CINXE.COM

Vulnerability Database Catalog

<!doctype html><html lang="en" class="web tlp-clear" data-studio-config="eyJ4aHJDcmVkZW50aWFscyI6ZmFsc2UsInhockhlYWRlcnMiOnt9fQo="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>Vulnerability Database Catalog</title> <meta property="og:title" content="Vulnerability Database Catalog" /> <meta property="og:type" content="website" /> <meta property="og:image" content="https://www.first.org/_/img/first-big-icon.png" /> <meta property="og:url" content="https://www.first.org/global/sigs/vrdx/vdb-catalog" /> <meta property="og:site_name" content="FIRST — Forum of Incident Response and Security Teams" /> <meta property="fb:profile_id" content="296983660669109" /> <meta property="twitter:card" content="summary" /> <meta property="twitter:site" content="@FIRSTdotOrg" /><meta name="viewport" content="initial-scale=1,maximum-scale=1.0,user-scalable=no" /><link rel="icon" type="image/png" href="/1st.png" /><link rel="apple-touch-icon" sizes="128x128" href="/favicon.png" /><link rel="stylesheet" type="text/css" href="/_/web.css?20241031194005" /></head><body><header><div id="header" data-studio="CU52CV1W8g"><div id="c4" data-studio="Yu8FjCC11g"><div id="topbar"> <div class="sites right"> <ul> <li><a href="https://support.first.org" class="kb-datalist"><img src="/_/img/icon-portal_support.svg" alt="FIRST Support" title="FIRST Support" /></a></li> <li><a href="https://portal.first.org" class="button"><span class="no-tiny">Member </span>Portal</a></li> </ul> </div> <div class="first-logo"> <p><a href="/"><img src="/_/img/first-org-simple-negative.svg" alt="FIRST.Org" title="FIRST" /></a></p> </div> <div class="nav"> <ul class="navbar"><li><a href="/about">About FIRST</a><ul><li><a href="/about/mission">Mission Statement</a></li><li><a href="/about/history">History</a></li><li><a href="/about/sdg">Sustainable Development Goals</a></li><li><a href="/about/organization">Organization</a><ul><li><a href="/about/organization/directors">Board of Directors</a></li><li><a>Operations Team</a><ul><li><a href="/about/organization/ccb">Community &amp; Capacity Building</a></li><li><a href="/about/organization/events">Event Office</a></li><li><a href="/about/organization/executive-director">Executive Director</a></li><li><a href="/about/organization/infrastructure">Infrastructure</a></li><li><a href="/about/organization/secretariat">Secretariat</a></li></ul></li><li><a href="/about/organization/committees">Committees</a><ul><li><a href="/about/organization/committees/compensation-committee">Compensation Committee</a></li><li><a href="/about/organization/committees/conference-program-committee">Conference Program Committee</a></li><li><a href="/about/organization/committees/membership-committee">Membership Committee</a></li><li><a href="/about/organization/committees/rules-committee">Rules Committee</a></li><li><a href="/about/organization/committees/standards">Standards Committee</a></li></ul></li><li><a href="/events/agm">Annual General Meeting</a></li><li><a href="/about/organization/reports">Annual Reports and Tax Filings</a></li></ul></li><li><a href="/about/policies">FIRST Policies</a><ul><li><a href="/about/policies/anti-corruption">Anti-Corruption Policy</a></li><li><a href="/about/policies/antitrust">Antitrust Policy</a></li><li><a href="/about/policies/bylaws">Bylaws</a></li><li><a href="/about/policies/board-duties">Board duties</a></li><li><a href="/about/bugs">Bug Bounty Program</a></li><li><a href="/about/policies/code-of-conduct">Code of Conduct</a></li><li><a href="/about/policies/conflict-policy">Conflict of Interest Policy</a></li><li><a href="/about/policies/doc-rec-retention-policy">Document Record Retention and Destruction Policy</a></li><li><a href="/newsroom/policy">FIRST Press Policy</a></li><li><a href="/about/policies/gen-event-reg-refund-policy">General Event Registration Refund Policy</a></li><li><a href="/about/policies/event-site-selection">Guidelines for Site Selection for all FIRST events</a></li><li><a href="/identity">Identity &amp; Logo Usage</a></li><li><a href="/about/policies/mailing-list">Mailing List Policy</a></li><li><a href="/about/policies/media">Media Policy</a></li><li><a href="/about/policies/privacy">Privacy Policy</a></li><li><a href="/about/policies/registration-terms-conditions">Registration Terms &amp; Conditions</a></li><li><a href="/about/policies/terms">Services Terms of Use</a></li><li><a href="/about/policies/standards">Standards Policy</a></li><li><a href="/about/policies/diversity">Statement on Diversity &amp; Inclusion</a></li><li><a href="/about/policies/translation-policy">Translation Policy</a></li><li><a href="/about/policies/travel-policy">Travel Policy</a></li><li><a href="/about/policies/uniform-ipr">Uniform IPR Policy</a></li><li><a href="/about/policies/whistleblower-policy">Whistleblower Protection Policy</a></li></ul></li><li><a href="/about/partners">Partnerships</a><ul><li><a href="/global/partners">Partners</a></li><li><a href="/global/friends">Friends of FIRST</a></li><li><a href="/global/supporters/">FIRST Supporters</a></li><li><a href="/about/sponsors">Sponsors</a></li></ul></li><li><a href="/newsroom">Newsroom</a><ul><li><a href="/newsroom/news">What&#039;s New</a></li><li><a href="/newsroom/releases">Press Releases</a></li><li><a href="/newsroom/news/media">In the News</a></li><li><a href="/podcasts">Podcasts</a><ul><li><a href="/newsroom/news/first-impressions/">FIRST Impressions Podcast</a></li><li><a href="/newsroom/news/podcasts/">FIRSTCON Podcast</a></li></ul></li><li><a href="/newsroom/newsletters">Newsletters</a></li><li><a href="/newsroom/policy">FIRST Press Policy</a></li></ul></li><li><a href="/about/procurement">Procurement</a></li><li><a href="/about/jobs/">Jobs</a></li><li><a href="/contact">Contact</a></li></ul></li><li><a href="/members">Membership</a><ul><li><a href="/membership/">Becoming a Member</a><ul><li><a href="/membership/process">Membership Process for Teams</a></li><li><a href="/membership/process-liaisons">Membership Process for Liaisons</a></li><li><a href="/membership/#Fees">Membership Fees</a></li></ul></li><li><a href="/members/teams">FIRST Teams</a></li><li><a href="/members/liaisons">FIRST