE-ID was deteted correctly
+	YumUpdateSecurityMatch = Confidence{100, YumUpdateSecurityMatchStr, 2}
+
+	// PkgAuditMatch is a ranking how confident the CVE-ID was deteted correctly
+	PkgAuditMatch = Confidence{100, PkgAuditMatchStr, 2}
+
+	// OvalMatch is a ranking how confident the CVE-ID was deteted correctly
+	OvalMatch = Confidence{100, OvalMatchStr, 0}
+
+	// RedHatAPIMatch ranking how confident the CVE-ID was deteted correctly
+	RedHatAPIMatch = Confidence{100, RedHatAPIStr, 0}
+
+	// DebianSecurityTrackerMatch ranking how confident the CVE-ID was deteted correctly
+	DebianSecurityTrackerMatch = Confidence{100, DebianSecurityTrackerMatchStr, 0}
+
+	// ChangelogExactMatch is a ranking how confident the CVE-ID was deteted correctly
+	ChangelogExactMatch = Confidence{95, ChangelogExactMatchStr, 3}
+
+	// ChangelogLenientMatch is a ranking how confident the CVE-ID was deteted correctly
+	ChangelogLenientMatch = Confidence{50, ChangelogLenientMatchStr, 4}
+)
--- a/models/vulninfos_test.go
+++ b/models/vulninfos_test.go
--- a/oval/alpine.go
+++ b/oval/alpine.go
@@ -0,0 +1,74 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package oval
+
+import (
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	"github.com/kotakanbe/goval-dictionary/db"
+)
+
+// Alpine is the struct of Alpine Linux
+type Alpine struct {
+	Base
+}
+
+// NewAlpine creates OVAL client for SUSE
+func NewAlpine() Alpine {
+	return Alpine{
+		Base{
+			family: config.Alpine,
+		},
+	}
+}
+
+// FillWithOval returns scan result after updating CVE info by OVAL
+func (o Alpine) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+	var relatedDefs ovalResult
+	if config.Conf.OvalDict.IsFetchViaHTTP() {
+		if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
+			return 0, err
+		}
+	} else {
+		if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, r); err != nil {
+			return 0, err
+		}
+	}
+	for _, defPacks := range relatedDefs.entries {
+		o.update(r, defPacks)
+	}
+
+	return len(relatedDefs.entries), nil
+}
+
+func (o Alpine) update(r *models.ScanResult, defPacks defPacks) {
+	cveID := defPacks.def.Advisory.Cves[0].CveID
+	vinfo, ok := r.ScannedCves[cveID]
+	if !ok {
+		util.Log.Debugf("%s is newly detected by OVAL", cveID)
+		vinfo = models.VulnInfo{
+			CveID:       cveID,
+			Confidences: []models.Confidence{models.OvalMatch},
+		}
+	}
+
+	vinfo.AffectedPackages = defPacks.toPackStatuses()
+	vinfo.AffectedPackages.Sort()
+	r.ScannedCves[cveID] = vinfo
+}
--- a/oval/debian.go
+++ b/oval/debian.go
@@ -0,0 +1,284 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package oval
+
+import (
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	"github.com/kotakanbe/goval-dictionary/db"
+	ovalmodels "github.com/kotakanbe/goval-dictionary/models"
+)
+
+// DebianBase is the base struct of Debian and Ubuntu
+type DebianBase struct {
+	Base
+}
+
+func (o DebianBase) update(r *models.ScanResult, defPacks defPacks) {
+	ovalContent := *o.convertToModel(&defPacks.def)
+	ovalContent.Type = models.NewCveContentType(o.family)
+	vinfo, ok := r.ScannedCves[defPacks.def.Debian.CveID]
+	if !ok {
+		util.Log.Debugf("%s is newly detected by OVAL", defPacks.def.Debian.CveID)
+		vinfo = models.VulnInfo{
+			CveID:       defPacks.def.Debian.CveID,
+			Confidences: []models.Confidence{models.OvalMatch},
+			CveContents: models.NewCveContents(ovalContent),
+		}
+	} else {
+		cveContents := vinfo.CveContents
+		ctype := models.NewCveContentType(o.family)
+		if _, ok := vinfo.CveContents[ctype]; ok {
+			util.Log.Debugf("%s OVAL will be overwritten",
+				defPacks.def.Debian.CveID)
+		} else {
+			util.Log.Debugf("%s is also detected by OVAL",
+				defPacks.def.Debian.CveID)
+			cveContents = models.CveContents{}
+		}
+		vinfo.Confidences.AppendIfMissing(models.OvalMatch)
+		cveContents[ctype] = ovalContent
+		vinfo.CveContents = cveContents
+	}
+
+	// uniq(vinfo.PackNames + defPacks.actuallyAffectedPackNames)
+	for _, pack := range vinfo.AffectedPackages {
+		defPacks.actuallyAffectedPackNames[pack.Name] = pack.NotFixedYet
+	}
+
+	// update notFixedYet of SrcPackage
+	for binName := range defPacks.actuallyAffectedPackNames {
+		if srcPack, ok := r.SrcPackages.FindByBinName(binName); ok {
+			for _, p := range defPacks.def.AffectedPacks {
+				if p.Name == srcPack.Name {
+					defPacks.actuallyAffectedPackNames[binName] = p.NotFixedYet
+				}
+			}
+		}
+	}
+
+	vinfo.AffectedPackages = defPacks.toPackStatuses()
+	vinfo.AffectedPackages.Sort()
+	r.ScannedCves[defPacks.def.Debian.CveID] = vinfo
+}
+
+func (o DebianBase) convertToModel(def *ovalmodels.Definition) *models.CveContent {
+	var refs []models.Reference
+	for _, r := range def.References {
+		refs = append(refs, models.Reference{
+			Link:   r.RefURL,
+			Source: r.Source,
+			RefID:  r.RefID,
+		})
+	}
+
+	return &models.CveContent{
+		CveID:         def.Debian.CveID,
+		Title:         def.Title,
+		Summary:       def.Description,
+		Cvss2Severity: def.Advisory.Severity,
+		References:    refs,
+	}
+}
+
+// Debian is the interface for Debian OVAL
+type Debian struct {
+	DebianBase
+}
+
+// NewDebian creates OVAL client for Debian
+func NewDebian() Debian {
+	return Debian{
+		DebianBase{
+			Base{
+				family: config.Debian,
+			},
+		},
+	}
+}
+
+// FillWithOval returns scan result after updating CVE info by OVAL
+func (o Debian) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+
+	//Debian's uname gives both of kernel release(uname -r), version(kernel-image version)
+	linuxImage := "linux-image-" + r.RunningKernel.Release
+
+	// Add linux and set the version of running kernel to search OVAL.
+	if r.Container.ContainerID == "" {
+		newVer := ""
+		if p, ok := r.Packages[linuxImage]; ok {
+			newVer = p.NewVersion
+		}
+		r.Packages["linux"] = models.Package{
+			Name:       "linux",
+			Version:    r.RunningKernel.Version,
+			NewVersion: newVer,
+		}
+	}
+
+	var relatedDefs ovalResult
+	if config.Conf.OvalDict.IsFetchViaHTTP() {
+		if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
+			return 0, err
+		}
+	} else {
+		if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, r); err != nil {
+			return 0, err
+		}
+	}
+
+	delete(r.Packages, "linux")
+
+	for _, defPacks := range relatedDefs.entries {
+		// Remove "linux" added above for oval search
+		// linux is not a real package name (key of affected packages in OVAL)
+		if notFixedYet, ok := defPacks.actuallyAffectedPackNames["linux"]; ok {
+			defPacks.actuallyAffectedPackNames[linuxImage] = notFixedYet
+			delete(defPacks.actuallyAffectedPackNames, "linux")
+			for i, p := range defPacks.def.AffectedPacks {
+				if p.Name == "linux" {
+					p.Name = linuxImage
+					defPacks.def.AffectedPacks[i] = p
+				}
+			}
+		}
+
+		o.update(r, defPacks)
+	}
+
+	for _, vuln := range r.ScannedCves {
+		if cont, ok := vuln.CveContents[models.Debian]; ok {
+			cont.SourceLink = "https://security-tracker.debian.org/tracker/" + cont.CveID
+			vuln.CveContents[models.Debian] = cont
+		}
+	}
+	return len(relatedDefs.entries), nil
+}
+
+// Ubuntu is the interface for Debian OVAL
+type Ubuntu struct {
+	DebianBase
+}
+
+// NewUbuntu creates OVAL client for Debian
+func NewUbuntu() Ubuntu {
+	return Ubuntu{
+		DebianBase{
+			Base{
+				family: config.Ubuntu,
+			},
+		},
+	}
+}
+
+// FillWithOval returns scan result after updating CVE info by OVAL
+func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+	ovalKernelImageNames := []string{
+		"linux-aws",
+		"linux-azure",
+		"linux-flo",
+		"linux-gcp",
+		"linux-gke",
+		"linux-goldfish",
+		"linux-hwe",
+		"linux-hwe-edge",
+		"linux-kvm",
+		"linux-mako",
+		"linux-raspi2",
+		"linux-snapdragon",
+	}
+	linuxImage := "linux-image-" + r.RunningKernel.Release
+
+	found := false
+	if r.Container.ContainerID == "" {
+		for _, n := range ovalKernelImageNames {
+			if _, ok := r.Packages[n]; ok {
+				v, ok := r.Packages[linuxImage]
+				if ok {
+					// Set running kernel version
+					p := r.Packages[n]
+					p.Version = v.Version
+					p.NewVersion = v.NewVersion
+					r.Packages[n] = p
+				} else {
+					util.Log.Warnf("Running kernel image %s is not found: %s",
+						linuxImage, r.RunningKernel.Version)
+				}
+				found = true
+				break
+			}
+		}
+
+		if !found {
+			// linux-generic is described as "linux" in Ubuntu's oval.
