Access to reliable and timely information about vulnerabilities affecting Information and Communication Technology (ICT) products and services contributes to an enhanced cybersecurity risk management. Sources of publicly available information about vulnerabilities are an important tool for users of these services, competent authorities, and the broader cybersecurity community. ENISA has established a European Vulnerability Database (EUVD) where entities, regardless of whether they fall within the scope of the NIS2 Directive, and their suppliers of network and information systems, as well as competent authorities, most notably CSIRTs, can voluntarily disclose and register publicly known vulnerabilities to allow users to take appropriate mitigating measures.
In line with Coordinated Vulnerability Disclosure practices, which aim at providing improved transparency regarding the publication process, the EUVD is eventually used to publicly disclose the vulnerability information.
To avoid efforts duplication and to support complementarity, ENISA closely cooperates with MITRE and European as well as non-European operators of the Common Vulnerabilities and Exposures (CVE) system. In this context, ENISA offers vulnerability registry services after its onboarding as a CVE Numbering Authority (CNA), with a focus on vulnerabilities in IT products discovered by or reported to European CSIRTs for coordinated disclosure.
I don't know if there's an RSS feed or an API yet.
A curated list of search engines useful during penetration testing, vulnerability assessments, red/blue team operations, bug bounties, and more.
The Exploit Database is maintained by OffSec, an information security training company that provides various Information Security Certifications as well as high end penetration testing services. The Exploit Database is a non-profit project that is provided as a public service by OffSec.
The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Our aim is to serve the most comprehensive collection of exploits gathered through direct submissions, mailing lists, as well as other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.
The CVEDB API offers a quick way to check information about vulnerabilities in a service. You can search using either the CVE-ID or CPE23.
A vulnerability lookup service by SHODAN.
Free for non-commercial use (i.e., selling the data). You don't need a SHODAN API key.
A large number of threat intel RSS feeds for the security community. Includes service detects and updates, new vulnerabilities, updates, and bad actor IP address updates.
AWS publishes security bulletins for its various components. I didn't know they did that; nice surprise.
RSS: https://aws.amazon.com/security/security-bulletins/rss/feed/
Vulnerability Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).
Vulnerability Lookup is also a collaborative platform where users can comment on security advisories and create bundles.
Consolidates vulnerabilities from multiple sources.
Github: https://github.com/cve-search/vulnerability-lookup
API: https://vulnerability.circl.lu/doc
At present, 13 different sources and four output formats. You can also download dumps from any of those sources as raw data.
Each source has its own RSS feed that can be monitored. Not every entry has an immediately obvious title, and not every entry has a description, so you'll want to pull the URL in the link field and analyze from there.
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Says there's a GraphQL API. Ew.
Github repo for the advisories: https://github.com/github/advisory-database
Their REST API is a huge pain to work with.
JVN stands for "the Japan Vulnerability Notes." It is a vulnerability information portal site designed to help ensure Internet security by providing vulnerability information and their solutions for software products used in Japan. JVN is operated jointly by the JPCERT Coordination Center and the Information-technology Promotion Agency (IPA). It's basically Japan's threat intel clearinghouse.
JVN is a vulnerability knowledge-base assisting system administrators and software and other products developers enhance security for their products and customers. Product developers' statements on vulnerabilities include information on affected products, workarounds, and solutions (e.g., updates and patches).
RSS feed: https://jvn.jp/en/rss/jvn.rdf
In these times where a new major data breach occurs on a daily basis, it is important for the personal Internet user, corporations, and governments to stay aware of vulnerabilities that may affect their systems. Packet Storm provides around-the-clock information and tools in order to help mitigate both personal data and fiscal loss on a global scale. As new information surfaces, Packet Storm releases everything immediately through it's RSS feeds, Twitter, and Facebook. The site is referenced in over a hundred books and has a history of being spotlighted in the news.
Packet Storm has been a cornerstone on the Internet since 1998 and is visited monthly by over 190 countries. The site is meant to provide a unique service to everyone on the Internet - shedding full light on real security issues that may affect them. It is home to system administrators who need to keep their network up to date, security researchers who discover and report new findings, governments and corporations that need to understand current events, security vendors that want to develop new signatures for their software, and many others. Get involved and help secure the world.
RSS feeds: https://packetstormsecurity.com/feeds
Possibly one of the oldest threat intel sites out there.
We report several practically-exploitable cryptographic vulnerabilities in the end-to-end encryption in Matrix and describe proof-of-concept attacks exploiting these vulnerabilities. When relying on implementation specific behaviour, these attacks target the Matrix standard as implemented by the matrix-react-sdk and matrix-js-sdk libraries. These libraries provide the basis for the flagship Element client. The vulnerabilities we exploit differ in their nature (insecure by design, protocol confusion, lack of domain separation, implementation bugs) and are distributed broadly across the different subprotocols and libraries that make up the cryptographic core of Matrix.
Status: Whilst the language of the paper and this website is in present tense, many of the vulnerabilities disclosed have been fixed. See our updated paper (or Matrix’ website) for more details. Our updated paper includes details of the mitigations for these attacks (alongside a few updates and corrections).
cve-maker is a hub for finding CVEs and exploits. It is based on the official NIST, ExploitDB and Github databases. The tool makes it quick and easy to search for CVEs and their associated exploits. It is able to detect exploit compilation options. It can also be used to list the latest critical vulnerabilities.
EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories. List alerts for a user, organization, or specific set of repositories. Display Github Security Advisory (GHSA) IDs. Filter alerts by ID, severity, and age. Check if alerts are enabled or disabled. Run interactively or from CI/CD scripts.
EZGHSA needs to authenticate with the Github API.
Documentation for Ubuntu's vulnerability API.
Over 100 forks of deliberately vulnerable web applications and APIs to practice on.
Canonical’s Security Team produces Ubuntu OVAL, a structured, machine-readable dataset for all supported Ubuntu releases. It can be used to evaluate and manage security risks related to any existing Ubuntu components. It is based on the Open Vulnerability and Assessment Language (OVAL).
Ubuntu OVAL also allows for any third-party Security Content Automation Protocol (SCAP) compliant tools to accurately scan an Ubuntu system or an official Ubuntu OCI image for vulnerabilities.
wget https://security-metadata.canonical.com/oval/com.ubuntu.$(lsb_release -cs).usn.oval.xml.bz2
Imports vulnerability data from your continual monitoring and scanning infrastructure and does all the legwork of documenting, finding references, mapping to CVEs, and so forth.
Faraday aggregates and normalizes the data you load, allowing exploring it into different visualizations that are useful to managers and analysts alike.
Uses Postgres as its back-end.
An open, precise, and distributed approach to producing and consuming vulnerability information for open source.
All advisories in this database use the OpenSSF OSV format, which was developed in collaboration with open source communities. The OSV schema provides a human and machine readable data format to describe vulnerabilities in a way that precisely maps to open source package versions or commit hashes.
An easy-to-use API is available to query for all known vulnerabilities by either a commit hash, or a package version.
Patch into Searx?
A somewhat silly website that talks about recently discovered 0-day vulnerabilities.
RSS feed: https://0dayfans.com/feed.rss
An open project to list all known cloud vulnerabilitiesand Cloud Service Provider security issues.