Synopsys Enters into Definitive Agreement for Sale of Application Security (Software Integrity Group) Learn More

close search bar

Sorry, not available in this language yet

close language selection

Black Duck’s open source KnowledgeBase™ is the industry’s most comprehensive database of open source project, license, and security information, sourced and curated by the Synopsys Cybersecurity Research Center (CyRC), covering more than 8.1 million open source components from over 29,000 forges and repositories.


unique open source licenses


unique vulnerabilities


open source projects

Get unparalleled insight into open source components

2,750+ unique open source licenses

The KnowledgeBase contains more than 2,750 unique open source licenses (GPL, LGPL, Apache, etc.), with full license text for the most popular open source licenses and dozens of encoded attributes and obligations for each license.

247,000+ unique vulnerabilities

We track more than 247,000 unique vulnerabilities affecting more than 426,000 component versions, including thousands of Black Duck exclusive vulnerabilities not contained in the National Vulnerability Database (NVD) or other sources.

8.1+ million open source projects

We catalog more than 8.1 million unique open source projects, allowing highly accurate matches to the components that compose your software, including modified code and open source code snippets.

Deep license data

Deep license data identifies embedded licenses to help organizations trust the use of thousands of projects with no declared license. Deep license data exposes projects with no license data, which are high-risk, and provides full license text for the most popular open source licenses.

With millions of open source projects available globally from thousands of websites and forges, it can be difficult (and sometimes impossible) to effectively track your open source use and manage the application security, software license compliance, and component quality risks that come with it. Synopsys SCA solves this problem, giving development, security, and legal teams maximum visibility and control of open source in their applications and containers. The open source KnowledgeBase is the foundation for Synopsys SCA, providing the industry’s most comprehensive database of open source component, vulnerability, and license information.

Related content


See how Black Duck works

Watch the video