+			// Add "linux" and set the version of running kernel to search OVAL.
+			v, ok := r.Packages[linuxImage]
+			if ok {
+				r.Packages["linux"] = models.Package{
+					Name:       "linux",
+					Version:    v.Version,
+					NewVersion: v.NewVersion,
+				}
+			} else {
+				util.Log.Warnf("%s is not found. Running: %s",
+					linuxImage, r.RunningKernel.Release)
+			}
+		}
+	}
+
+	var relatedDefs ovalResult
+	if config.Conf.OvalDict.IsFetchViaHTTP() {
+		if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
+			return 0, err
+		}
+	} else {
+		if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, r); err != nil {
+			return 0, err
+		}
+	}
+
+	if !found {
+		delete(r.Packages, "linux")
+	}
+
+	for _, defPacks := range relatedDefs.entries {
+		// Remove "linux" added above to search for oval
+		// "linux" is not a real package name (key of affected packages in OVAL)
+		if _, ok := defPacks.actuallyAffectedPackNames["linux"]; !found && ok {
+			defPacks.actuallyAffectedPackNames[linuxImage] = true
+			delete(defPacks.actuallyAffectedPackNames, "linux")
+			for i, p := range defPacks.def.AffectedPacks {
+				if p.Name == "linux" {
+					p.Name = linuxImage
+					defPacks.def.AffectedPacks[i] = p
+				}
+			}
+		}
+
+		o.update(r, defPacks)
+	}
+
+	for _, vuln := range r.ScannedCves {
+		if cont, ok := vuln.CveContents[models.Ubuntu]; ok {
+			cont.SourceLink = "http://people.ubuntu.com/~ubuntu-security/cve/" + cont.CveID
+			vuln.CveContents[models.Ubuntu] = cont
+		}
+	}
+	return len(relatedDefs.entries), nil
+}
--- a/oval/debian_test.go
+++ b/oval/debian_test.go
@@ -0,0 +1,79 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+package oval
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	ovalmodels "github.com/kotakanbe/goval-dictionary/models"
+)
+
+func TestPackNamesOfUpdateDebian(t *testing.T) {
+	var tests = []struct {
+		in       models.ScanResult
+		defPacks defPacks
+		out      models.ScanResult
+	}{
+		{
+			in: models.ScanResult{
+				ScannedCves: models.VulnInfos{
+					"CVE-2000-1000": models.VulnInfo{
+						AffectedPackages: models.PackageStatuses{
+							{Name: "packA"},
+							{Name: "packC"},
+						},
+					},
+				},
+			},
+			defPacks: defPacks{
+				def: ovalmodels.Definition{
+					Debian: ovalmodels.Debian{
+						CveID: "CVE-2000-1000",
+					},
+				},
+				actuallyAffectedPackNames: map[string]bool{
+					"packB": true,
+				},
+			},
+			out: models.ScanResult{
+				ScannedCves: models.VulnInfos{
+					"CVE-2000-1000": models.VulnInfo{
+						AffectedPackages: models.PackageStatuses{
+							{Name: "packA"},
+							{Name: "packB", NotFixedYet: true},
+							{Name: "packC"},
+						},
+					},
+				},
+			},
+		},
+	}
+
+	util.Log = util.NewCustomLogger(config.ServerInfo{})
+	for i, tt := range tests {
+		Debian{}.update(&tt.in, tt.defPacks)
+		e := tt.out.ScannedCves["CVE-2000-1000"].AffectedPackages
+		a := tt.in.ScannedCves["CVE-2000-1000"].AffectedPackages
+		if !reflect.DeepEqual(a, e) {
+			t.Errorf("[%d] expected: %v\n  actual: %v\n", i, e, a)
+		}
+	}
+}
--- a/oval/oval.go
+++ b/oval/oval.go
@@ -0,0 +1,120 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package oval
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"time"
+
+	cnf "github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	"github.com/kotakanbe/goval-dictionary/db"
+	"github.com/parnurzeal/gorequest"
+)
+
+// Client is the interface of OVAL client.
+type Client interface {
+	CheckHTTPHealth() error
+	FillWithOval(db.DB, *models.ScanResult) (int, error)
+
+	// CheckIfOvalFetched checks if oval entries are in DB by family, release.
+	CheckIfOvalFetched(db.DB, string, string) (bool, error)
+	CheckIfOvalFresh(db.DB, string, string) (bool, error)
+}
+
+// Base is a base struct
+type Base struct {
+	family string
+}
+
+// CheckHTTPHealth do health check
+func (b Base) CheckHTTPHealth() error {
+	if !cnf.Conf.OvalDict.IsFetchViaHTTP() {
+		return nil
+	}
+
+	url := fmt.Sprintf("%s/health", cnf.Conf.OvalDict.URL)
+	var errs []error
+	var resp *http.Response
+	resp, _, errs = gorequest.New().Get(url).End()
+	//  resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return fmt.Errorf("Failed to request to OVAL server. url: %s, errs: %v",
+			url, errs)
+	}
+	return nil
+}
+
+// CheckIfOvalFetched checks if oval entries are in DB by family, release.
+func (b Base) CheckIfOvalFetched(driver db.DB, osFamily, release string) (fetched bool, err error) {
+	if !cnf.Conf.OvalDict.IsFetchViaHTTP() {
+		count, err := driver.CountDefs(osFamily, release)
+		if err != nil {
+			return false, fmt.Errorf("Failed to count OVAL defs: %s, %s, %v",
+				osFamily, release, err)
+		}
+		return 0 < count, nil
+	}
+
+	url, _ := util.URLPathJoin(cnf.Conf.OvalDict.URL, "count", osFamily, release)
+	resp, body, errs := gorequest.New().Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return false, fmt.Errorf("HTTP GET error: %v, url: %s, resp: %v",
+			errs, url, resp)
+	}
+	count := 0
+	if err := json.Unmarshal([]byte(body), &count); err != nil {
+		return false, fmt.Errorf("Failed to Unmarshall. body: %s, err: %s",
+			body, err)
+	}
+	return 0 < count, nil
+}
+
+// CheckIfOvalFresh checks if oval entries are fresh enough
+func (b Base) CheckIfOvalFresh(driver db.DB, osFamily, release string) (ok bool, err error) {
+	var lastModified time.Time
+	if !cnf.Conf.OvalDict.IsFetchViaHTTP() {
+		lastModified = driver.GetLastModified(osFamily, release)
+	} else {
+		url, _ := util.URLPathJoin(cnf.Conf.OvalDict.URL, "lastmodified", osFamily, release)
+		resp, body, errs := gorequest.New().Get(url).End()
+		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+			return false, fmt.Errorf("HTTP GET error: %v, url: %s, resp: %v",
+				errs, url, resp)
+		}
+
+		if err := json.Unmarshal([]byte(body), &lastModified); err != nil {
+			return false, fmt.Errorf("Failed to Unmarshall. body: %s, err: %s",
+				body, err)
+		}
+	}
+
+	since := time.Now()
+	since = since.AddDate(0, 0, -3)
+	if lastModified.Before(since) {
+		util.Log.Warnf("OVAL for %s %s is old, last modified is %s. It's recommended to update OVAL to improve scanning accuracy. How to update OVAL database, see https://github.com/kotakanbe/goval-dictionary#usage",
+			osFamily, release, lastModified)
+		return false, nil
+	}
+	util.Log.Infof("OVAL is fresh: %s %s ", osFamily, release)
+	return true, nil
+}
--- a/oval/redhat.go
+++ b/oval/redhat.go
@@ -0,0 +1,278 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package oval
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	"github.com/kotakanbe/goval-dictionary/db"
+	ovalmodels "github.com/kotakanbe/goval-dictionary/models"
+)
+
+// RedHatBase is the base struct for RedHat and CentOS
+type RedHatBase struct {
+	Base
+}
+
+// FillWithOval returns scan result after updating CVE info by OVAL
+func (o RedHatBase) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+	var relatedDefs ovalResult
+	if config.Conf.OvalDict.IsFetchViaHTTP() {
+		if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
+			return 0, err
+		}
+	} else {
+		if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, r); err != nil {
+			return 0, err
+		}
+	}
+
+	for _, defPacks := range relatedDefs.entries {
+		nCVEs += o.update(r, defPacks)
+	}
+
+	for _, vuln := range r.ScannedCves {
+		switch models.NewCveContentType(o.family) {
+		case models.RedHat:
+			if cont, ok := vuln.CveContents[models.RedHat]; ok {
+				cont.SourceLink = "https://access.redhat.com/security/cve/" + cont.CveID
+				vuln.CveContents[models.RedHat] = cont
+			}
+		case models.Oracle:
+			if cont, ok := vuln.CveContents[models.Oracle]; ok {
+				cont.SourceLink = fmt.Sprintf("https://linux.oracle.com/cve/%s.html", cont.CveID)
+				vuln.CveContents[models.Oracle] = cont
+			}
+		}
+	}
+
+	return nCVEs, nil
+}
+
+var kernelRelatedPackNames = map[string]bool{
+	"kernel":                  true,
+	"kernel-aarch64":          true,
+	"kernel-abi-whitelists":   true,
+	"kernel-bootwrapper":      true,
+	"kernel-debug":            true,
+	"kernel-debug-devel":      true,
+	"kernel-devel":            true,
+	"kernel-doc":              true,
+	"kernel-headers":          true,
+	"kernel-kdump":            true,
+	"kernel-kdump-devel":      true,
+	"kernel-rt":               true,
+	"kernel-rt-debug":         true,
+	"kernel-rt-debug-devel":   true,
+	"kernel-rt-debug-kvm":     true,
+	"kernel-rt-devel":         true,
+	"kernel-rt-doc":           true,
+	"kernel-rt-kvm":           true,
+	"kernel-rt-trace":         true,