Liaisons</a></li><li><a href="/members/map">Members around the world</a></li></ul></li><li><a href="/global">Initiatives</a><ul><li><a href="/global/sigs">Special Interest Groups (SIGs)</a><ul><li><a href="/global/sigs/framework">SIGs Framework</a></li><li><a href="/global/sigs/academicsec" class="borderb">Academic Security SIG</a></li><li><a href="/global/sigs/ai-security">AI Security SIG</a></li><li><a href="/global/sigs/automation">Automation SIG</a></li><li><a href="/global/sigs/bigdata">Big Data SIG</a></li><li><a href="/cvss">Common Vulnerability Scoring System (CVSS-SIG)</a><ul><li><a href="/cvss/calculator/4.0">Calculator</a></li><li><a href="/cvss/v4.0/specification-document">Specification Document</a></li><li><a href="/cvss/v4.0/user-guide">User Guide</a></li><li><a href="/cvss/v4.0/examples">Examples</a></li><li><a href="/cvss/v4.0/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v4-0">CVSS v4.0 Documentation &amp; Resources</a><ul><li><a href="/cvss/calculator/4.0">CVSS v4.0 Calculator</a></li><li><a href="/cvss/v4.0/specification-document">CVSS v4.0 Specification Document</a></li><li><a href="/cvss/v4.0/user-guide">CVSS v4.0 User Guide</a></li><li><a href="/cvss/v4.0/examples">CVSS v4.0 Examples</a></li><li><a href="/cvss/v4.0/faq">CVSS v4.0 FAQ</a></li></ul></li><li><a href="/cvss/v3-1">CVSS v3.1 Archive</a><ul><li><a href="/cvss/calculator/3.1">CVSS v3.1 Calculator</a></li><li><a href="/cvss/v3.1/specification-document">CVSS v3.1 Specification Document</a></li><li><a href="/cvss/v3.1/user-guide">CVSS v3.1 User Guide</a></li><li><a href="/cvss/v3.1/examples">CVSS v3.1 Examples</a></li><li><a href="/cvss/v3.1/use-design">CVSS v3.1 Calculator Use &amp; Design</a></li></ul></li><li><a href="/cvss/v3-0">CVSS v3.0 Archive</a><ul><li><a href="/cvss/calculator/3.0">CVSS v3.0 Calculator</a></li><li><a href="/cvss/v3.0/specification-document">CVSS v3.0 Specification Document</a></li><li><a href="/cvss/v3.0/user-guide">CVSS v3.0 User Guide</a></li><li><a href="/cvss/v3.0/examples">CVSS v3.0 Examples</a></li><li><a href="/cvss/v3.0/use-design">CVSS v3.0 Calculator Use &amp; Design</a></li></ul></li><li><a href="/cvss/v2">CVSS v2 Archive</a><ul><li><a href="/cvss/v2/guide">CVSS v2 Complete Documentation</a></li><li><a href="/cvss/v2/history">CVSS v2 History</a></li><li><a href="/cvss/v2/team">CVSS-SIG team</a></li><li><a href="/cvss/v2/meetings">SIG Meetings</a></li><li><a href="/cvss/v2/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v2/adopters">CVSS Adopters</a></li><li><a href="/cvss/v2/links">CVSS Links</a></li></ul></li><li><a href="/cvss/v1">CVSS v1 Archive</a><ul><li><a href="/cvss/v1/intro">Introduction to CVSS</a></li><li><a href="/cvss/v1/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v1/guide">Complete CVSS v1 Guide</a></li></ul></li><li><a href="/cvss/data-representations">JSON &amp; XML Data Representations</a></li><li><a href="/cvss/training">CVSS On-Line Training Course</a></li><li><a href="/cvss/identity">Identity &amp; logo usage</a></li></ul></li><li><a href="/global/sigs/csirt">CSIRT Framework Development SIG</a></li><li><a href="/global/sigs/cyberinsurance">Cyber Insurance SIG</a><ul><li><a href="/global/sigs/cyberinsurance/events">Cyber Insurance SIG Webinars</a></li></ul></li><li><a href="/global/sigs/cti">Cyber Threat Intelligence SIG</a><ul><li><a href="/global/sigs/cti/curriculum/">Curriculum</a><ul><li><a href="/global/sigs/cti/curriculum/introduction">Introduction</a></li><li><a href="/global/sigs/cti/curriculum/cti-introduction">Introduction to CTI as a General topic</a></li><li><a href="/global/sigs/cti/curriculum/methods-methodology">Methods and Methodology</a></li><li><a href="/global/sigs/cti/curriculum/pir">Priority Intelligence Requirement (PIR)</a></li><li><a href="/global/sigs/cti/curriculum/source-evaluation">Source Evaluation and Information Reliability</a></li><li><a href="/global/sigs/cti/curriculum/machine-human">Machine and Human Analysis Techniques (and Intelligence Cycle)</a></li><li><a href="/global/sigs/cti/curriculum/threat-modelling">Threat Modelling</a></li><li><a href="/global/sigs/cti/curriculum/training">Training</a></li><li><a href="/global/sigs/cti/curriculum/standards">Standards</a></li><li><a href="/global/sigs/cti/curriculum/glossary">Glossary</a></li><li><a href="/global/sigs/cti/curriculum/cti-reporting/">Communicating Uncertainties in CTI Reporting</a></li></ul></li><li><a href="/global/sigs/cti/events/">Webinars and Online Training</a></li><li><a href="/global/sigs/cti/cti-program">Building a CTI program and team</a><ul><li><a href="/global/sigs/cti/cti-program/program-stages">Program maturity stages</a><ul><li><a href="/global/sigs/cti/cti-program/stage1">CTI Maturity model - Stage 1</a></li><li><a href="/global/sigs/cti/cti-program/stage2">CTI Maturity model - Stage 2</a></li><li><a href="/global/sigs/cti/cti-program/stage3">CTI Maturity model - Stage 3</a></li></ul></li><li><a href="/global/sigs/cti/cti-program/starter-kit">Program Starter Kit</a></li><li><a href="/global/sigs/cti/cti-program/resources">Resources and supporting materials</a></li></ul></li></ul></li><li><a href="/global/sigs/digital-safety">Digital Safety SIG</a></li><li><a href="/global/sigs/dns">DNS Abuse SIG</a><ul><li><a href="/global/sigs/dns/policies">Code of Conduct &amp; Other Policies</a></li><li><a href="/global/sigs/dns/dns-abuse-examples">Examples of DNS Abuse</a></li></ul></li><li><a href="/global/sigs/ethics">Ethics SIG</a><ul><li><a href="/global/sigs/ethics/ethics-first">Ethics for Incident Response Teams</a></li></ul></li><li><a href="/epss/">Exploit Prediction Scoring System (EPSS)</a><ul><li><a href="/epss/model">The EPSS Model</a></li><li><a href="/epss/data_stats">Data and Statistics</a></li><li><a href="/epss/user-guide">User Guide</a></li><li><a href="/epss/research">EPSS Research and Presentations</a></li><li><a href="/epss/faq">Frequently Asked Questions</a></li><li><a href="/epss/who_is_using">Who is using EPSS?