The Sensio people have made so cool stuff including the SensioLabs Security Checker. You can use it via composer but you can also download a PHAR file and scan your entire server.
wget http://get.sensiolabs.org/security-checker.phar -O ~/security-checker.phar find /var/www -type f -name "composer.lock" -exec php ~/security-checker.phar security:check {} ;
Symfony Security Check Report =============================
// Checked file: /var/www/XYZ/ABC/composer.lock
[OK] No packages have known vulnerabilities.
! [NOTE] This checker can only detect vulnerabilities that are referenced in the SensioLabs security advisories ! database. Execute this command regularly to check the newly discovered vulnerabilities.