+	"kernel-rt-trace-devel":   true,
+	"kernel-rt-trace-kvm":     true,
+	"kernel-rt-virt":          true,
+	"kernel-rt-virt-devel":    true,
+	"kernel-tools":            true,
+	"kernel-tools-libs":       true,
+	"kernel-tools-libs-devel": true,
+	"perf":                    true,
+	"python-perf":             true,
+}
+
+func (o RedHatBase) update(r *models.ScanResult, defPacks defPacks) (nCVEs int) {
+	ctype := models.NewCveContentType(o.family)
+	for _, cve := range defPacks.def.Advisory.Cves {
+		ovalContent := *o.convertToModel(cve.CveID, &defPacks.def)
+		vinfo, ok := r.ScannedCves[cve.CveID]
+		if !ok {
+			util.Log.Debugf("%s is newly detected by OVAL", cve.CveID)
+			vinfo = models.VulnInfo{
+				CveID:       cve.CveID,
+				Confidences: models.Confidences{models.OvalMatch},
+				CveContents: models.NewCveContents(ovalContent),
+			}
+			nCVEs++
+		} else {
+			cveContents := vinfo.CveContents
+			if v, ok := vinfo.CveContents[ctype]; ok {
+				if v.LastModified.After(ovalContent.LastModified) {
+					util.Log.Debugf("%s, OvalID: %d ignroed: ",
+						cve.CveID, defPacks.def.ID)
+					continue
+				} else {
+					util.Log.Debugf("%s OVAL will be overwritten", cve.CveID)
+				}
+			} else {
+				util.Log.Debugf("%s also detected by OVAL", cve.CveID)
+				cveContents = models.CveContents{}
+			}
+
+			vinfo.Confidences.AppendIfMissing(models.OvalMatch)
+			cveContents[ctype] = ovalContent
+			vinfo.CveContents = cveContents
+		}
+
+		// uniq(vinfo.PackNames + defPacks.actuallyAffectedPackNames)
+		for _, pack := range vinfo.AffectedPackages {
+			if nfy, ok := defPacks.actuallyAffectedPackNames[pack.Name]; !ok {
+				defPacks.actuallyAffectedPackNames[pack.Name] = pack.NotFixedYet
+			} else if nfy {
+				defPacks.actuallyAffectedPackNames[pack.Name] = true
+			}
+		}
+		vinfo.AffectedPackages = defPacks.toPackStatuses()
+		vinfo.AffectedPackages.Sort()
+		r.ScannedCves[cve.CveID] = vinfo
+	}
+	return
+}
+
+func (o RedHatBase) convertToModel(cveID string, def *ovalmodels.Definition) *models.CveContent {
+	for _, cve := range def.Advisory.Cves {
+		if cve.CveID != cveID {
+			continue
+		}
+		var refs []models.Reference
+		for _, r := range def.References {
+			refs = append(refs, models.Reference{
+				Link:   r.RefURL,
+				Source: r.Source,
+				RefID:  r.RefID,
+			})
+		}
+
+		score2, vec2 := o.parseCvss2(cve.Cvss2)
+		score3, vec3 := o.parseCvss3(cve.Cvss3)
+
+		severity := def.Advisory.Severity
+		if cve.Impact != "" {
+			severity = cve.Impact
+		}
+
+		sev2, sev3 := "", ""
+		if score2 != 0 {
+			sev2 = severity
+		}
+		if score3 != 0 {
+			sev3 = severity
+		}
+
+		// CWE-ID in RedHat OVAL may have multiple cweIDs separated by space
+		cwes := strings.Fields(cve.Cwe)
+
+		return &models.CveContent{
+			Type:          models.NewCveContentType(o.family),
+			CveID:         cve.CveID,
+			Title:         def.Title,
+			Summary:       def.Description,
+			Cvss2Score:    score2,
+			Cvss2Vector:   vec2,
+			Cvss2Severity: sev2,
+			Cvss3Score:    score3,
+			Cvss3Vector:   vec3,
+			Cvss3Severity: sev3,
+			References:    refs,
+			CweIDs:        cwes,
+			Published:     def.Advisory.Issued,
+			LastModified:  def.Advisory.Updated,
+		}
+	}
+	return nil
+}
+
+// ParseCvss2 divide CVSSv2 string into score and vector
+// 5/AV:N/AC:L/Au:N/C:N/I:N/A:P
+func (o RedHatBase) parseCvss2(scoreVector string) (score float64, vector string) {
+	var err error
+	ss := strings.Split(scoreVector, "/")
+	if 1 < len(ss) {
+		if score, err = strconv.ParseFloat(ss[0], 64); err != nil {
+			return 0, ""
+		}
+		return score, strings.Join(ss[1:], "/")
+	}
+	return 0, ""
+}
+
+// ParseCvss3 divide CVSSv3 string into score and vector
+// 5.6/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
+func (o RedHatBase) parseCvss3(scoreVector string) (score float64, vector string) {
+	var err error
+	ss := strings.Split(scoreVector, "/CVSS:3.0/")
+	if 1 < len(ss) {
+		if score, err = strconv.ParseFloat(ss[0], 64); err != nil {
+			return 0, ""
+		}
+		return score, fmt.Sprintf("CVSS:3.0/%s", ss[1])
+	}
+	return 0, ""
+}
+
+// RedHat is the interface for RedhatBase OVAL
+type RedHat struct {
+	RedHatBase
+}
+
+// NewRedhat creates OVAL client for Redhat
+func NewRedhat() RedHat {
+	return RedHat{
+		RedHatBase{
+			Base{
+				family: config.RedHat,
+			},
+		},
+	}
+}
+
+// CentOS is the interface for CentOS OVAL
+type CentOS struct {
+	RedHatBase
+}
+
+// NewCentOS creates OVAL client for CentOS
+func NewCentOS() CentOS {
+	return CentOS{
+		RedHatBase{
+			Base{
+				family: config.CentOS,
+			},
+		},
+	}
+}
+
+// Oracle is the interface for Oracle OVAL
+type Oracle struct {
+	RedHatBase
+}
+
+// NewOracle creates OVAL client for Oracle
+func NewOracle() Oracle {
+	return Oracle{
+		RedHatBase{
+			Base{
+				family: config.Oracle,
+			},
+		},
+	}
+}
--- a/oval/redhat_test.go
+++ b/oval/redhat_test.go
@@ -0,0 +1,148 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+package oval
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	ovalmodels "github.com/kotakanbe/goval-dictionary/models"
+)
+
+func TestParseCvss2(t *testing.T) {
+	type out struct {
+		score  float64
+		vector string
+	}
+	var tests = []struct {
+		in  string
+		out out
+	}{
+		{
+			in: "5/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+			out: out{
+				score:  5.0,
+				vector: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
+			},
+		},
+		{
+			in: "",
+			out: out{
+				score:  0,
+				vector: "",
+			},
+		},
+	}
+	for _, tt := range tests {
+		s, v := RedHatBase{}.parseCvss2(tt.in)
+		if s != tt.out.score || v != tt.out.vector {
+			t.Errorf("\nexpected: %f, %s\n  actual: %f, %s",
+				tt.out.score, tt.out.vector, s, v)
+		}
+	}
+}
+
+func TestParseCvss3(t *testing.T) {
+	type out struct {
+		score  float64
+		vector string
+	}
+	var tests = []struct {
+		in  string
+		out out
+	}{
+		{
+			in: "5.6/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
+			out: out{
+				score:  5.6,
+				vector: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
+			},
+		},
+		{
+			in: "",
+			out: out{
+				score:  0,
+				vector: "",
+			},
+		},
+	}
+	for _, tt := range tests {
+		s, v := RedHatBase{}.parseCvss3(tt.in)
+		if s != tt.out.score || v != tt.out.vector {
+			t.Errorf("\nexpected: %f, %s\n  actual: %f, %s",
+				tt.out.score, tt.out.vector, s, v)
+		}
+	}
+}
+
+func TestPackNamesOfUpdate(t *testing.T) {
+	var tests = []struct {
+		in       models.ScanResult
+		defPacks defPacks
+		out      models.ScanResult
+	}{
+		{
+			in: models.ScanResult{
+				ScannedCves: models.VulnInfos{
+					"CVE-2000-1000": models.VulnInfo{
+						AffectedPackages: models.PackageStatuses{
+							{Name: "packA"},
+							{Name: "packB", NotFixedYet: false},
+						},
+					},
+				},
+			},
+			defPacks: defPacks{
+				def: ovalmodels.Definition{
+					Advisory: ovalmodels.Advisory{
+						Cves: []ovalmodels.Cve{
+							{
+								CveID: "CVE-2000-1000",
+							},
+						},
+					},
+				},
+				actuallyAffectedPackNames: map[string]bool{
+					"packB": true,
+				},
+			},
+			out: models.ScanResult{
+				ScannedCves: models.VulnInfos{
+					"CVE-2000-1000": models.VulnInfo{
+						AffectedPackages: models.PackageStatuses{
+							{Name: "packA"},
+							{Name: "packB", NotFixedYet: true},
+						},
+					},
+				},
+			},
+		},
+	}
+
+	util.Log = util.NewCustomLogger(config.ServerInfo{})
+	for i, tt := range tests {
+		RedHat{}.update(&tt.in, tt.defPacks)
+		e := tt.out.ScannedCves["CVE-2000-1000"].AffectedPackages
+		a := tt.in.ScannedCves["CVE-2000-1000"].AffectedPackages
+		if !reflect.DeepEqual(a, e) {
+			t.Errorf("[%d] expected: %v\n  actual: %v\n", i, e, a)
+		}
+	}
+}
--- a/oval/suse.go
+++ b/oval/suse.go
@@ -0,0 +1,118 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package oval
+
+import (
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	"github.com/kotakanbe/goval-dictionary/db"
+	ovalmodels "github.com/kotakanbe/goval-dictionary/models"
+)
+
+// SUSE is the struct of SUSE Linux
+type SUSE struct {
+	Base
+}
+
+// NewSUSE creates OVAL client for SUSE
+func NewSUSE() SUSE {
+	// TODO implement other family
+	return SUSE{
+		Base{
+			family: config.SUSEEnterpriseServer,
+		},
+	}
+}
+
+// FillWithOval returns scan result after updating CVE info by OVAL
+func (o SUSE) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
+	var relatedDefs ovalResult
+	if config.Conf.OvalDict.IsFetchViaHTTP() {
+		if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
+			return 0, err
+		}
+	} else {
