The intention is that after an installation users get a warning when there are known vulnerabilities.
No matter how this is implemented.
Think about the following scenario:
A user installs the current version of an application (like web browser), but the application has vulnerabilities.
The daily VulnDetect will start in some hours.
Now the user browses in the web and gets infected or hacked (the vulnerability is abused).
And after that he can see in the list of installed applications (in VulnDetect) that this software has vulnerabilities.
So the user will be very upset, because VulnDetect does already know about the vulnerability but did not warn him in time!
This could really be a problem for VulnDetect.
@olli_s For personal use, using local time could be acceptable even if this causes some troubles at Daily summer time changes. For administration in an international context it is a nightmare.
I suggest to use eventlog which stores data in UTC and display using local time of the one who displays the logs. This also have the advantage to manage security of logs.