</a></li><li><a href="/epss/epss_tools">Open-source EPSS Tools</a></li><li><a href="/epss/api">API</a></li><li><a href="/epss/papers">Related Exploit Research</a></li><li><a>Blog</a><ul><li><a href="/epss/articles/prob_percentile_bins">Understanding EPSS Probabilities and Percentiles</a></li><li><a href="/epss/articles/log4shell">Log4Shell Use Case</a></li><li><a href="/epss/articles/estimating_old_cvss">Estimating CVSS v3 Scores for 100,000 Older Vulnerabilities</a></li></ul></li><li><a href="/epss/partners">Data Partners</a></li></ul></li><li><a href="/global/sigs/msr/">FIRST Multi-Stakeholder Ransomware SIG</a></li><li><a href="/global/sigs/hfs/">Human Factors in Security SIG</a></li><li><a href="/global/sigs/ics">Industrial Control Systems SIG (ICS-SIG)</a></li><li><a href="/global/sigs/iep">Information Exchange Policy SIG (IEP-SIG)</a></li><li><a href="/global/sigs/information-sharing">Information Sharing SIG</a><ul><li><a href="/global/sigs/information-sharing/misp">Malware Information Sharing Platform</a></li></ul></li><li><a href="/global/sigs/le">Law Enforcement SIG</a></li><li><a href="/global/sigs/malware">Malware Analysis SIG</a><ul><li><a href="/global/sigs/malware/ma-framework">Malware Analysis Framework</a></li><li><a href="/global/sigs/malware/ma-framework/malwaretools">Malware Analysis Tools</a></li></ul></li><li><a href="/global/sigs/metrics">Metrics SIG</a><ul><li><a href="/global/sigs/metrics/events">Metrics SIG Webinars</a></li></ul></li><li><a href="/global/sigs/netsec/">NETSEC SIG</a></li><li><a href="/global/sigs/passive-dns">Passive DNS Exchange</a></li><li><a href="/global/sigs/policy">Policy SIG</a></li><li><a href="/global/sigs/psirt">PSIRT SIG</a></li><li><a href="/global/sigs/red-team">Red Team SIG</a></li><li><a href="/global/sigs/cpg">Retail and Consumer Packaged Goods (CPG) SIG</a></li><li><a href="/global/sigs/ctf">Security Lounge SIG</a></li><li><a href="/global/sigs/tic/">Threat Intel Coalition SIG</a><ul><li><a href="/global/sigs/tic/membership-rules">Membership Requirements and Veto Rules</a></li></ul></li><li><a href="/global/sigs/tlp">Traffic Light Protocol (TLP-SIG)</a></li><li><a href="/global/sigs/transport">Transportation and Mobility SIG</a></li><li><a href="/global/sigs/vulnerability-coordination">Vulnerability Coordination</a><ul><li><a href="/global/sigs/vulnerability-coordination/multiparty">Multi-Party Vulnerability Coordination and Disclosure</a></li><li><a href="/global/sigs/vulnerability-coordination/multiparty/guidelines">Guidelines and Practices for Multi-Party Vulnerability Coordination and Disclosure</a></li></ul></li><li><a href="/global/sigs/vrdx">Vulnerability Reporting and Data eXchange SIG (VRDX-SIG)</a><ul><li><a href="/global/sigs/vrdx/vdb-catalog">Vulnerability Database Catalog</a></li></ul></li><li><a href="/global/sigs/wof">Women of FIRST</a></li></ul></li><li><a href="/global/governance">Internet Governance</a></li><li><a href="/global/irt-database">IR Database</a></li><li><a href="/global/fellowship">Fellowship Program</a><ul><li><a href="https://portal.first.org/fellowship">Application Form</a></li></ul></li><li><a href="/global/mentorship">Mentorship Program</a></li><li><a href="/hof">IR Hall of Fame</a><ul><li><a href="/hof/inductees">Hall of Fame Inductees</a></li></ul></li><li><a href="/global/victim-notification">Victim Notification</a></li><li><a href="/volunteers/">Volunteers at FIRST</a><ul><li><a href="/volunteers/list">FIRST Volunteers</a></li><li><a href="/volunteers/participation">Volunteer Contribution Record</a></li></ul></li><li><a href="#new">Previous Activities</a><ul><li><a href="/global/practices">Best Practices Contest</a></li></ul></li></ul></li><li><a href="/standards">Standards &amp; Publications</a><ul><li><a href="/standards">Standards</a><ul><li><a href="/cvss">Common Vulnerability Scoring System (CVSS-SIG)</a></li><li><a href="/tlp">Traffic Light Protocol (TLP)</a><ul><li><a href="/tlp/use-cases">TLP Use Cases</a></li></ul></li><li><a href="/standards/frameworks/">Service Frameworks</a><ul><li><a href="/standards/frameworks/csirts">CSIRT Services Framework</a></li><li><a href="/standards/frameworks/psirts">PSIRT Services Framework</a></li></ul></li><li><a href="/iep">Information Exchange Policy (IEP)</a><ul><li><a href="/iep/iep_framework_2_0">IEP 2.0 Framework</a></li><li><a href="/iep/iep-json-2_0">IEP 2.0 JSON Specification</a></li><li><a href="/iep/iep-polices">Standard IEP Policies</a><ul><li><a href="https://www.first.org/iep/2.0/first-tlp-iep.iepj">IEP TLP Policy File</a></li><li><a href="https://www.first.org/iep/2.0/first-unknown-iep.iepj">IEP Unknown Policy File</a></li></ul></li><li><a href="/iep/iep_v1_0">IEP 1.0 Archive</a></li></ul></li><li><a href="/global/sigs/passive-dns">Passive DNS Exchange</a></li><li><a href="/epss">Exploit Prediction Scoring System (EPSS)</a></li></ul></li><li><a href="/resources/papers">Publications</a></li></ul></li><li><a href="/events">Events</a></li><li><a href="/education">Education</a><ul><li><a href="/education/first-training">FIRST Training</a><ul><li><a href="/education/trainings">Training Courses</a></li><li><a href="/education/trainers">FIRST Trainers</a></li></ul></li></ul></li><li><a href="/blog">Blog</a></li></ul> </div> </div> <div id="home-buttons"> <p><a href="/join" data-title="Join"><img alt="Join" src="/_/img/icon-join.svg"><span class="tt-join">Join<span>Details about FIRST membership and joining as a full member or liaison.</span></span></a> <a href="/learn" data-title="Learn"><img alt="Learn" src="/_/img/icon-learn.svg"><span class="tt-learn">Learn<span>Training and workshop opportunities, and details about the FIRST learning platform.</span></span></a> <a href="/participate" data-title="Participate"><img alt="Participate" src="/_/img/icon-participate.svg"><span class="tt-participate">Participate<span>Read about upcoming events, SIGs, and know what is going on.</span></span></a></p> </div></div></div></header><div id="body" data-studio="CU52CV1W8g"><div id="c1" data-studio="Yu8FjCC11g"><h1 id="Vulnerability-Database-Catalog">Vulnerability Database Catalog</h1> <h2 id="Description">Description</h2> <p>This catalog initially contains a set of vulnerability databases (VDBs) that were surveyed by the VRDX-SIG to observe differences in identifiers, coverage and scope, size, abstraction and other characteristics. VDBs are loosely defined as sites that provide vulnerability information, such as advisories, with identifiers. Included VDBs are free to access, substantially public, and have broad scope and coverage (not limited to a single vendor or research organization).