+		if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, r); err != nil {
+			return 0, err
+		}
+	}
+	for _, defPacks := range relatedDefs.entries {
+		o.update(r, defPacks)
+	}
+
+	for _, vuln := range r.ScannedCves {
+		if cont, ok := vuln.CveContents[models.SUSE]; ok {
+			cont.SourceLink = "https://security-tracker.debian.org/tracker/" + cont.CveID
+			vuln.CveContents[models.SUSE] = cont
+		}
+	}
+	return len(relatedDefs.entries), nil
+}
+
+func (o SUSE) update(r *models.ScanResult, defPacks defPacks) {
+	ovalContent := *o.convertToModel(&defPacks.def)
+	ovalContent.Type = models.NewCveContentType(o.family)
+	vinfo, ok := r.ScannedCves[defPacks.def.Title]
+	if !ok {
+		util.Log.Debugf("%s is newly detected by OVAL", defPacks.def.Title)
+		vinfo = models.VulnInfo{
+			CveID:       defPacks.def.Title,
+			Confidences: models.Confidences{models.OvalMatch},
+			CveContents: models.NewCveContents(ovalContent),
+		}
+	} else {
+		cveContents := vinfo.CveContents
+		ctype := models.NewCveContentType(o.family)
+		if _, ok := vinfo.CveContents[ctype]; ok {
+			util.Log.Debugf("%s OVAL will be overwritten", defPacks.def.Title)
+		} else {
+			util.Log.Debugf("%s is also detected by OVAL", defPacks.def.Title)
+			cveContents = models.CveContents{}
+		}
+		vinfo.Confidences.AppendIfMissing(models.OvalMatch)
+		cveContents[ctype] = ovalContent
+		vinfo.CveContents = cveContents
+	}
+
+	// uniq(vinfo.PackNames + defPacks.actuallyAffectedPackNames)
+	for _, pack := range vinfo.AffectedPackages {
+		defPacks.actuallyAffectedPackNames[pack.Name] = pack.NotFixedYet
+	}
+	vinfo.AffectedPackages = defPacks.toPackStatuses()
+	vinfo.AffectedPackages.Sort()
+	r.ScannedCves[defPacks.def.Title] = vinfo
+}
+
+func (o SUSE) convertToModel(def *ovalmodels.Definition) *models.CveContent {
+	var refs []models.Reference
+	for _, r := range def.References {
+		refs = append(refs, models.Reference{
+			Link:   r.RefURL,
+			Source: r.Source,
+			RefID:  r.RefID,
+		})
+	}
+
+	return &models.CveContent{
+		CveID:      def.Title,
+		Title:      def.Title,
+		Summary:    def.Description,
+		References: refs,
+	}
+}
--- a/oval/util.go
+++ b/oval/util.go
@@ -0,0 +1,353 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package oval
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"regexp"
+	"strings"
+	"time"
+
+	"github.com/cenkalti/backoff"
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	debver "github.com/knqyf263/go-deb-version"
+	rpmver "github.com/knqyf263/go-rpm-version"
+	"github.com/kotakanbe/goval-dictionary/db"
+	ovalmodels "github.com/kotakanbe/goval-dictionary/models"
+	"github.com/parnurzeal/gorequest"
+)
+
+type ovalResult struct {
+	entries []defPacks
+}
+
+type defPacks struct {
+	def ovalmodels.Definition
+
+	// BinaryPackageName : NotFixedYet
+	actuallyAffectedPackNames map[string]bool
+}
+
+func (e defPacks) toPackStatuses() (ps models.PackageStatuses) {
+	for name, notFixedYet := range e.actuallyAffectedPackNames {
+		ps = append(ps, models.PackageStatus{
+			Name:        name,
+			NotFixedYet: notFixedYet,
+		})
+	}
+	return
+}
+
+func (e *ovalResult) upsert(def ovalmodels.Definition, packName string, notFixedYet bool) (upserted bool) {
+	// alpine's entry is empty since Alpine secdb is not OVAL format
+	if def.DefinitionID != "" {
+		for i, entry := range e.entries {
+			if entry.def.DefinitionID == def.DefinitionID {
+				e.entries[i].actuallyAffectedPackNames[packName] = notFixedYet
+				return true
+			}
+		}
+	}
+	e.entries = append(e.entries, defPacks{
+		def:                       def,
+		actuallyAffectedPackNames: map[string]bool{packName: notFixedYet},
+	})
+
+	return false
+}
+
+type request struct {
+	packName          string
+	versionRelease    string
+	NewVersionRelease string
+	binaryPackNames   []string
+	isSrcPack         bool
+}
+
+type response struct {
+	request request
+	defs    []ovalmodels.Definition
+}
+
+// getDefsByPackNameViaHTTP fetches OVAL information via HTTP
+func getDefsByPackNameViaHTTP(r *models.ScanResult) (
+	relatedDefs ovalResult, err error) {
+
+	nReq := len(r.Packages) + len(r.SrcPackages)
+	reqChan := make(chan request, nReq)
+	resChan := make(chan response, nReq)
+	errChan := make(chan error, nReq)
+	defer close(reqChan)
+	defer close(resChan)
+	defer close(errChan)
+
+	go func() {
+		for _, pack := range r.Packages {
+			reqChan <- request{
+				packName:          pack.Name,
+				versionRelease:    pack.FormatVer(),
+				NewVersionRelease: pack.FormatVer(),
+				isSrcPack:         false,
+			}
+		}
+		for _, pack := range r.SrcPackages {
+			reqChan <- request{
+				packName:        pack.Name,
+				binaryPackNames: pack.BinaryNames,
+				versionRelease:  pack.Version,
+				isSrcPack:       true,
+			}
+		}
+	}()
+
+	concurrency := 10
+	tasks := util.GenWorkers(concurrency)
+	for i := 0; i < nReq; i++ {
+		tasks <- func() {
+			select {
+			case req := <-reqChan:
+				url, err := util.URLPathJoin(
+					config.Conf.OvalDict.URL,
+					"packs",
+					r.Family,
+					r.Release,
+					req.packName,
+				)
+				if err != nil {
+					errChan <- err
+				} else {
+					util.Log.Debugf("HTTP Request to %s", url)
+					httpGet(url, req, resChan, errChan)
+				}
+			}
+		}
+	}
+
+	timeout := time.After(2 * 60 * time.Second)
+	var errs []error
+	for i := 0; i < nReq; i++ {
+		select {
+		case res := <-resChan:
+			for _, def := range res.defs {
+				affected, notFixedYet := isOvalDefAffected(def, res.request, r.Family, r.RunningKernel)
+				if !affected {
+					continue
+				}
+
+				if res.request.isSrcPack {
+					for _, n := range res.request.binaryPackNames {
+						relatedDefs.upsert(def, n, false)
+					}
+				} else {
+					relatedDefs.upsert(def, res.request.packName, notFixedYet)
+				}
+			}
+		case err := <-errChan:
+			errs = append(errs, err)
+		case <-timeout:
+			return relatedDefs, fmt.Errorf("Timeout Fetching OVAL")
+		}
+	}
+	if len(errs) != 0 {
+		return relatedDefs, fmt.Errorf("Failed to fetch OVAL. err: %v", errs)
+	}
+	return
+}
+
+func httpGet(url string, req request, resChan chan<- response, errChan chan<- error) {
+	var body string
+	var errs []error
+	var resp *http.Response
+	count, retryMax := 0, 3
+	f := func() (err error) {
+		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+		resp, body, errs = gorequest.New().Get(url).End()
+		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+			count++
+			if count == retryMax {
+				return nil
+			}
+			return fmt.Errorf("HTTP GET error: %v, url: %s, resp: %v",
+				errs, url, resp)
+		}
+		return nil
+	}
+	notify := func(err error, t time.Duration) {
+		util.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %s", t, err)
+	}
+	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
+	if err != nil {
+		errChan <- fmt.Errorf("HTTP Error %s", err)
+		return
+	}
+	if count == retryMax {
+		errChan <- fmt.Errorf("HRetry count exceeded")
+		return
+	}
+
+	defs := []ovalmodels.Definition{}
+	if err := json.Unmarshal([]byte(body), &defs); err != nil {
+		errChan <- fmt.Errorf("Failed to Unmarshall. body: %s, err: %s",
+			body, err)
+		return
+	}
+	resChan <- response{
+		request: req,
+		defs:    defs,
+	}
+}
+
+func getDefsByPackNameFromOvalDB(driver db.DB, r *models.ScanResult) (relatedDefs ovalResult, err error) {
+	requests := []request{}
+	for _, pack := range r.Packages {
+		requests = append(requests, request{
+			packName:          pack.Name,
+			versionRelease:    pack.FormatVer(),
+			NewVersionRelease: pack.FormatNewVer(),
+			isSrcPack:         false,
+		})
+	}
+	for _, pack := range r.SrcPackages {
+		requests = append(requests, request{
+			packName:        pack.Name,
+			binaryPackNames: pack.BinaryNames,
+			versionRelease:  pack.Version,
+			isSrcPack:       true,
+		})
+	}
+
+	for _, req := range requests {
+		definitions, err := driver.GetByPackName(r.Release, req.packName)
+		if err != nil {
+			return relatedDefs, fmt.Errorf("Failed to get %s OVAL info by package: %#v, err: %s", r.Family, req, err)
+		}
+		for _, def := range definitions {
+			affected, notFixedYet := isOvalDefAffected(def, req, r.Family, r.RunningKernel)
+			if !affected {
+				continue
+			}
+
+			if req.isSrcPack {
+				for _, n := range req.binaryPackNames {
+					relatedDefs.upsert(def, n, false)
+				}
+			} else {
+				relatedDefs.upsert(def, req.packName, notFixedYet)
+			}
+		}
+	}
+	return
+}
+
+func major(version string) string {
+	ss := strings.SplitN(version, ":", 2)
+	ver := ""
+	if len(ss) == 1 {
+		ver = ss[0]
+	} else {
+		ver = ss[1]
+	}
+	return ver[0:strings.Index(ver, ".")]
