https://github.com/adulau/cve-search
$ python search.py -p typo3 -o json | jq -r '.cvss' | Rscript -e 'mean(as.numeric(read.table(file("stdin"))[,1]))'
[1] 6.161562
$ python search.py -p wordpress -o json | jq -r '.cvss' | Rscript -e 'mean(as.numeric(read.table(file("stdin"))[,1]))'
[1] 5.622102
$ python search.py -p joomla -o json | jq -r '.cvss' | Rscript -e 'mean(as.numeric(read.table(file("stdin"))[,1]))'
[1] 6.771003
$ python search.py -p spip -o json | jq -r '.cvss' | Rscript -e 'mean(as.numeric(read.table(file("stdin"))[,1]))'
[1] 6.564286
search.py -p oracle:java -o json | jq -r '.cvss' | Rscript -e 'summary(as.numeric(read.table(file("stdin"))[,1]))'
pkgutil --pkgs | tr "." "\n" | sort -u | parallel python3.3 search_fulltext.py -q | sort -n
port installed | grep active | awk '{sub(/@/,"",$2); sub(/_/,"",$2); print $1 " " $2;}' | parallel python3.3 search_fulltext.py -q
pkgutil --pkgs | tr "." "\n" | sort -u | parallel python3.3 search_fulltext.py -f -q | jq -r '. | .cvss+","+.summary' | sort -n
python3.3 search_fulltext.py -q Java -f | jq '.cvss'
python3.3 search_fulltext.py -q Java -f | jq '. | {cvss, summary}'
python3.3 search_fulltext.py -q unknown -f | jq -r '. | .vulnerable_configuration[0]' | cut -f3 -d: | sort | uniq -c | sort -nr
1231 oracle
380 sun
320 hp
208 google
193 ibm
113 mozilla
102 microsoft
98 adobe
76 apple
68 linux
43 ethereal_group
41 joomla
38 typo3
...