</p> <p>Characteristics of each VDB were either provided by survey responses or researched by SIG members. A summary of the survey work was <a href="https://www.first.org/resources/papers/conf2015/first_2015_-_manion-_uchiyama-_terada_-_vrdx-sig_20150619.pdf">VRDX-SIG: Global Vulnerability Identification</a> at the 2015 FIRST Conference.</p> <p>The initial set of VDBs was selected to support the survey and is not meant to be comprehensive. The SIG is considering options to add and update entries. Questions or comments can be sent to <a href="mailto:vrdx-comments@first.org">vrdx-comments@first.org</a>.</p> <p>Last update: 2016-03-17</p> <div id="toc" class="h3labels subbox"> <h3 id="Vulnerability-Database">Vulnerability Database</h3> </div></div><div id="c2" data-studio="Yu8FjCC11g" class="toc-h3 underline-h3"><h3 id="AusCERT-Security-Bulletins">AusCERT Security Bulletins</h3> <ol> <li>Overview - Name: AusCERT Security Bulletins <ul> <li>Maintainer: AusCERT</li> <li>URL<br /> (en-us) <a href="https://auscert.org.au/1">https://auscert.org.au/1</a><br /> (en-us) <a href="https://auscert.org.au/11045">https://auscert.org.au/11045</a></li> <li>The overwhelming majority of them (ESB) are publicly available and the (ASB) bulletins while are available for AusCERT members only initially are also publicly available after a month.</li> </ul></li> <li>ID scheme - Number of ID schemes: 2 <ul> <li>ID format: ASB-{YYYY}.{NNNN}, ESB-{YYYY}.{NNNN} (4 digit year, 4 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES (RSS 1.0)<br /> (en-us) <a href="https://www.auscert.org.au/rss.html?cid=1980">https://www.auscert.org.au/rss.html?cid=1980</a><br /> (en-us) <a href="https://www.auscert.org.au/rss.html?cid=10415">https://www.auscert.org.au/rss.html?cid=10415</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description : YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: YES</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: YES</li> <li>Credit/Finder: NO</li> <li>Available languages: English</li> <li>Search: YES<br /> <a href="https://auscert.org.au/search.html">https://auscert.org.au/search.html</a></li> </ul></li> </ol> <h3 id="CERT-CC-Vulnerability-Notes-Database">CERT/CC Vulnerability Notes Database</h3> <ol> <li>Overview - Name: CERT/CC Vulnerability Notes Database <ul> <li>Maintainer: CERT/CC</li> <li>URL<br /> (en-us) <a href="http://www.kb.cert.org/vuls/">http://www.kb.cert.org/vuls/</a></li> <li>The Vulnerability Notes Database provides timely information about software vulnerabilities. Vulnerability notes include summaries, technical details, remediation information, and lists of affected vendors. Many vulnerability notes are the result of private coordination and disclosure efforts.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: VU#{NNNNNN} (6 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: YES <ul> <li>Use all CWE IDs or subset: all</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: YES (v2) <ul> <li>Temporal Metrics: YES (v2)</li> <li>Environmental Metrics: YES (v2)</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES (Atom)<br /> (en-us) <a href="http://www.kb.cert.org/vulfeed">http://www.kb.cert.org/vulfeed</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description : YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: YES</li> <li>Credit/Finder: YES</li> <li>Available languages: English</li> <li>Search: YES<br /> <a href="http://www.kb.cert.org/vuls/html/search/">http://www.kb.cert.org/vuls/html/search/</a></li> </ul></li> </ol> <h3 id="CERT-EU-Security-Advisories">CERT-EU Security Advisories</h3> <ol> <li>Overview - Name: CERT-EU Security Advisories <ul> <li>Maintainer: CERT-EU</li> <li>URL<br /> (en-us) <a href="https://cert.europa.eu/cert/filteredition/en/VulnerabilitiesAll.html">https://cert.europa.eu/cert/filteredition/en/VulnerabilitiesAll.html</a></li> <li>n/a</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: CERT-EU Security Advisory {YYYY}-{NNN} (4 digit year, 3 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: YES (v2) <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: NO</li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: NO</li> <li>Vendor Information: YES</li> <li>References: NO</li> <li>Credit/Finder: NO</li> <li>Available languages: English</li> <li>Search: YES<br /> <a href="https://cert.europa.eu/cert/filteredition/en/VulnerabilitiesAll.html">https://cert.europa.eu/cert/filteredition/en/VulnerabilitiesAll.html</a></li> </ul></li> </ol> <h3 id="China-National-Vulnerability-Database-of-Information-Security-CNNVD">China National Vulnerability Database of Information Security (CNNVD)</h3> <ol> <li>Overview - Name: China National Vulnerability Database of Information Security (CNNVD) <ul> <li>Maintainer: China Information Security Evaluation Center</li> <li>URL<br /> (zh-cn) <a href="http://www.cnnvd.org.cn/">http://www.cnnvd.org.cn/</a></li> <li>China National Information Security Vulnerability Database, the English name &quot;China National Vulnerability Database of Information Security&quot;, referred to as &quot;CNNVD&quot;, is maintained by China Information Security Evaluation Center for the effective performance of the functions of vulnerability analysis and risk assessment, responsible for building operation and maintenance of the national information security vulnerabilities library, for our information security to provide basic services.