Bookmarks
Tag cloud
Picture wall
Daily
RSS Feed
  • RSS Feed
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filters

Links per page

  • 20 links
  • 50 links
  • 100 links

Filters

Untagged links
11 results tagged vulnerabilities  ✕   ✕
osv.dev https://osv.dev/
Tue 28 Mar 2023 03:15:26 PM PDT archive.org

An open, precise, and distributed approach to producing and consuming vulnerability information for open source.

All advisories in this database use the OpenSSF OSV format, which was developed in collaboration with open source communities. The OSV schema provides a human and machine readable data format to describe vulnerabilities in a way that precisely maps to open source package versions or commit hashes.

An easy-to-use API is available to query for all known vulnerabilities by either a commit hash, or a package version.

Patch into Searx?

vulnerabilities database rest api query infosec
0dayfans https://0dayfans.com/
Fri 25 Nov 2022 03:15:21 PM PST archive.org

A somewhat silly website that talks about recently discovered 0-day vulnerabilities.

RSS feed: https://0dayfans.com/feed.rss

blog infosec vulnerabilities glitch
The Open Cloud Vulnerability & Security Issue Database https://www.cloudvulndb.org/
Fri 23 Sep 2022 08:01:43 PM PDT archive.org

An open project to list all known cloud vulnerabilitiesand Cloud Service Provider security issues.

RSS: https://www.cloudvulndb.org/rss/feed.xml

infosec vulnerabilities cloudcomputing providers glitch
OpenCVE https://www.opencve.io/
Tue 14 Dec 2021 04:50:54 PM PST archive.org

OpenCVE lets you search the CVE you want filtered by vendor, product, CVSS or CWE. Synchronized with the feed provided by the NVD. So each CVE displays the standards you already know (CVE, CPE, CWE, CVSS). You can then subscribe as many vendors or products as you want, and you will be notified as soon as a CVE concerning them is published or updated. Your custom dashboards and reports only include the CVEs associated with your subscriptions, and you can filter the list by keywords of CVSS score. OpenCVE keeps track of the changes, so you can find the history of your alerts in your Reports page. Can be self-hosted if you're concerned about leaking information outside of your organization.

REST API: https://docs.opencve.io/api/

Github: https://github.com/opencve/opencve

infosec vulnerabilities management reporting cve rest api glitch service webapps python selfhosted
inTheWild https://inthewild.io/
Thu 02 Dec 2021 03:58:23 PM PST archive.org

Community driven open database of vulnerability exploitation in the wild. We believe that exploitation information is about safety and it should be easy to access and not be behind paywalls. Get alerts on new reports of exploitation via RSS, Twitter, grab our docker image, the hourly database exports or get the full exploited list in the API.

infosec vulnerabilities reports triage rss rest api glitch exocortex
CVE https://www.cve.org/
Mon 26 Jul 2021 01:41:27 PM PDT archive.org

The mission of the CVE Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.

infosec vulnerabilities cve feeds security
GitHub - roottusk/vapi: vAPI is a Vulnerable Adversely Programmed Interface which is Self-Hostable PHP Interface that demonstrates OWASP API Top 10 in the means of Exercises. https://github.com/roottusk/vapi
Thu 10 Sep 2020 06:58:33 PM PDT archive.org

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable PHP Interface that demonstrates OWASP API Top 10 in the means of Exercises. Requires PHP, Apache, MySQL, and probably a man-in-the-middle proxy.

php rest api infosec practice vulnerabilities
securego/gosec: Golang security checker https://github.com/securego/gosec
Mon 10 Sep 2018 11:09:06 AM PDT archive.org

Static security analyzer for Golang code. Checks against the Golang AST. Tries to verify some best practices (no hardcoded credentials, listening on 0.0.0.0 by default, things like that. Has all of the usual CLI options you'd hope it has.

golang infosec analyzer static vulnerabilities bestpractices cli
Exploits Database by Offensive Security http://www.exploit-db.com/
Tue 20 Mar 2018 01:44:32 AM PDT archive.org

Offensive Security Training has taken over where Milw0rm left off in their archival of live exploits, vulnerability descriptions, attacks, and whitepapers.

information exploits database infosec papers shellcode vulnerabilities
NVD - Home https://nvd.nist.gov/
Tue 20 Mar 2018 12:03:00 AM PDT archive.org

National Vulnerability Database.

infosec feeds vulnerabilities cve security
coreos/clair: Vulnerability Static Analysis for Containers https://github.com/coreos/clair
Mon 19 Mar 2018 11:38:07 PM PDT archive.org

Clair is a FOSS utility for conducting static security analysis of Linux containers, Docker containers in particular. Clair continually updates its internal index of known vulnerabilities so it can keep constant watch over what it monitors. Has a modular architecture to make it easier to extend the project without having to fork() it. Also designed to fit into a CI/CD pipeline to monitor in-house containers as they're built. Plugs into Kubernetes. Requires Postgres. Written in Go.  sysadmin infosec scanner scanning

scanning postgres vulnerabilities infosec analysis sysadmin linux golang security foss containers scanner
5006 links, including 377 private
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Theme by kalvn