How to Check for CVE Vulnerabilities

Using apt (Debian/Ubuntu)

sudo apt update
sudo apt upgrade --dry-run | grep -i security
sudo apt list --upgradable

Using yum security plugin (CentOS/RHEL)

sudo yum updateinfo list security
sudo yum update --security

Install Vulnerability Scanner

sudo apt install vulnerability-test-tools -y

Using Lynis to Find CVEs

sudo lynis audit system --quick | grep -i cve

Using OVAL (Open Vulnerability Assessment Language)

sudo apt install liboval-gem
sudo oval eval --results report.xml definitions.xml