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: CNNVD-{YYYY}{MM}-{NNN} (4 digit year, 2 digit month, 3 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: NO</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: NO</li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description : YES</li> <li>Products Affected: NO</li> <li>Impact: NO</li> <li>Severity: YES</li> <li>Solution: NO</li> <li>Vendor Information: YES</li> <li>References: YES</li> <li>Credit/Finder: NO</li> <li>Available languages: Chinese</li> <li>Search: YES<br /> <a href="http://www.cnnvd.org.cn/vulnerability">http://www.cnnvd.org.cn/vulnerability</a></li> </ul></li> </ol> <h3 id="China-National-Vulnerability-Database-CNVD">China National Vulnerability Database (CNVD)</h3> <ol> <li>Overview - Name: China National Vulnerability Database (CNVD) <ul> <li>Maintainer: CNCERT/CC</li> <li>URL<br /> (zh-cn) <a href="http://www.cnvd.org.cn/">http://www.cnvd.org.cn/</a></li> <li>The main objective, namely to establish CNVD and national government departments, important information system users, operators, major security vendors, software vendors, research institutions, such as the public Internet users together to build unified collection of software security vulnerabilities verification, early warning and emergency release system, and effectively enhance China's overall level of research and the ability to timely prevention security vulnerabilities, thus improving the security of information systems and domestic software, promote the development of domestic security products.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: CNVD-{YYYY}-{NNNNN} (4 digit year, 5 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: YES (v2) <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: NO</li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description : YES</li> <li>Products Affected: NO</li> <li>Impact: YES</li> <li>Severity: YES</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: YES</li> <li>Credit/Finder: YES</li> <li>Available languages: Chinese</li> <li>Search: YES<br /> <a href="http://www.cnvd.org.cn/flaw/list.htm">http://www.cnvd.org.cn/flaw/list.htm</a></li> </ul></li> </ol> <h3 id="Common-Vulnerabilities-and-Exposures-CVE">Common Vulnerabilities and Exposures (CVE)</h3> <ol> <li>Overview - Name: Common Vulnerabilities and Exposures (CVE) <ul> <li>Maintainer: MITRE</li> <li>URL<br /> (en-us) <a href="https://cve.mitre.org/">https://cve.mitre.org/</a></li> <li>Common Vulnerabilities and Exposures (CVE®) is a dictionary of common names (i.e., CVE Identifiers) for publicly known information security vulnerabilities.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: CVE-{YYYY}-{NNNN...} (4 digit year, Variable length arbitrary digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF : YES (v1.1)<br /> (en-us) <a href="https://cve.mitre.org/cve/cvrf.html">https://cve.mitre.org/cve/cvrf.html</a> <ul> <li>Use of RSS/Atom: NO</li> </ul></li> <li>VDB contents - Title: NO <ul> <li>Description : YES</li> <li>Products Affected: NO</li> <li>Impact: NO</li> <li>Severity: NO</li> <li>Solution: NO</li> <li>Vendor Information: NO</li> <li>References: YES</li> <li>Credit/Finder: NO</li> <li>Available languages: English</li> <li>Search: YES<br /> <a href="http://cve.mitre.org/cve/cve.html">http://cve.mitre.org/cve/cve.html</a></li> </ul></li> </ol> <h3 id="Exploit-Database">Exploit Database</h3> <ol> <li>Overview - Name: Exploit Database <ul> <li>Maintainer: Offensive Security</li> <li>URL<br /> (en-us) <a href="https://www.exploit-db.com/">https://www.exploit-db.com/</a></li> <li>The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: EDB-ID:{NNNNN} (5 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES (RSS 2.0)<br /> (en-us) <a href="https://www.exploit-db.com/rss.xml">https://www.exploit-db.com/rss.xml</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: NO</li> <li>Vendor Information: NO</li> <li>References: NO</li> <li>Credit/Finder: YES</li> <li>Available languages: English</li> <li>Search: NO</li> </ul></li> </ol> <h3 id="ICS-CERT-ADVISORY">ICS-CERT ADVISORY</h3> <ol> <li>Overview - Name: <ul> <li>Maintainer: ICS-CERT</li> <li>URL<br /> (en-us) <a href="https://ics-cert.us-cert.gov/advisories">https://ics-cert.us-cert.gov/advisories</a></li> <li>Advisories provide timely information about current security issues, vulnerabilities, and exploits.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: ICSA-{YY}-{DDD}-{NN} (2 digit year, 3 digit day of year, 2 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: YES <ul> <li>Use all CWE IDs or subset: all</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: YES (currently v3, for older issues v2) <ul> <li>Temporal Metrics: YES (for some issues - currently v3, for older issues v2)</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES (RSS 2.0)<br /> (en-us) <a href="https://ics-cert.us-cert.gov/advisories/advisories.xml">https://ics-cert.us-cert.gov/advisories/advisories.xml</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: YES</li> <li>Credit/Finder: YES</li> <li>Available languages: English</li> <li>Search: NO</li> </ul></li> </ol> <h3 id="Japan-Vulnerability-Notes-JVN">Japan Vulnerability Notes (JVN)</h3> <ol> <li>Overview - Name: Japan Vulnerability Notes (JVN) <ul> <li>Maintainer: JPCERT/CC</li> <li>URL<br /> (en-us) <a href="http://jvn.jp/en/">http://jvn.jp/en/</a><br /> (ja-jp) <a href="http://jvn.jp/">http://jvn.jp/</a></li> <li>JVN is Vulnerability Handling Coordination DB, which is providing vulnerability countermeasure information and Japanese vendor status for vulnerabilities reported through &quot;Information Security Early Warning Partnership&quot;.</li> </ul></li> <li>ID scheme - Number of ID schemes: 2 <ul> <li>ID format: JVN#{NNNNNNNN}, JVNVU#{NNNNNNNN} (8 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: YES (v2) <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES (RSS 1.0)<br /> (en-us) <a href="http://jvn.jp/en/rss/jvn.rdf">http://jvn.jp/en/rss/jvn.rdf</a><br /> (ja-jp) <a href="http://jvn.jp/rss/jvn.rdf">http://jvn.jp/rss/jvn.rdf</a><br /> <a href="http://jvndb.jvn.jp/schema/jvnrss_2.0.xsd">http://jvndb.jvn.jp/schema/jvnrss_2.0.xsd</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description : YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: YES</li> <li>Credit/Finder: YES</li> <li>Available languages: Japanese, English</li> <li>Search: NO</li> </ul></li> </ol> <h3 id="JC3-Bulletin-Archive">JC3 Bulletin Archive</h3> <ol> <li>Overview - Name: JC3 Bulletin Archive <ul> <li>Maintainer: Department of Energy</li> <li>URL<br /> (en-us) <a href="http://energy.gov/articles/673/708757%2B708775/JC3%20Bulletin%20Archive">http://energy.gov/articles/673/708757%2B708775/JC3%20Bulletin%20Archive</a></li> <li>n/a</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: