Improve scanning accuracy by checking package versions

Currently, CVE-ID is detected only with change log parsing on Ubuntu, Debian and CentOS, but detection accuracy by version check is also used together to improve detection accuracy

OVAL: https://oval.mitre.org/repository/about/other_repositories.html