Up-to-Date CVE Vulnerability Manager - A comprehensive cross-platform vulnerability management system that scans installed software components and identifies security vulnerabilities using the National Vulnerability Database (NVD) API.
- Instant Setup - Start scanning immediately without registration
- Free Usage - No API key needed for basic vulnerability scanning
- Automatic Detection - System automatically adapts to API key availability
- 50x Faster Scanning - With API key: ~0.6s between requests vs 6s without
- Higher Limits - 50 requests per 30s vs 5 requests per 30s
- Professional Use - Recommended for enterprise environments
| Mode | Rate Limit | Requests per 30s | Best For |
|---|---|---|---|
| Without API Key | 6 seconds | 5 requests | Personal use, testing |
| With API Key | 0.6 seconds | 50 requests | Enterprise, frequent scans |
UTD CVE Manager is an enterprise-grade vulnerability assessment tool with a beautiful EDR-style dashboard. It automatically discovers installed software components on Windows and Linux systems, cross-references them with real-time CVE data from NIST NVD, and provides actionable security insights with encrypted credential storage.
- Cross-Platform Scanning - Windows registry and Linux package manager support
- System Component Detection - OS, BIOS/UEFI firmware, and web servers
- External Component Support - Manually add software components for monitoring
- Intelligent Deduplication - Smart handling of duplicate components
- Version-Specific Matching - Precise version detection and CVE correlation
- Real-time NVD Integration - Live CVE data from NIST National Vulnerability Database
- Optimized CPE Matching - Uses virtualMatchString for accurate vulnerability detection
- CVSS v3.1 & v2.0 Support - Complete scoring and severity classification
- Background Scanning - Non-blocking scans with real-time progress tracking
- EDR-Style Interface - Modern dark-themed cybersecurity dashboard
- Real-time Statistics - Live vulnerability counts and severity breakdown
- Last Scan Tracking - Shows scan history with date/time and results
- Priority Alerts - Immediate notifications for critical vulnerabilities
- Paginated Results - 10 software components per page with navigation
- Smart Filtering - Filter by All Data, All Severities, Safe, or specific severity levels
- System Component Priority - OS and firmware components displayed first
- Component Tagging - Visual tags for OS, BIOS, IIS, and external components
- Expandable CVE Details - 10 CVEs per page with detailed information
- Global Search - Search across CVE IDs, software names, and descriptions
- Encrypted Storage - XOR encryption for API keys and SMTP credentials
- Database Security - Sensitive data encrypted in SQLite database
- SMTP Testing - Built-in email configuration testing with TLS/SSL support
- Scheduled Scanning - Configurable intervals (20min debug to quarterly)
- Scan Options - Choose to scan system components, external components, or both
- Multiple Report Types - Executive, Technical, and Compliance reports
- PDF Generation - Professional report export functionality
- Severity Filtering - Filter reports by vulnerability severity
- Timeline Analysis - Track vulnerability trends over time
UTD-CVE-Manager/
βββ app.py # Flask web application with API endpoints
βββ core/ # Core application modules
β βββ app_scanner.py # Cross-platform software component scanner
β βββ cve_scanner.py # NVD API integration with rate limiting
β βββ database.py # SQLite database manager with encryption
β βββ encryption.py # XOR encryption for sensitive data
β βββ migrate_settings.py # Migration utility for .env to database
βββ templates/ # Jinja2 HTML templates
β βββ base.html # Base template with navigation
β βββ dashboard.html # Real-time dashboard with progress tracking
β βββ cve_details.html # Paginated CVE details with filtering
β βββ reports.html # Professional report generation
β βββ settings.html # Encrypted settings management
βββ static/
β βββ css/style.css # Complete EDR-style dark theme
β βββ js/main.js # Interactive features and notifications
βββ requirements.txt # Python dependencies
- Python 3.8+
- Windows or Linux OS (Windows primarily supported)
- NVD API Key (optional - enhances performance but not required)
π Note: UTD CVE Manager works perfectly without an API key! You can start scanning immediately after installation.
- Clone the repository
git clone https://github.com/iampopg/UTD-CVE-Manager.git
cd UTD-CVE-Manager- Install dependencies
pip install -r requirements.txt- Run the application
python app.py- Start Scanning Immediately
python app.py- Browser opens automatically at http://127.0.0.1:5000
- Click "Scan System" to start vulnerability detection
- No configuration needed - works out of the box!
- Optional: Add API Key for Faster Scanning
- Go to Settings and add your NVD API key (free from NIST)
- API key increases scan speed by 50x (0.6s vs 6s between requests)
- Get your free API key: https://nvd.nist.gov/developers/request-an-api-key
For production environments, use a WSGI server instead of Flask's built-in server:
# Install gunicorn
pip install gunicorn
# Run with gunicorn (4 workers)
gunicorn -w 4 -b 0.0.0.0:5000 app:app
# Or with specific host/port
gunicorn -w 4 -b your-server-ip:8080 app:appNote: The Flask development server warning is normal for local use. For production deployments on public servers, always use a production WSGI server like gunicorn, uWSGI, or waitress.
