Vulnerability Scan doesn't show CVE's

Good morning,

Just installed gvm openvas on the last kali purple update. My scans are going to fast and they are finding basically nothing, not only they show basically a few logs but they don’t show any CVE finds. I’m scaninng networks who have a lot of vulnerabilitys and the y aren’t showing.

My feeds are up to date, and I use the Full and Fast Scan and the ones Greenbone considers alive.

I don’t see what seems to be wrong here, anyone has a clue of could it be?

I used to have gvm on another virtual machine with the same configuration and it worked perfectly fine, I can’t understand what is going on.

Thank you in advance!


please take a look at


I tried the configurations of:

Consider alive
Scan Config Default
ARP Ping


The hosts are reacheable as well, even with nmap. I don’t seem to see what’s wrong, the scans just keep going but showing like 2 logs and no CVE’s. But my feeds are updated.

Did you take a look at too?

Yeah and everything seems fine.

Could it be any firewall thing? Like what port does Greenbone need to scan something in their network?

OpenVAS will scan all ports that are specified in the port list and have NVTs for the corresponding port. The default port list is “All IANA assigned TCP”, which has the theoretical port range of 1-65535 (in practise not all of those ports are assigned or have corresponding NVTs).

So if there is a firewall that blocks OpenVAS from accessing those ports on the target machine, it cannot perform the scan properly.

Thank you, I will check our Firewall!