Greenbone Vulnerability Management

PPA description

Greenbone Vulnerability Management version 22.04 (GVM-22) is the current stable major release of tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. GVM is developed for and as part of the commercial product line Greenbone Security Manager. It is developed by Greenbone and licenced as Open Source.

More info at:

** NEW **
A set of docker images based on this PPA are avialble at docker hub. It could be used to setup GVM on any distribution of GNU/Linux.
More info:


To install the Greenbone Vulnerability Management 22.04 packages on Ubuntu 22.04 Jammy Jellyfish first you need to install PostgreSQL database server (if you don't already have one--it could also be installed on a remote machine):

sudo apt install postgresql

Then use the following commands to install GVM:

sudo add-apt-repository ppa:mrazavi/gvm
sudo apt install gvm

Finally, you have to update the greenbone nvt/cert/scap data with these commands:

sudo -u gvm -g gvm greenbone-nvt-sync
sudo -u gvm -g gvm greenbone-feed-sync-legacy --type CERT
sudo -u gvm -g gvm greenbone-feed-sync-legacy --type SCAP
sudo -u gvm -g gvm greenbone-feed-sync-legacy --type GVMD_DATA

To remove NVT db, and rebuild it from the scanner:

export $(sudo cat /etc/default/gvmd-pg)
sudo -E -u gvm -g gvm gvmd --rebuild

You can access the Greenbone Security Assistant web interface at:


The default username/password is as follows:

Username: admin
Password: admin

You can check the status of greenbone daemons with systemctl:

systemctl status ospd-openvas # scanner
systemctl status gvmd # manager
systemctl status gsad # web ui

If you want to run gvm components (e.g. gvmd, openvas, etc.) manually, always run them with sudo -E -u gvm -g gvm. Also, if you need to access the gvmd database, you should first load the database credentials:

export $(sudo cat /etc/default/gvmd-pg)
sudo -E -u gvm -g gvm gvmd [more arguments...]

A note for GVM 21.04 users:

The new greenbone-feed-sync package will install the new script that is the new recommended way to update the gvm feed. Although gvmd-common package still provides the old feed sync scripts with a -legacy suffix.

The ospd library package is now merged into ospd-openvas and the new postgresql-14-gvm package will now install the gvm postgresql extensions.

The new notus-scanner package is now available that could be used to detect vulnerable products in system environments. It will not be installed by default, but you can manually install it via "apt install" command.

This PPA also provides a nodejs version 18 alongside a fixed version of yarnpkg for Ubuntu 22.04 Jammy Jellyfish. They are required for building the gsa module but are not a requirement for its installation.

A note for GVM 20.08 users:

The default GSA settings in the GVM-21 is now enables gsad daemon on http instead of https. You can change /etc/default/gsad file for tweaking the settings.

It is also worth mentioning that openvas package is renamed to openvas-scanner by the upstream source.

A note for GVM 11 users:

Certain resources that were previously part of the gvm packages are now shipped via the feed. An example is the config "Full and Fast".

So, in the new version, it is importat to sync the new "GVMD_DATA" feed as well as other feeds (nvt/cert/scap). It is worth noting that "GVMD_DATA" sync will not be completed unless other feeds are already synced.

More info at:

A note for GVM 10 users:

GVM-10 supported both SQLite and PostgreSQL as database backend for gvmd. Unfortunately GVM-11 only supports PostgreSQL, so if you are using SQLite backend, you have to migrate to PostgreSQL. More info is available on

Another new change in GVM-11 is that openvas-scanner package is now renamed to openvas. The new openvas package doesn't provide a daemon. Instead there is a new ospd-openvas package/daemon which executes openvas binary and gvmd connects to ospd-openvas with OSP protocol to perform the vulnerability scans.

