Detect the OS Get installed packages Debian/Ubuntu: dpkg-query Amazon/RHEL/CentOS: rpm FreeBSD: pkg Check upgradable packages Debian/Ubuntu: apt-get upgrade --dry-run foreach upgradable packages Parse changelog and get CVE IDs Debian/Ubuntu: aptitude changelog end loop Write results to JSON files Get CVE IDs by using package manager Amazon/RHEL: yum plugin security FreeBSD: pkg audit Report Get all changelogs of updatable packages at once yum changelog Parse changelogs and get CVE IDs Get all changelogs of updatable packages at once Amazon / RHEL: yum changelog Vulnerability Database Folder 1 CVE DB (NVD / JVN) OVAL DB Debian Ubuntu Raspbian Amazon RHEL FreeBSD CentOS