+}
+
+func isOvalDefAffected(def ovalmodels.Definition, req request, family string, running models.Kernel) (affected, notFixedYet bool) {
+	for _, ovalPack := range def.AffectedPacks {
+		if req.packName != ovalPack.Name {
+			continue
+		}
+
+		if running.Release != "" {
+			switch family {
+			case config.RedHat, config.CentOS:
+				// For kernel related packages, ignore OVAL information with different major versions
+				if _, ok := kernelRelatedPackNames[ovalPack.Name]; ok {
+					if major(ovalPack.Version) != major(running.Release) {
+						continue
+					}
+				}
+			}
+		}
+
+		if ovalPack.NotFixedYet {
+			return true, true
+		}
+
+		less, err := lessThan(family, req.versionRelease, ovalPack)
+		if err != nil {
+			util.Log.Debugf("Failed to parse versions: %s, Ver: %#v, OVAL: %#v, DefID: %s",
+				err, req.versionRelease, ovalPack, def.DefinitionID)
+			return false, false
+		}
+
+		if less {
+			if req.isSrcPack {
+				// Unable to judge whether fixed or not fixed of src package(Ubuntu, Debian)
+				return true, false
+			}
+
+			// `offline` or `fast` scan mode can't get a updatable version.
+			// In these mode, the blow field was set empty.
+			// Vuls can not judge fixed or unfixed.
+			if req.NewVersionRelease == "" {
+				return true, false
+			}
+
+			// compare version: newVer vs oval
+			less, err := lessThan(family, req.NewVersionRelease, ovalPack)
+			if err != nil {
+				util.Log.Debugf("Failed to parse versions: %s, NewVer: %#v, OVAL: %#v, DefID: %s",
+					err, req.NewVersionRelease, ovalPack, def.DefinitionID)
+				return false, false
+			}
+			return true, less
+		}
+	}
+	return false, false
+}
+
+func lessThan(family, versionRelease string, packB ovalmodels.Package) (bool, error) {
+	switch family {
+	case config.Debian, config.Ubuntu:
+		vera, err := debver.NewVersion(versionRelease)
+		if err != nil {
+			return false, err
+		}
+		verb, err := debver.NewVersion(packB.Version)
+		if err != nil {
+			return false, err
+		}
+		return vera.LessThan(verb), nil
+	case config.Oracle, config.SUSEEnterpriseServer, config.Alpine:
+		vera := rpmver.NewVersion(versionRelease)
+		verb := rpmver.NewVersion(packB.Version)
+		return vera.LessThan(verb), nil
+	case config.RedHat, config.CentOS: // TODO: Suport config.Scientific
+		rea := regexp.MustCompile(`\.[es]l(\d+)(?:_\d+)?(?:\.centos)?`)
+		reb := regexp.MustCompile(`\.el(\d+)(?:_\d+)?`)
+		vera := rpmver.NewVersion(rea.ReplaceAllString(versionRelease, ".el$1"))
+		verb := rpmver.NewVersion(reb.ReplaceAllString(packB.Version, ".el$1"))
+		return vera.LessThan(verb), nil
+	default:
+		util.Log.Errorf("Not implemented yet: %s", family)
+	}
+	return false, fmt.Errorf("Package version comparison not supported: %s", family)
+}
--- a/oval/util_test.go
+++ b/oval/util_test.go
--- a/report/azureblob.go
+++ b/report/azureblob.go
@@ -1,5 +1,5 @@
 /* Vuls - Vulnerability Scanner
-Copyright (C) 2016  Future Architect, Inc. Japan.
+Copyright (C) 2016  Future Corporation , Japan.

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -20,121 +20,130 @@ package report
 import (
 	"bytes"
 	"encoding/json"
+	"encoding/xml"
 	"fmt"
 	"time"

-	"github.com/Azure/azure-sdk-for-go/storage"
+	storage "github.com/Azure/azure-sdk-for-go/storage"

 	c "github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/models"
-	"github.com/future-architect/vuls/util"
 )

 // AzureBlobWriter writes results to AzureBlob
 type AzureBlobWriter struct{}

+// Write results to Azure Blob storage
+func (w AzureBlobWriter) Write(rs ...models.ScanResult) (err error) {
+	if len(rs) == 0 {
+		return nil
+	}
+
+	cli, err := getBlobClient()
+	if err != nil {
+		return err
+	}
+
+	if c.Conf.FormatOneLineText {
+		timestr := rs[0].ScannedAt.Format(time.RFC3339)
+		k := fmt.Sprintf(timestr + "/summary.txt")
+		text := formatOneLineSummary(rs...)
+		b := []byte(text)
+		if err := createBlockBlob(cli, k, b); err != nil {
+			return err
+		}
+	}
+
+	for _, r := range rs {
+		key := r.ReportKeyName()
+		if c.Conf.FormatJSON {
+			k := key + ".json"
+			var b []byte
+			if b, err = json.Marshal(r); err != nil {
+				return fmt.Errorf("Failed to Marshal to JSON: %s", err)
+			}
+			if err := createBlockBlob(cli, k, b); err != nil {
+				return err
+			}
+		}
+
+		if c.Conf.FormatList {
+			k := key + "_short.txt"
+			b := []byte(formatList(r))
+			if err := createBlockBlob(cli, k, b); err != nil {
+				return err
+			}
+		}
+
+		if c.Conf.FormatFullText {
+			k := key + "_full.txt"
+			b := []byte(formatFullPlainText(r))
+			if err := createBlockBlob(cli, k, b); err != nil {
+				return err
+			}
+		}
+
+		if c.Conf.FormatXML {
+			k := key + ".xml"
+			var b []byte
+			if b, err = xml.Marshal(r); err != nil {
+				return fmt.Errorf("Failed to Marshal to XML: %s", err)
+			}
+			allBytes := bytes.Join([][]byte{[]byte(xml.Header + vulsOpenTag), b, []byte(vulsCloseTag)}, []byte{})
+			if err := createBlockBlob(cli, k, allBytes); err != nil {
+				return err
+			}
+		}
+	}
+	return
+}
+
 // CheckIfAzureContainerExists check the existence of Azure storage container
 func CheckIfAzureContainerExists() error {
 	cli, err := getBlobClient()
 	if err != nil {
 		return err
 	}
-	ok, err := cli.ContainerExists(c.Conf.AzureContainer)
+	r, err := cli.ListContainers(storage.ListContainersParameters{})
 	if err != nil {
 		return err
 	}
-	if !ok {
-		return fmt.Errorf("Container not found. Container: %s", c.Conf.AzureContainer)
+
+	found := false
+	for _, con := range r.Containers {
+		if con.Name == c.Conf.Azure.ContainerName {
+			found = true
+			break
+		}
+	}
+	if !found {
+		return fmt.Errorf("Container not found. Container: %s", c.Conf.Azure.ContainerName)
 	}
 	return nil
 }

 func getBlobClient() (storage.BlobStorageClient, error) {
-	api, err := storage.NewBasicClient(c.Conf.AzureAccount, c.Conf.AzureKey)
+	api, err := storage.NewBasicClient(c.Conf.Azure.AccountName, c.Conf.Azure.AccountKey)
 	if err != nil {
 		return storage.BlobStorageClient{}, err
 	}
 	return api.GetBlobService(), nil
 }

-// Write results to Azure Blob storage
-func (w AzureBlobWriter) Write(scanResults []models.ScanResult) (err error) {
-	reqChan := make(chan models.ScanResult, len(scanResults))
-	resChan := make(chan bool)
-	errChan := make(chan error, len(scanResults))
-	defer close(resChan)
-	defer close(errChan)
-	defer close(reqChan)
-
-	timeout := time.After(10 * 60 * time.Second)
-	concurrency := 10
-	tasks := util.GenWorkers(concurrency)
-
-	go func() {
-		for _, r := range scanResults {
-			reqChan <- r
-		}
-	}()
-
-	for range scanResults {
-		tasks <- func() {
-			select {
-			case sresult := <-reqChan:
-				func(r models.ScanResult) {
-					err := w.upload(r)
-					if err != nil {
-						errChan <- err
-					}
-					resChan <- true
-				}(sresult)
-			}
+func createBlockBlob(cli storage.BlobStorageClient, k string, b []byte) error {
+	var err error
+	if c.Conf.GZIP {
+		if b, err = gz(b); err != nil {
+			return err
 		}
+		k += ".gz"
 	}

-	errs := []error{}
-	for i := 0; i < len(scanResults); i++ {
-		select {
-		case <-resChan:
-		case err := <-errChan:
-			errs = append(errs, err)
-		case <-timeout:
-			errs = append(errs, fmt.Errorf("Timeout while uploading to azure Blob"))
-		}
-	}
-
-	if 0 < len(errs) {
-		return fmt.Errorf("Failed to upload json to Azure Blob: %v", errs)
+	ref := cli.GetContainerReference(c.Conf.Azure.ContainerName)
+	blob := ref.GetBlobReference(k)
+	if err := blob.CreateBlockBlobFromReader(bytes.NewReader(b), nil); err != nil {
+		return fmt.Errorf("Failed to upload data to %s/%s, %s",
+			c.Conf.Azure.ContainerName, k, err)
 	}
 	return nil
 }
-
-func (w AzureBlobWriter) upload(res models.ScanResult) (err error) {
-	cli, err := getBlobClient()
-	if err != nil {
-		return err
-	}
-	timestr := time.Now().Format("20060102_1504")
-	name := ""
-	if res.Container.ContainerID == "" {
-		name = fmt.Sprintf("%s/%s.json", timestr, res.ServerName)
-	} else {
-		name = fmt.Sprintf("%s/%s_%s.json", timestr, res.ServerName, res.Container.Name)
-	}
-