V-{NNN} (3 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES (RSS 2.0)<br /> (en-us) <a href="http://energy.gov/articles/673/708757%2B708775/JC3%20Bulletin%20Archive?view=rss">http://energy.gov/articles/673/708757%2B708775/JC3%20Bulletin%20Archive?view=rss</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: NO</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: NO</li> <li>Vendor Information: NO</li> <li>References: NO</li> <li>Credit/Finder: NO</li> <li>Available languages: English</li> <li>Search: YES<br /> <a href="http://energy.gov/articles/673/708757%2B708775/JC3%20Bulletin%20Archive">http://energy.gov/articles/673/708757%2B708775/JC3%20Bulletin%20Archive</a></li> </ul></li> </ol> <h3 id="JVN-iPedia">JVN iPedia</h3> <ol> <li>Overview - Name: JVN iPedia <ul> <li>Maintainer: IPA</li> <li>URL<br /> (en-us) <a href="http://jvndb.jvn.jp/en/">http://jvndb.jvn.jp/en/</a><br /> (ja-jp) <a href="http://jvndb.jvn.jp/">http://jvndb.jvn.jp/</a></li> <li>JVN iPedia is Vulnerability Archiving DB, which is providing countermeasure information database for covering overall vulnerabilities.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: JVNDB-{YYYY}-{NNNNNN} (4 digit year, 6 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: YES <ul> <li>Use all CWE IDs or subset: subset (CWE-635: Weaknesses Used by NVD)</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: YES (v2) <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: YES (v2.2)</li> <li>XML Data Feed - Use of CVRF: YES (v1.1)<br /> (en-us) <a href="http://jvndb.jvn.jp/myjvn?method=getCvrfInfo&amp;lang=en&amp;vulnId=">http://jvndb.jvn.jp/myjvn?method=getCvrfInfo&amp;lang=en&amp;vulnId=</a> <ul> <li>Use of RSS/Atom: YES (RSS 1.0)<br /> (en-us) <a href="http://jvndb.jvn.jp/en/rss/jvndb_new.rdf">http://jvndb.jvn.jp/en/rss/jvndb_new.rdf</a><br /> (en-us) <a href="http://jvndb.jvn.jp/en/rss/jvndb.rdf">http://jvndb.jvn.jp/en/rss/jvndb.rdf</a><br /> (ja-jp) <a href="http://jvndb.jvn.jp/ja/rss/jvndb_new.rdf">http://jvndb.jvn.jp/ja/rss/jvndb_new.rdf</a><br /> (ja-jp) <a href="http://jvndb.jvn.jp/ja/rss/jvndb.rdf">http://jvndb.jvn.jp/ja/rss/jvndb.rdf</a><br /> <a href="http://jvndb.jvn.jp/schema/jvnrss_2.0.xsd">http://jvndb.jvn.jp/schema/jvnrss_2.0.xsd</a></li> <li>Other XSD<br /> <a href="http://jvndb.jvn.jp/schema/vuldef_3.1.xsd">http://jvndb.jvn.jp/schema/vuldef_3.1.xsd</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description : YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: YES</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: YES</li> <li>Credit/Finder: NO</li> <li>Available languages: Japanese, English</li> <li>Search: YES<br /> <a href="http://jvndb.jvn.jp/search/index.php?mode=_vulnerability_search_IA_VulnSearch&amp;lang=en">http://jvndb.jvn.jp/search/index.php?mode=_vulnerability_search_IA_VulnSearch&amp;lang=en</a></li> </ul></li> </ol> <h3 id="National-Vulnerability-Database-NVD">National Vulnerability Database (NVD)</h3> <ol> <li>Overview - Name: National Vulnerability Database (NVD) <ul> <li>Maintainer: NIST</li> <li>URL<br /> (en-us) <a href="http://nvd.nist.gov/">http://nvd.nist.gov/</a><br /> (es) <a href="https://nvd.nist.gov/download.cfm#transxml">https://nvd.nist.gov/download.cfm#transxml</a></li> <li>Description: NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP).</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: CVE-{YYYY}-{NNNN...} (4 digit year, Variable length arbitrary digits)</li> <li>Vulnerability Definition: [<a href="http://cve.mitre.org/cve/editorial_policies/cd_overview.html">more</a>]</li> </ul></li> <li>CVE (X.1520) - Use of CVE:</li> <li>CWE (X.1524) [<a href="http://nvd.nist.gov/cwe.cfm">more</a>] - Use of CWE IDs: YES <ul> <li>Use all CWE IDs or subset: subset (CWE-635: Weaknesses Used by NVD)</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: YES (v2) <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: YES (v2.2/v2.3)</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES (RSS 1.0)<br /> (en-us) <a href="https://nvd.nist.gov/download/nvd-rss.xml">https://nvd.nist.gov/download/nvd-rss.xml</a></li> <li>Other XSD<br /> <a href="https://nvd.nist.gov/schema/nvd-cve-feed_2.0.xsd">https://nvd.nist.gov/schema/nvd-cve-feed_2.0.xsd</a></li> </ul></li> <li>VDB contents - Title: NO <ul> <li>Description : YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: YES</li> <li>Solution: NO</li> <li>Vendor Information: YES</li> <li>References: YES</li> <li>Credit/Finder: NO</li> <li>Available languages: English, Spanish</li> <li>Search: YES<br /> <a href="http://web.nvd.nist.gov/view/vuln/search">http://web.nvd.nist.gov/view/vuln/search</a></li> </ul></li> </ol> <h3 id="NCSC-FI-Vulnerability-Database">NCSC-FI Vulnerability Database</h3> <ol> <li>Overview - Name: NCSC-FI Vulnerability Database <ul> <li>Maintainer: Finnish Communications Regulatory Authority (FICORA) - National Cyber Security Centre Finland (NCSC-FI)</li> <li>URL<br /> (fi) <a href="https://www.viestintavirasto.fi/kyberturvallisuus/haavoittuvuudet.html">https://www.viestintavirasto.fi/kyberturvallisuus/haavoittuvuudet.html</a><br /> (sv-fi) <a href="https://www.viestintavirasto.fi/sv/cybersakerhet/sarbarheter.html">https://www.viestintavirasto.fi/sv/cybersakerhet/sarbarheter.html</a><br /> (en) <a href="https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities.html">https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities.html</a></li> <li>Software vulnerabilities pose a serious threat to the normal functioning of the information society. It is self-evident that vulnerabilities need to be identified before they can be satisfactorily fixed or before the threat posed by them can otherwise be mitigated. Furthermore, it has been seen that using software testing methodologiesand employing security research approaches can help identify previously unknown vulnerabilities.