vulnerablecode
vulnerablecode copied to clipboard
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase...
the Dutch national cyber security center publishes its own numbering scheme: https://advisories.ncsc.nl/ There is an RSS feed, as well as a page with all the advisories. An advisory is published...
This is low volume See - https://framework.zend.com/security/advisories - https://framework.zend.com/security/advisory/ZF2018-01 - https://getlaminas.org/security/advisories
https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-190.md
Check GitHubGraphQL API for advisories here https://docs.github.com/en/[email protected]/graphql/reference/objects#securityadvisory
MalwareBazaar has information about various malware files, including various hashes (md5, sha1, sha256, ssdeep, imphash, tlsh). Though no CVE identifiers are linked it is an easy to process data format...
As part of the upcoming release, we must document the changes in the API data structures wrt. the previously released version
This is handy to understand what is the app version that is currently running
https://github.com/nexB/vulnerablecode/pull/631 and https://github.com/nexB/vulnerablecode/pull/624 gives a basic documentation but there is scope for improvement. - [ ] Info about severity systems - [ ] Info about version_api (githubtagsapi, etc) and time...
It would be useful to have a DB stats and summary API to report high level counts. This needs design.
https://source.android.com/security/bulletin Reported by @keshav-space