-	jsonBytes, err := json.Marshal(res)
-	if err != nil {
-		return fmt.Errorf("Failed to Marshal to JSON: %s", err)
-	}
-
-	if err = cli.CreateBlockBlobFromReader(
-		c.Conf.AzureContainer,
-		name,
-		uint64(len(jsonBytes)),
-		bytes.NewReader(jsonBytes),
-		map[string]string{},
-	); err != nil {
-		return fmt.Errorf("%s/%s, %s",
-			c.Conf.AzureContainer, name, err)
-	}
-	return
-}
--- a/report/chatwork.go
+++ b/report/chatwork.go
@@ -0,0 +1,73 @@
+package report
+
+import (
+	"fmt"
+	"net/http"
+	"net/url"
+	"strconv"
+	"strings"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+)
+
+// ChatWorkWriter send report to ChatWork
+type ChatWorkWriter struct{}
+
+func (w ChatWorkWriter) Write(rs ...models.ScanResult) (err error) {
+	conf := config.Conf.ChatWork
+
+	for _, r := range rs {
+		serverInfo := fmt.Sprintf("%s", r.ServerInfo())
+		if err = chatWorkpostMessage(conf.Room, conf.APIToken, serverInfo); err != nil {
+			return err
+		}
+
+		for _, vinfo := range r.ScannedCves {
+			maxCvss := vinfo.MaxCvssScore()
+			severity := strings.ToUpper(maxCvss.Value.Severity)
+			if severity == "" {
+				severity = "?"
+			}
+
+			message := fmt.Sprintf(`%s[info][title]"https://nvd.nist.gov/vuln/detail/%s" %s %s[/title]%s[/info]`,
+				serverInfo,
+				vinfo.CveID,
+				strconv.FormatFloat(maxCvss.Value.Score, 'f', 1, 64),
+				severity,
+				vinfo.Summaries(config.Conf.Lang, r.Family)[0].Value)
+
+			if err = chatWorkpostMessage(conf.Room, conf.APIToken, message); err != nil {
+				return err
+			}
+		}
+
+	}
+	return nil
+}
+
+func chatWorkpostMessage(room, token, message string) error {
+	uri := fmt.Sprintf("https://api.chatwork.com/v2/rooms/%s/messages=%s", room, token)
+
+	payload := url.Values{
+		"body": {message},
+	}
+
+	reqs, err := http.NewRequest("POST", uri, strings.NewReader(payload.Encode()))
+
+	reqs.Header.Add("X-ChatWorkToken", token)
+	reqs.Header.Add("Content-Type", "application/x-www-form-urlencoded")
+
+	if err != nil {
+		return err
+	}
+	client := &http.Client{}
+
+	resp, err := client.Do(reqs)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+
+	return nil
+}
--- a/report/chatwork_test.go
+++ b/report/chatwork_test.go
@@ -0,0 +1 @@
+package report
--- a/report/cve_client.go
+++ b/report/cve_client.go
@@ -0,0 +1,224 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package report
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/cenkalti/backoff"
+	"github.com/parnurzeal/gorequest"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/util"
+	cvedb "github.com/kotakanbe/go-cve-dictionary/db"
+	cve "github.com/kotakanbe/go-cve-dictionary/models"
+)
+
+// CveClient is api client of CVE disctionary service.
+var CveClient cvedictClient
+
+type cvedictClient struct {
+	//  httpProxy string
+	baseURL string
+}
+
+func (api *cvedictClient) initialize() {
+	api.baseURL = config.Conf.CveDict.URL
+}
+
+func (api cvedictClient) CheckHealth() error {
+	if !config.Conf.CveDict.IsFetchViaHTTP() {
+		util.Log.Debugf("get cve-dictionary from %s", config.Conf.CveDict.Type)
+		return nil
+	}
+
+	api.initialize()
+	url := fmt.Sprintf("%s/health", api.baseURL)
+	var errs []error
+	var resp *http.Response
+	resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+	//  resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
+	if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+		return fmt.Errorf("Failed to request to CVE server. url: %s, errs: %v",
+			url, errs)
+	}
+	return nil
+}
+
+type response struct {
+	Key       string
+	CveDetail cve.CveDetail
+}
+
+func (api cvedictClient) FetchCveDetails(driver cvedb.DB, cveIDs []string) (cveDetails []cve.CveDetail, err error) {
+	if !config.Conf.CveDict.IsFetchViaHTTP() {
+		for _, cveID := range cveIDs {
+			cveDetail, err := driver.Get(cveID)
+			if err != nil {
+				return nil, fmt.Errorf("Failed to fetch CVE. err: %s", err)
+			}
+			if len(cveDetail.CveID) == 0 {
+				cveDetails = append(cveDetails, cve.CveDetail{
+					CveID: cveID,
+				})
+			} else {
+				cveDetails = append(cveDetails, *cveDetail)
+			}
+		}
+		return
+	}
+
+	api.baseURL = config.Conf.CveDict.URL
+	reqChan := make(chan string, len(cveIDs))
+	resChan := make(chan response, len(cveIDs))
+	errChan := make(chan error, len(cveIDs))
+	defer close(reqChan)
+	defer close(resChan)
+	defer close(errChan)
+
+	go func() {
+		for _, cveID := range cveIDs {
+			reqChan <- cveID
+		}
+	}()
+
+	concurrency := 10
+	tasks := util.GenWorkers(concurrency)
+	for range cveIDs {
+		tasks <- func() {
+			select {
+			case cveID := <-reqChan:
+				url, err := util.URLPathJoin(api.baseURL, "cves", cveID)
+				if err != nil {
+					errChan <- err
+				} else {
+					util.Log.Debugf("HTTP Request to %s", url)
+					api.httpGet(cveID, url, resChan, errChan)
+				}
+			}
+		}
+	}
+
+	timeout := time.After(2 * 60 * time.Second)
+	var errs []error
+	for range cveIDs {
+		select {
+		case res := <-resChan:
+			if len(res.CveDetail.CveID) == 0 {
+				cveDetails = append(cveDetails, cve.CveDetail{
+					CveID: res.Key,
+				})
+			} else {
+				cveDetails = append(cveDetails, res.CveDetail)
+			}
+		case err := <-errChan:
+			errs = append(errs, err)
+		case <-timeout:
+			return nil, fmt.Errorf("Timeout Fetching CVE")
+		}
+	}
+	if len(errs) != 0 {
+		return nil,
+			fmt.Errorf("Failed to fetch CVE. err: %v", errs)
+	}
+	return
+}
+
+func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errChan chan<- error) {
+	var body string
+	var errs []error
+	var resp *http.Response
+	f := func() (err error) {
+		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
+		resp, body, errs = gorequest.New().Get(url).End()
+		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+			return fmt.Errorf("HTTP GET error: %v, url: %s, resp: %v",
+				errs, url, resp)
+		}
+		return nil
+	}
+	notify := func(err error, t time.Duration) {
+		util.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %s",
+			t, err)
+	}
+	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
+	if err != nil {
+		errChan <- fmt.Errorf("HTTP Error %s", err)
+		return
+	}
+	cveDetail := cve.CveDetail{}
+	if err := json.Unmarshal([]byte(body), &cveDetail); err != nil {
+		errChan <- fmt.Errorf("Failed to Unmarshall. body: %s, err: %s",
+			body, err)
+		return
+	}
+	resChan <- response{
+		key,
+		cveDetail,
+	}
+}
+
+func (api cvedictClient) FetchCveDetailsByCpeName(driver cvedb.DB, cpeName string) ([]cve.CveDetail, error) {
+	if config.Conf.CveDict.IsFetchViaHTTP() {
+		api.baseURL = config.Conf.CveDict.URL
+		url, err := util.URLPathJoin(api.baseURL, "cpes")
+		if err != nil {
+			return nil, err
+		}
+
+		query := map[string]string{"name": cpeName}
+		util.Log.Debugf("HTTP Request to %s, query: %#v", url, query)
+		return api.httpPost(cpeName, url, query)
+	}
+	return driver.GetByCpeURI(cpeName)
+}
+
+func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]cve.CveDetail, error) {
+	var body string
+	var errs []error
+	var resp *http.Response
+	f := func() (err error) {
+		//  req := gorequest.New().SetDebug(config.Conf.Debug).Post(url)
+		req := gorequest.New().Post(url)
+		for key := range query {
+			req = req.Send(fmt.Sprintf("%s=%s", key, query[key])).Type("json")
+		}
+		resp, body, errs = req.End()
+		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
+			return fmt.Errorf("HTTP POST error: %v, url: %s, resp: %v", errs, url, resp)
+		}
+		return nil
+	}
+	notify := func(err error, t time.Duration) {
+		util.Log.Warnf("Failed to HTTP POST. retrying in %s seconds. err: %s", t, err)
+	}
+	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
+	if err != nil {
+		return nil, fmt.Errorf("HTTP Error %s", err)
+	}
+
+	cveDetails := []cve.CveDetail{}
+	if err := json.Unmarshal([]byte(body), &cveDetails); err != nil {
+		return nil,
+			fmt.Errorf("Failed to Unmarshall. body: %s, err: %s", body, err)
+	}
+	return cveDetails, nil
+}
--- a/report/db_client.go
+++ b/report/db_client.go
@@ -0,0 +1,188 @@
+package report
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/util"
+	gostdb "github.com/knqyf263/gost/db"