Finally, if you were using PostgreSQL backend with GVM-10 it is worth noting that gvmd package will migrate the database automatically for you. But if you have problems with the database you can run the following commands to do it manually:

. /etc/default/gvmd
gvmd --migrate

And if gvmd is complaining it cannot connect to openvas it maybe because the scanner defined in the database is outdated. You can always recreate a new database with:

# IMPORTANT NOTE: if you choose to reinstall the database the old database
# will be deleted and you will loose the associated data
# e.g. all the scans, reports, etc. WILL BE DELETED.
sudo dpkg-reconfigure gvmd-pg

Also GVM 10 nvticache in the redis is not compatible with GVM 11 so you have to flush the cache in the redis after upgrading the GVM:

sudo redis-cli -s /var/run/redis/redis.sock FLUSHALL

Adding this PPA to your system

You can update your system with unsupported packages from this untrusted PPA by adding ppa:mrazavi/gvm to your system's Software Sources. (Read about installing)

sudo add-apt-repository ppa:mrazavi/gvm
sudo apt update
Technical details about this PPA

This PPA can be added to your system manually by copying the lines below and adding them to your system's software sources.

Display sources.list entries for:
Signing key:
1024R/CF38C8D889ADEAC0265E36983C453D244AA450E0 (What is this?)

For questions and bugs with software in this PPA please contact Mohammad Razavi.

PPA statistics

0 updates added during the past month.
View package details

Overview of published packages

142 of 42 results
Package Version Uploaded by
greenbone-feed-sync 23.2.1-1 Mohammad Razavi ()
gsa 22.4.1-2 Mohammad Razavi ()
gsa 21.4.4-2 Mohammad Razavi ()
gsa 9.0.0-1 Mohammad Razavi ()
gsa-nodejs-build-dependencies 5.0.0 Mohammad Razavi ()
gsa-nodejs-build-dependencies 4.2.0 Mohammad Razavi ()
gsa-nodejs-build-dependencies 2.0.0 Mohammad Razavi ()
gsad 22.4.1-2 Mohammad Razavi ()
gsad 21.4.4-1 Mohammad Razavi ()
gvm-libs 22.4.4-2 Mohammad Razavi ()
gvm-libs 21.4.4-1 Mohammad Razavi ()
gvm-libs 11.0.0-1 Mohammad Razavi ()
gvm-tools 21.10.0-1 Mohammad Razavi ()
gvm-tools 2.0.0-1 Mohammad Razavi ()
gvmd 22.4.2-2 Mohammad Razavi ()
gvmd 21.4.5-1 Mohammad Razavi ()
gvmd 9.0.0-1 Mohammad Razavi ()
libuv1 1.44.2-1 Mohammad Razavi ()
node-cjs-module-lexer 1.2.2-1 Mohammad Razavi ()
node-undici 5.10.0-1 Mohammad Razavi ()
node-yarnpkg 1.22.19-1.fix.type.error Mohammad Razavi ()
nodejs 18.13.0+dfsg1-1ubuntu2 Mohammad Razavi ()
notus-scanner 22.4.5-1 Mohammad Razavi ()
openvas 1:20.8.1-2 Mohammad Razavi ()
openvas 1:7.0.0-2 Mohammad Razavi ()
openvas-scanner 1:22.4.1-2 Mohammad Razavi ()
openvas-scanner 1:21.4.4-1 Mohammad Razavi ()
openvas-scanner 6.0.0-3 Mohammad Razavi ()
openvas-smb 22.4.0-1 Mohammad Razavi ()
openvas-smb 21.4.0-1 Mohammad Razavi ()
openvas-smb 1.0.5-1 Mohammad Razavi ()
ospd 21.4.4-1 Mohammad Razavi ()
ospd 2.0.0-1 Mohammad Razavi ()
ospd-openvas 22.4.6-2 Mohammad Razavi ()
ospd-openvas 21.4.3-1 Mohammad Razavi ()
ospd-openvas 1.0.0-3 Mohammad Razavi ()
pg-gvm 22.4.0-1 Mohammad Razavi ()
polib 1.1.0-4 (Newer version available) Mohammad Razavi ()
python-gvm 21.10.0-1 Mohammad Razavi ()
python-gvm 1.0.0-1 Mohammad Razavi ()
python-redis 3.3.11-2 Mohammad Razavi ()
yarn 1.13.0-1 Mohammad Razavi ()
142 of 42 results

Latest updates

  • gsad 35 weeks ago
    Successfully built
  • gvmd 35 weeks ago
    Successfully built
  • gvm-libs 35 weeks ago
    Successfully built
  • ospd-openvas 35 weeks ago
    Successfully built
  • notus-scanner 35 weeks ago
    Successfully built