A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
https://cve.mitre.org/data/refs/
has a mapping from vendor vulnerability ids to CVEs, including Slackware, Apple, Gentoo, IBM, etc. etc.
This might be very useful to index.