+	cvedb "github.com/kotakanbe/go-cve-dictionary/db"
+	ovaldb "github.com/kotakanbe/goval-dictionary/db"
+	exploitdb "github.com/mozqnet/go-exploitdb/db"
+)
+
+// DBClient is a dictionarie's db client for reporting
+type DBClient struct {
+	CveDB     cvedb.DB
+	OvalDB    ovaldb.DB
+	GostDB    gostdb.DB
+	ExploitDB exploitdb.DB
+}
+
+// DBClientConf has a configuration of Vulnerability DBs
+type DBClientConf struct {
+	CveDictCnf  config.GoCveDictConf
+	OvalDictCnf config.GovalDictConf
+	GostCnf     config.GostConf
+	ExploitCnf  config.ExploitConf
+	DebugSQL    bool
+}
+
+// NewDBClient returns db clients
+func NewDBClient(cnf DBClientConf) (dbclient *DBClient, locked bool, err error) {
+	cveDriver, locked, err := NewCveDB(cnf)
+	if locked {
+		return nil, true, fmt.Errorf("CveDB is locked: %s",
+			cnf.OvalDictCnf.SQLite3Path)
+	} else if err != nil {
+		return nil, locked, err
+	}
+
+	ovaldb, locked, err := NewOvalDB(cnf)
+	if locked {
+		return nil, true, fmt.Errorf("OvalDB is locked: %s",
+			cnf.OvalDictCnf.SQLite3Path)
+	} else if err != nil {
+		util.Log.Warnf("Unable to use OvalDB: %s, err: %s",
+			cnf.OvalDictCnf.SQLite3Path, err)
+	}
+
+	gostdb, locked, err := NewGostDB(cnf)
+	if locked {
+		return nil, true, fmt.Errorf("gostDB is locked: %s",
+			cnf.GostCnf.SQLite3Path)
+	} else if err != nil {
+		util.Log.Warnf("Unable to use gostDB: %s, err: %s",
+			cnf.GostCnf.SQLite3Path, err)
+	}
+
+	exploitdb, locked, err := NewExploitDB(cnf)
+	if locked {
+		return nil, true, fmt.Errorf("exploitDB is locked: %s",
+			cnf.ExploitCnf.SQLite3Path)
+	} else if err != nil {
+		util.Log.Warnf("Unable to use exploitDB: %s, err: %s",
+			cnf.ExploitCnf.SQLite3Path, err)
+	}
+
+	return &DBClient{
+		CveDB:     cveDriver,
+		OvalDB:    ovaldb,
+		GostDB:    gostdb,
+		ExploitDB: exploitdb,
+	}, false, nil
+}
+
+// NewCveDB returns cve db client
+func NewCveDB(cnf DBClientConf) (driver cvedb.DB, locked bool, err error) {
+	if config.Conf.CveDict.IsFetchViaHTTP() {
+		return nil, false, nil
+	}
+	util.Log.Debugf("open cve-dictionary db (%s)", cnf.CveDictCnf.Type)
+	path := cnf.CveDictCnf.URL
+	if cnf.CveDictCnf.Type == "sqlite3" {
+		path = cnf.CveDictCnf.SQLite3Path
+	}
+
+	util.Log.Debugf("Open cve-dictionary db (%s): %s", cnf.CveDictCnf.Type, path)
+	driver, locked, err = cvedb.NewDB(cnf.CveDictCnf.Type, path, cnf.DebugSQL)
+	if err != nil {
+		err = fmt.Errorf("Failed to init CVE DB. err: %s, path: %s", err, path)
+		return nil, locked, err
+	}
+	return driver, false, nil
+}
+
+// NewOvalDB returns oval db client
+func NewOvalDB(cnf DBClientConf) (driver ovaldb.DB, locked bool, err error) {
+	if config.Conf.OvalDict.IsFetchViaHTTP() {
+		return nil, false, nil
+	}
+	path := cnf.OvalDictCnf.URL
+	if cnf.OvalDictCnf.Type == "sqlite3" {
+		path = cnf.OvalDictCnf.SQLite3Path
+
+		if _, err := os.Stat(path); os.IsNotExist(err) {
+			util.Log.Warnf("--ovaldb-path=%s is not found. It's recommended to use OVAL to improve scanning accuracy. For details, see https://github.com/kotakanbe/goval-dictionary#usage", path)
+			return nil, false, nil
+		}
+	}
+
+	util.Log.Debugf("Open oval-dictionary db (%s): %s", cnf.OvalDictCnf.Type, path)
+	driver, locked, err = ovaldb.NewDB("", cnf.OvalDictCnf.Type, path, cnf.DebugSQL)
+	if err != nil {
+		err = fmt.Errorf("Failed to new OVAL DB. err: %s", err)
+		if locked {
+			return nil, true, err
+		}
+		return nil, false, err
+	}
+	return driver, false, nil
+}
+
+// NewGostDB returns db client for Gost
+func NewGostDB(cnf DBClientConf) (driver gostdb.DB, locked bool, err error) {
+	if config.Conf.Gost.IsFetchViaHTTP() {
+		return nil, false, nil
+	}
+	path := cnf.GostCnf.URL
+	if cnf.GostCnf.Type == "sqlite3" {
+		path = cnf.GostCnf.SQLite3Path
+
+		if _, err := os.Stat(path); os.IsNotExist(err) {
+			util.Log.Warnf("--gostdb-path=%s is not found. If the scan target server is Debian, RHEL or CentOS, it's recommended to use gost to improve scanning accuracy. To use gost database, see https://github.com/knqyf263/gost#fetch-redhat", path)
+			return nil, false, nil
+		}
+	}
+
+	util.Log.Debugf("Open gost db (%s): %s", cnf.GostCnf.Type, path)
+	if driver, locked, err = gostdb.NewDB(cnf.GostCnf.Type, path, cnf.DebugSQL); err != nil {
+		if locked {
+			util.Log.Errorf("gostDB is locked: %s", err)
+			return nil, true, err
+		}
+		return nil, false, err
+	}
+	return driver, false, nil
+}
+
+// NewExploitDB returns db client for Exploit
+func NewExploitDB(cnf DBClientConf) (driver exploitdb.DB, locked bool, err error) {
+	if config.Conf.Exploit.IsFetchViaHTTP() {
+		return nil, false, nil
+	}
+	path := cnf.ExploitCnf.URL
+	if cnf.ExploitCnf.Type == "sqlite3" {
+		path = cnf.ExploitCnf.SQLite3Path
+
+		if _, err := os.Stat(path); os.IsNotExist(err) {
+			util.Log.Warnf("--exploitdb-path=%s is not found. It's recommended to use exploit to improve scanning accuracy. To use exploit db database, see https://github.com/mozqnet/go-exploitdb", path)
+			return nil, false, nil
+		}
+	}
+
+	util.Log.Debugf("Open exploit db (%s): %s", cnf.ExploitCnf.Type, path)
+	if driver, locked, err = exploitdb.NewDB(cnf.ExploitCnf.Type, path, cnf.DebugSQL); err != nil {
+		if locked {
+			util.Log.Errorf("exploitDB is locked: %s", err)
+			return nil, true, err
+		}
+		return nil, false, err
+	}
+	return driver, false, nil
+}
+
+// CloseDB close dbs
+func (d DBClient) CloseDB() {
+	if d.CveDB != nil {
+		if err := d.CveDB.CloseDB(); err != nil {
+			util.Log.Errorf("Failed to close DB: %s", err)
+		}
+	}
+	if d.OvalDB != nil {
+		if err := d.OvalDB.CloseDB(); err != nil {
+			util.Log.Errorf("Failed to close DB: %s", err)
+		}
+	}
+}
--- a/report/email.go
+++ b/report/email.go
@@ -0,0 +1,154 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package report
+
+import (
+	"fmt"
+	"net"
+	"net/mail"
+	"net/smtp"
+	"strings"
+	"time"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+)
+
+// EMailWriter send mail
+type EMailWriter struct{}
+
+func (w EMailWriter) Write(rs ...models.ScanResult) (err error) {
+	conf := config.Conf
+	var message string
+	sender := NewEMailSender()
+
+	m := map[string]int{}
+	for _, r := range rs {
+		if conf.FormatOneEMail {
+			message += formatFullPlainText(r) + "\r\n\r\n"
+
+			mm := r.ScannedCves.CountGroupBySeverity()
+			keys := []string{"High", "Medium", "Low", "Unknown"}
+			for _, k := range keys {
+				m[k] += mm[k]
+			}
+		} else {
+			var subject string
+			if len(r.Errors) != 0 {
+				subject = fmt.Sprintf("%s%s An error occurred while scanning",
+					conf.EMail.SubjectPrefix, r.ServerInfo())
+			} else {
+				subject = fmt.Sprintf("%s%s %s",
+					conf.EMail.SubjectPrefix,
+					r.ServerInfo(),
+					r.ScannedCves.FormatCveSummary())
+			}
+			if conf.FormatList {
+				message = formatList(r)
+			} else {
+				message = formatFullPlainText(r)
+			}
+			if err := sender.Send(subject, message); err != nil {
+				return err
+			}
+		}
+	}
+
+	summary := ""
+	if config.Conf.IgnoreUnscoredCves {
+		summary = fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d)",
+			m["High"]+m["Medium"]+m["Low"], m["High"], m["Medium"], m["Low"])
+	}
+	summary = fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d ?:%d)",
+		m["High"]+m["Medium"]+m["Low"]+m["Unknown"],
+		m["High"], m["Medium"], m["Low"], m["Unknown"])
+
+	if conf.FormatOneEMail {
+		message = fmt.Sprintf(
+			`
+One Line Summary
+================
+%s
+
+
+%s`,
+			formatOneLineSummary(rs...), message)
+
+		subject := fmt.Sprintf("%s %s",
+			conf.EMail.SubjectPrefix, summary)
+		return sender.Send(subject, message)
+	}
+	return nil
+}
+
+// EMailSender is interface of sending e-mail
+type EMailSender interface {
+	Send(subject, body string) error
+}
+
+type emailSender struct {
+	conf config.SMTPConf
+	send func(string, smtp.Auth, string, []string, []byte) error
+}
+
+func (e *emailSender) Send(subject, body string) (err error) {
+	emailConf := e.conf
+	to := strings.Join(emailConf.To[:], ", ")
+	cc := strings.Join(emailConf.Cc[:], ", ")
+	mailAddresses := append(emailConf.To, emailConf.Cc...)