Without API Key:
- β Works immediately out of the box
- β No registration or setup required
β οΈ Slower scanning (6 seconds between requests)β οΈ 5 requests per 30-second window
With API Key (Recommended):
- Register at https://nvd.nist.gov/developers/request-an-api-key
- Add API key in Settings page (automatically encrypted)
- Enjoy 50x faster scanning (0.6 seconds between requests)
- Higher limits - 50 requests per 30-second window
- Automatic initialization - SQLite database created on first run
- Encrypted credentials - API keys and SMTP passwords use XOR encryption
- Schema compatibility - Handles database migrations automatically
- Duplicate prevention - Intelligent application deduplication
- SMTP Configuration - Gmail, Outlook, or custom SMTP servers
- TLS/SSL Support - Secure email transmission
- Connection Testing - Verify settings before saving
- Critical CVE Alerts - Automatic notifications for high-risk vulnerabilities
- Real-time Statistics - Total, scanned, vulnerable, and safe components
- Severity Breakdown - Critical, High, Medium, Low CVE counts
- Last Scan Info - Date, time, and scan results
- Progress Tracking - Live scan progress with current component
- Smart Filtering - All Data (default), All Severities, Safe, or specific levels
- Component Priority - OS and firmware components displayed first
- Visual Tags - OS, BIOS, IIS, and EXTERNAL component identification
- Pagination - 10 software components per page with navigation
- Expandable Details - Click to view CVEs with 10 per page
- Search Functionality - Global search across all data
- API Management - Encrypted NVD API key storage
- Scheduled Scanning - Weekly recommended, 20min debug option
- Scan Options - Choose system components, external components, or both
- External Components - Add custom software components for monitoring
- SMTP Setup - Email notifications with connection testing
- Professional Reports - Executive, Technical, Compliance formats
- PDF Export - Print-friendly report generation
- Severity Filtering - Focus on specific risk levels
- Timeline Analysis - Track security posture over time
- XOR Encryption - Embedded key for sensitive data
- Database Storage - No plain text credentials in files
- Local Processing - All data stays on your system
- Secure Transmission - HTTPS for NVD API communication
- API Key Validation - Prevents scans without proper credentials
- Rate Limiting - Respects NVD API quotas (6-second delays)
- Error Handling - Graceful failure with user guidance
- Input Validation - Prevents injection attacks
- Cross-Platform Detection - Windows registry and Linux package managers
- System Component Discovery - OS, BIOS/UEFI, web servers (IIS, Apache)
- Version Detection - Precise version string extraction from multiple sources
- Publisher Information - Software vendor identification
- Smart Deduplication - Removes duplicate entries across scan methods
- CPE Generation - Common Platform Enumeration strings
- virtualMatchString - NVD API parameter for precise matching
- Version Ranges - Handles complex version comparisons
- Real-time Processing - Live vulnerability correlation
- Components Table - Software inventory with scan results and external flags
- CVEs Table - Vulnerability details with CVSS scores
- Settings Table - Encrypted configuration storage
- External Components Table - User-defined software components
- Scan History - Complete audit trail
- EDR-Style Theme - Professional cybersecurity aesthetic
- Dark Mode - Reduces eye strain during security analysis
- Responsive Design - Works on desktop and mobile devices
- Color Coding - Severity-based visual indicators
- Real-time Updates - Live dashboard statistics
- Progress Tracking - Visual scan progress with percentages
- Hover Effects - Enhanced user experience
- Notification System - Success, error, and info messages
- β Cross-platform software component discovery (Windows/Linux)
- β System component detection (OS, BIOS, web servers)
- β Real-time NVD API integration
- β Encrypted settings storage
- β Background scanning with progress tracking
- β Component tagging and prioritization
- β Paginated CVE details with advanced filtering
- β Scheduled scanning
- β SMTP notifications with testing
- β External component management with CSV upload
- β Professional report generation
- β Comprehensive search and filteringgement
- β Professional dashboard
- β Database security and encryption
- π§ Advanced report generation
- π§ Email notification automation
- π§ Additional export formats
- π§ API rate optimization
Developed by iampopg
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests if applicable
- Submit a pull request
This project is licensed under the MIT License - see the LICENSE file for details.
UTD CVE Manager is open for collaboration and free to use by:
- β Individuals - Personal use, learning, and development
- β Companies - Commercial use, enterprise deployments
- β Organizations - Non-profit, educational, and government use
Modification & Distribution:
- β Modifications allowed - Customize, enhance, and adapt the code
- β Redistribution permitted - Share your improvements with the community
β οΈ Credit required - Attribution must be maintained in the application
Mandatory Attribution: The following credit text MUST NOT be removed from the application:
UTD CVE Manager - Developed by iampopg
Vulnerability data provided by NIST National Vulnerability Database
Keeping your systems secure, one vulnerability at a time
Collaboration Welcome:
- Fork, modify, and contribute back to the community
- Commercial use is encouraged to improve cybersecurity
- Enterprise customizations and integrations are supported
- Credit the original developer while building upon this foundation
- iampopg - Lead Developer and Project Creator
- NIST NVD - For providing comprehensive vulnerability data
- Flask Community - For the excellent web framework
- Security Researchers - For identifying and reporting vulnerabilities
For questions, issues, or feature requests:
- GitHub Issues - https://github.com/iampopg/UTD-CVE-Manager/issues
- Developer - iampopg
- Documentation - Check the project wiki
UTD CVE Manager - Keeping your systems secure, one vulnerability at a time. π‘οΈ
Developed with β€οΈ by iampopg