How to Check for Vulnerable Packages

Prerequisites

Before scanning, make sure you have:

SSH access to your VPS
Root or sudo privileges

Method 1: Ubuntu/Debian – Using apt-show-versions

Connect to your VPS:

ssh hxroot@YOUR_SERVER_IP -p 22

sudo apt install apt-show-versions -y
apt-show-versions | grep upgradeable

Method 2: Check for Security Updates Only

sudo apt update
apt list --upgradable | grep security

Method 3: Debian – Use debsecan

sudo apt install debsecan -y
debsecan --format=packages --suite=$(lsb_release -cs) | grep "remotely exploitable"

Method 4: Using Lynis for Security Audit (Includes Package Checks)

sudo apt install lynis -y
sudo lynis audit system

Method 5: Check for Packages with CVEs (Using vulners)

sudo apt install jq -y
dpkg -l | awk "/^ii/ {print $2}" | while read pkg; do
    curl -s "https://vulners.com/api/v3/search/lucene/?query=$pkg" | jq ".data.search[]?.id"
done

Method 6: Automate with Vuls (Advanced)

Install Vuls for comprehensive CVE scanning.

✅ Vulnerable package check completed. Update any packages shown above.

How to Check for Vulnerable Packages

Prerequisites

Method 1: Ubuntu/Debian – Using apt-show-versions

Method 2: Check for Security Updates Only

Method 3: Debian – Use debsecan

Method 4: Using Lynis for Security Audit (Includes Package Checks)

Method 5: Check for Packages with CVEs (Using vulners)

Method 6: Automate with Vuls (Advanced)

Was this article helpful?