VulnIQ processes advisories published by vendors such as Cisco, Red Hat, Microsoft and correlates advisories with other data. You can add/remove advisory sources as you like when running your private instance. VulnIQ comes with built-in data processors for various vendors.
CVSS scores discovered in advisories are added to CVE entries to allow users view all CVSS scores for a CVE entry.