Package cvechecker

Tool for compare packages installed in your system with CVE database

https://github.com/sjvermeu/cvechecker

The goal of cvechecker is to report about possible vulnerabilities on your
system, by scanning a list of installed software and matching results with the
CVE database.
This is not a bullet-proof method and you will have many false positives
(i.e.: vulnerability is fixed with a revision-release, but the tool isn't able
to detect the revision itself).
General Commands
Command Description
cvechecker Attempt to identify possible vulnerable software on the system
cvegenversdat Generate version matching rules for passed on files
cvereport Generate an HTML report for the cvechecker output
cverules Generate version matching rules for installed software on a Linux / Unix...
pullcves Update the local cvechecker CVE database and version matching rules