+	if _, err := mail.ParseAddressList(strings.Join(mailAddresses[:], ", ")); err != nil {
+		return fmt.Errorf("Failed to parse email addresses: %s", err)
+	}
+
+	headers := make(map[string]string)
+	headers["From"] = emailConf.From
+	headers["To"] = to
+	headers["Cc"] = cc
+	headers["Subject"] = subject
+	headers["Date"] = time.Now().Format(time.RFC1123Z)
+	headers["Content-Type"] = "text/plain; charset=utf-8"
+
+	var header string
+	for k, v := range headers {
+		header += fmt.Sprintf("%s: %s\r\n", k, v)
+	}
+	message := fmt.Sprintf("%s\r\n%s", header, body)
+
+	smtpServer := net.JoinHostPort(emailConf.SMTPAddr, emailConf.SMTPPort)
+	err = e.send(
+		smtpServer,
+		smtp.PlainAuth(
+			"",
+			emailConf.User,
+			emailConf.Password,
+			emailConf.SMTPAddr,
+		),
+		emailConf.From,
+		mailAddresses,
+		[]byte(message),
+	)
+	if err != nil {
+		return fmt.Errorf("Failed to send emails: %s", err)
+	}
+	return nil
+}
+
+// NewEMailSender creates emailSender
+func NewEMailSender() EMailSender {
+	return &emailSender{config.Conf.EMail, smtp.SendMail}
+}
--- a/report/email_test.go
+++ b/report/email_test.go
@@ -0,0 +1,132 @@
+/* Vuls - Vulnerability Scanner
+Copyright (C) 2016  Future Corporation , Japan.
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+package report
+
+import (
+	"net/smtp"
+	"reflect"
+	"strings"
+	"testing"
+
+	"github.com/future-architect/vuls/config"
+)
+
+type emailRecorder struct {
+	addr string
+	auth smtp.Auth
+	from string
+	to   []string
+	body string
+}
+
+type mailTest struct {
+	in  config.SMTPConf
+	out emailRecorder
+}
+
+var mailTests = []mailTest{
+	{
+		config.SMTPConf{
+			SMTPAddr: "127.0.0.1",
+			SMTPPort: "25",
+
+			From: "from@address.com",
+			To:   []string{"to@address.com"},
+			Cc:   []string{"cc@address.com"},
+		},
+		emailRecorder{
+			addr: "127.0.0.1:25",
+			auth: smtp.PlainAuth("", "", "", "127.0.0.1"),
+			from: "from@address.com",
+			to:   []string{"to@address.com", "cc@address.com"},
+			body: "body",
+		},
+	},
+	{
+		config.SMTPConf{
+			SMTPAddr: "127.0.0.1",
+			SMTPPort: "25",
+
+			User:     "vuls",
+			Password: "password",
+
+			From: "from@address.com",
+			To:   []string{"to1@address.com", "to2@address.com"},
+			Cc:   []string{"cc1@address.com", "cc2@address.com"},
+		},
+		emailRecorder{
+			addr: "127.0.0.1:25",
+			auth: smtp.PlainAuth(
+				"",
+				"vuls",
+				"password",
+				"127.0.0.1",
+			),
+			from: "from@address.com",
+			to: []string{"to1@address.com", "to2@address.com",
+				"cc1@address.com", "cc2@address.com"},
+			body: "body",
+		},
+	},
+}
+
+func TestSend(t *testing.T) {
+	for i, test := range mailTests {
+		f, r := mockSend(nil)
+		sender := &emailSender{conf: test.in, send: f}
+
+		subject := "subject"
+		body := "body"
+		if err := sender.Send(subject, body); err != nil {
+			t.Errorf("unexpected error: %s", err)
+		}
+
+		if r.addr != test.out.addr {
+			t.Errorf("#%d: wrong 'addr' field.\r\nexpected: %s\n got: %s", i, test.out.addr, r.addr)
+		}
+
+		if !reflect.DeepEqual(r.auth, test.out.auth) {
+			t.Errorf("#%d: wrong 'auth' field.\r\nexpected: %v\n got: %v", i, test.out.auth, r.auth)
+		}
+
+		if r.from != test.out.from {
+			t.Errorf("#%d: wrong 'from' field.\r\nexpected: %v\n got: %v", i, test.out.from, r.from)
+		}
+
+		if !reflect.DeepEqual(r.to, test.out.to) {
+			t.Errorf("#%d: wrong 'to' field.\r\nexpected: %v\n got: %v", i, test.out.to, r.to)
+		}
+
+		if r.body != test.out.body {
+			t.Errorf("#%d: wrong 'body' field.\r\nexpected: %v\n got: %v", i, test.out.body, r.body)
+		}
+
+	}
+
+}
+
+func mockSend(errToReturn error) (func(string, smtp.Auth, string, []string, []byte) error, *emailRecorder) {
+	r := new(emailRecorder)
+	return func(addr string, a smtp.Auth, from string, to []string, msg []byte) error {
+		// Split into header and body
+		messages := strings.Split(string(msg), "\r\n\r\n")
+		body := messages[1]
+		*r = emailRecorder{addr, a, from, to, body}
+		return errToReturn
+	}, r
+}
--- a/report/hipchat.go
+++ b/report/hipchat.go
@@ -0,0 +1,74 @@
+package report
+
+import (
+	"fmt"
+	"net/http"
+	"net/url"
+	"strconv"
+	"strings"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+)
+
+// HipChatWriter send report to HipChat
+type HipChatWriter struct{}
+
+func (w HipChatWriter) Write(rs ...models.ScanResult) (err error) {
+	conf := config.Conf.HipChat
+
+	for _, r := range rs {
+		serverInfo := fmt.Sprintf("%s", r.ServerInfo())
+		if err = postMessage(conf.Room, conf.AuthToken, serverInfo); err != nil {
+			return err
+		}
+
+		for _, vinfo := range r.ScannedCves {
+			maxCvss := vinfo.MaxCvssScore()
+			severity := strings.ToUpper(maxCvss.Value.Severity)
+			if severity == "" {
+				severity = "?"
+			}
+
+			message := fmt.Sprintf(`<a href="https://nvd.nist.gov/vuln/detail\%s"> %s </a> <br/>%s (%s)<br/>%s`,
+				vinfo.CveID,
+				vinfo.CveID,
+				strconv.FormatFloat(maxCvss.Value.Score, 'f', 1, 64),
+				severity,
+				vinfo.Summaries(config.Conf.Lang, r.Family)[0].Value,
+			)
+
+			if err = postMessage(conf.Room, conf.AuthToken, message); err != nil {
+				return err
+			}
+		}
+
+	}
+	return nil
+}
+
+func postMessage(room, token, message string) error {
+	uri := fmt.Sprintf("https://api.hipchat.com/v2/room/%s/notification?auth_token=%s", room, token)
+
+	payload := url.Values{
+		"color":          {"purple"},
+		"message_format": {"html"},
+		"message":        {message},
+	}
+	reqs, err := http.NewRequest("POST", uri, strings.NewReader(payload.Encode()))
+	if err != nil {
+		return err
+	}
+
+	reqs.Header.Add("Content-Type", "application/x-www-form-urlencoded")
+
+	client := &http.Client{}
+
+	resp, err := client.Do(reqs)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+
+	return nil
+}
--- a/report/hipchat_test.go
+++ b/report/hipchat_test.go
@@ -0,0 +1 @@
+package report
--- a/Show More
+++ b/Show More