標準化漏洞編號：CVE 為每個已知的安全漏洞提供一個唯一的識別碼（例如：CVE-2024-12345）。
資訊共享與協作：安全研究人員、企業和政府機構可透過 CVE 來交換漏洞資訊，確保統一標識。提升補丁管理效率：企業可依據 CVE ID 快速找到相關漏洞的詳細資訊、影響範圍與修補方式。

NVD (National Vulnerability Database)：美國國家漏洞資料庫，為 CVE 提供詳細的安全分析（例如 CVSS 風險評分）。
CWE (Common Weakness Enumeration)：通用弱點列舉，描述漏洞的根本成因。
OSV (Open Source Vulnerabilities) : a vulnerability database specifically designed for open-source software. It helps developers and security teams track and manage security issues in open-source dependencies.
GitHub Advisories : GitHub 提供的一個安全漏洞管理系統，幫助開發者追蹤、報告及修復開源軟體中的安全問題。它與 CVE（通用漏洞與暴露）和 OSV（開源安全漏洞）有關聯，並與 GitHub 的 Dependabot 整合，協助開發者自動檢測及修補 dependencies 的安全性漏洞。

Detect potential vulnerabilities in the declared open source dependencies that you know about, and the undeclared code you didn’t know about.The SCANOSS Security dataset equips you with essential insights from reliable sources like the National Vulnerability Database (NVD), OSV, and GitHub Advisories.

As an API-first tool, SCANOSS enables customized real-time alerts, to ensure you stay informed about new threats, evaluate potential exploits, and plan for updates, helping you to prioritize remediation for all dependencies, not just the ones you know about.