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: FICORA #{NNNNNN} (6 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: NO</li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description : YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: YES</li> <li>Credit/Finder: YES</li> <li>Available languages: Finnish, Swedish - Finland, English</li> <li>Search: YES<br /> <a href="https://www.viestintavirasto.fi/en/cybersecurity/hakutulos/tarkennettu.html.stx">https://www.viestintavirasto.fi/en/cybersecurity/hakutulos/tarkennettu.html.stx</a></li> </ul></li> </ol> <h3 id="Packet-Storm">Packet Storm</h3> <ol> <li>Overview - Name: Packet Storm <ul> <li>Maintainer: Packet Storm</li> <li>URL<br /> (en-us) <a href="https://packetstormsecurity.com/">https://packetstormsecurity.com/</a></li> <li>n/a</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: {NNNNNN} (6 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES (RSS 2.0)<br /> (en-us) <a href="https://rss.packetstormsecurity.com/files/">https://rss.packetstormsecurity.com/files/</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: NO</li> <li>Vendor Information: NO</li> <li>References: NO</li> <li>Credit/Finder: NO</li> <li>Available languages: English</li> <li>Search: YES<br /> <a href="https://packetstormsecurity.com/search/?q=Search">https://packetstormsecurity.com/search/?q=Search</a></li> </ul></li> </ol> <h3 id="Rapid7---Vulnerability-amp-Exploit-Database-Metasploit">Rapid7 - Vulnerability &amp; Exploit Database (Metasploit)</h3> <ol> <li>Overview - Name: Vulnerability &amp; Exploit Database <ul> <li>Maintainer: Rapid7</li> <li>URL<br /> (en-us) <a href="http://www.rapid7.com/db/modules/">http://www.rapid7.com/db/modules/</a></li> <li>n/a</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: {SSSS...} (Variable length arbitrary strings)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: NO</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: NO</li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: NO</li> <li>Vendor Information: NO</li> <li>References: NO</li> <li>Credit/Finder: NO</li> <li>Available languages: English</li> <li>Search: YES <a href="http://www.rapid7.com/db/search">http://www.rapid7.com/db/search</a></li> </ul></li> </ol> <h3 id="scip-VulDB">scip VulDB</h3> <ol> <li>Overview - Name: scip VulDB <ul> <li>Maintainer: scip AG</li> <li>URL<br /> (de-ch) <a href="http://www.scip.ch/?vuldb">http://www.scip.ch/?vuldb</a><br /> (en-us) <a href="http://www.scip.ch/en/?vuldb">http://www.scip.ch/en/?vuldb</a><br /> (es) <a href="http://www.scip.ch/es/?vuldb">http://www.scip.ch/es/?vuldb</a><br /> (fr) <a href="http://www.scip.ch/fr/?vuldb">http://www.scip.ch/fr/?vuldb</a><br /> (it) <a href="http://www.scip.ch/it/?vuldb">http://www.scip.ch/it/?vuldb</a><br /> (pl) <a href="http://www.scip.ch/pl/?vuldb">http://www.scip.ch/pl/?vuldb</a><br /> (sv) <a href="http://www.scip.ch/sv/?vuldb">http://www.scip.ch/sv/?vuldb</a></li> <li>scip VulDB is a free vulnerability database. Our specialists analyze and document newly discovered and disclosed vulnerabilities on a daily basis. This makes it easier for our penetration testers and customers or partners to profit from our expertise.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: scipID: {NNNNN} (5 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: YES (v2) <ul> <li>Temporal Metrics: YES (v2)</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: YES (v2.2)</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES ()<br /> (de-ch) <a href="http://www.scip.ch/?rss.vuldb">http://www.scip.ch/?rss.vuldb</a><br /> (en-us) <a href="http://www.scip.ch/en/?rss.vuldb">http://www.scip.ch/en/?rss.vuldb</a><br /> (fr) <a href="http://www.scip.ch/fr/?rss.vuldb">http://www.scip.ch/fr/?rss.vuldb</a><br /> (it) <a href="http://www.scip.ch/it/?rss.vuldb">http://www.scip.ch/it/?rss.vuldb</a><br /> (es) <a href="http://www.scip.ch/es/?rss.vuldb">http://www.scip.ch/es/?rss.vuldb</a><br /> (pl) <a href="http://www.scip.ch/pl/?rss.vuldb">http://www.scip.ch/pl/?rss.vuldb</a><br /> (sv) <a href="http://www.scip.ch/sv/?rss.vuldb">http://www.scip.ch/sv/?rss.vuldb</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: YES</li> <li>Credit/Finder: NO</li> <li>Available languages: German, English, French, Italian, Spanish, Polish, Swedish</li> <li>Search: NO<br /> <a href="http://www.scip.ch/en/?vuldb.archiv">http://www.scip.ch/en/?vuldb.archiv</a> (Annual Archives)</li> </ul></li> </ol> <h3 id="SecuriTeam">SecuriTeam</h3> <ol> <li>Overview - Name: SecuriTeam <ul> <li>Maintainer: Beyond Security</li> <li>URL<br /> (en-us) <a href="http://www.securiteam.com/">http://www.securiteam.com/</a></li> <li>Having experience as Security Specialists, Programmers and System Administrators we appreciate your need for a &quot;Security Portal&quot; - A central Security web site containing all the newest security information from various mailing lists, hacker channels and our own tools and knowledge.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: {SSSSSSSSSS} (10 fixed strings)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES (RSS 2.0)<br /> (en-us) <a href="http://www.securiteam.com/securiteam.rss">http://www.securiteam.com/securiteam.rss</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: NO</li> <li>Vendor Information: NO</li> <li>References: NO</li> <li>Credit/Finder: YES</li> <li>Available languages: English</li> <li>Search: YES<br /> <a href="http://www.securiteam.com/cgi-bin/htsearch">http://www.securiteam.com/cgi-bin/htsearch</a></li> </ul></li> </ol> <h3 id="Security-Focus">Security Focus</h3> <ol> <li>Overview - Name: Vulnerabilities <ul> <li>Maintainer: Security Focus</li> <li>URL<br /> (en-us) <a href="http://www.securityfocus.com/">http://www.securityfocus.com/</a></li> <li>n/a</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: NNNNN {5 fixed digits}</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: NO</li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: NO</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: NO</li> <li>Credit/Finder: YES</li> <li>Available languages: English</li> <li>Search: YES<br /> <a href="http://www.securityfocus.com/vulnerabilities">http://www.securityfocus.com/vulnerabilities</a></li> </ul></li> </ol> <h3 id="SecurityTracker">SecurityTracker</h3> <ol> <li>Overview - Name: SecurityTracker <ul> <li>Maintainer: SecurityGlobal.net LLC</li> <li>URL<br /> (en-us) <a href="http://securitytracker.com/">http://securitytracker.com/</a></li> <li>n/a</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: SecurityTracker Alert ID: {NNNNNNN} (7 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: NO</li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: NO</li> <li>Credit/Finder: NO</li> <li>Available languages: English</li> <li>Search:<br /> <a href="http://securitytracker.com/search/search.html">http://securitytracker.com/search/search.html</a></li> </ul></li> </ol> <h3 id="TippingPoint-Zero-Day-Initiative">TippingPoint Zero Day Initiative</h3> <ol> <li>Overview - Name: TippingPoint Zero Day Initiative <ul> <li>Maintainer: TippingPoint</li> <li>URL<br /> (en-us) <a href="http://www.zerodayinitiative.com/advisories/published/">http://www.zerodayinitiative.com/advisories/published/</a></li> <li>A list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: ZDI-{YY}-{NNN} (2 digit year, 3 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: YES (v2) <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES (RSS 1.0)<br /> (en-us) <a href="http://feeds.feedburner.com/ZDI-Published-Advisories">http://feeds.feedburner.com/ZDI-Published-Advisories</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: NO</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: NO</li> <li>Credit/Finder: YES</li> <li>Available languages: English</li> <li>Search: NO</li> </ul></li> </ol> <h3 id="VeriSign-iDefense">VeriSign iDefense</h3> <ol> <li>Overview - Name: Verisign Vulnerability Reports <ul> <li>Maintainer: Verisign</li> <li>URL<br /> (en-us) <a href="http://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/index.xhtml">http://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/index.xhtml</a></li> <li>n/a</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: {NNNN...} (Variable length arbitrary digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: YES</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: NO</li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description: YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: NO</li> <li>Solution: YES</li> <li>Vendor Information: YES</li> <li>References: NO</li> <li>Credit/Finder: YES</li> <li>Available languages: English</li> <li>Search: YES<br /> <a href="http://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/index.xhtml">http://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/index.xhtml</a></li> </ul></li> </ol> <h3 id="WooYun-org">WooYun.org</h3> <ol> <li>Overview - Name: WooYun.org <ul> <li>Maintainer: WooYun</li> <li>URL<br /> (zh-cn) <a href="http://www.wooyun.org/index.php">http://www.wooyun.org/index.php</a></li> <li>WooYun is a platform between vendors and security researchers to address security issues that allows follow-up and feedback. This platform is provided as public service. Its name comes from the current &quot;cloud&quot; on the Internet.</li> </ul></li> <li>ID scheme - Number of ID schemes: 1 <ul> <li>ID format: WooYun-YYYY-{NNNNNN} (6 fixed digits)</li> </ul></li> <li>CVE (X.1520) - Use of CVE: NO</li> <li>CWE (X.1524) - Use of CWE IDs: NO <ul> <li>Use all CWE IDs or subset: n/a</li> </ul></li> <li>CVSS (X.1521) - Base Metrics: NO <ul> <li>Temporal Metrics: NO</li> <li>Environmental Metrics: NO</li> </ul></li> <li>CPE (X.1528) - Use of CPE: NO</li> <li>XML Data Feed - Use of CVRF: NO <ul> <li>Use of RSS/Atom: YES (RSS)<br /> (zh-cn) <a href="http://www.wooyun.org/feeds/submit">http://www.wooyun.org/feeds/submit</a><br /> (zh-cn) <a href="http://www.wooyun.org/feeds/confirm">http://www.wooyun.org/feeds/confirm</a><br /> (zh-cn) <a href="http://www.wooyun.org/feeds/public">http://www.wooyun.org/feeds/public</a><br /> (zh-cn) <a href="http://www.wooyun.org/feeds/alarm">http://www.wooyun.org/feeds/alarm</a><br /> (zh-cn) <a href="http://www.wooyun.org/feeds/unclaim">http://www.wooyun.org/feeds/unclaim</a></li> </ul></li> <li>VDB contents - Title: YES <ul> <li>Description : YES</li> <li>Products Affected: YES</li> <li>Impact: YES</li> <li>Severity: YES</li> <li>Solution: NO</li> <li>Vendor Information: NO</li> <li>References: NO</li> <li>Credit/Finder: YES</li> <li>Available languages: Chinese</li> <li>Search: YES<br /> <a href="http://www.wooyun.org/bugs/">http://www.wooyun.org/bugs/</a></li> </ul></li> </ol></div></div><div id="navbar" data-studio="CU52CV1W8g"><div id="c5" data-studio="Yu8FjCC11g"><ul class="navbar"><li><a href="/global">Initiatives</a><ul><li><a href="/global/sigs">Special Interest Groups (SIGs)</a><ul><li><a href="/global/sigs/framework">SIGs Framework</a></li><li><a href="/global/sigs/academicsec" class="borderb">Academic Security SIG</a></li><li><a href="/global/sigs/ai-security">AI Security SIG</a></li><li><a href="/global/sigs/automation">Automation SIG</a></li><li><a href="/global/sigs/bigdata">Big Data SIG</a></li><li><a href="/cvss">Common Vulnerability Scoring System (CVSS-SIG)</a><ul><li><a href="/cvss/calculator/4.0">Calculator</a></li><li><a href="/cvss/v4.0/specification-document">Specification Document</a></li><li><a href="/cvss/v4.0/user-guide">User Guide</a></li><li><a href="/cvss/v4.0/examples">Examples</a></li><li><a href="/cvss/v4.0/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v4-0">CVSS v4.0 Documentation &amp; Resources</a><ul><li><a href="/cvss/calculator/4.0">CVSS v4.0 Calculator</a></li><li><a href="/cvss/v4.0/specification-document">CVSS v4.0 Specification Document</a></li><li><a href="/cvss/v4.0/user-guide">CVSS v4.0 User Guide</a></li><li><a href="/cvss/v4.0/examples">CVSS v4.0 Examples</a></li><li><a href="/cvss/v4.0/faq">CVSS v4.0 FAQ</a></li></ul></li><li><a href="/cvss/v3-1">CVSS v3.1 Archive</a><ul><li><a href="/cvss/calculator/3.1">CVSS v3.1 Calculator</a></li><li><a href="/cvss/v3.1/specification-document">CVSS v3.1 Specification Document</a></li><li><a href="/cvss/v3.1/user-guide">CVSS v3.1 User Guide</a></li><li><a href="/cvss/v3.1/examples">CVSS v3.1 Examples</a></li><li><a href="/cvss/v3.1/use-design">CVSS v3.1 Calculator Use &amp; Design</a></li></ul></li><li><a href="/cvss/v3-0">CVSS v3.0 Archive</a><ul><li><a href="/cvss/calculator/3.0">CVSS v3.0 Calculator</a></li><li><a href="/cvss/v3.0/specification-document">CVSS v3.0 Specification Document</a></li><li><a href="/cvss/v3.0/user-guide">CVSS v3.0 User Guide</a></li><li><a href="/cvss/v3.0/examples">CVSS v3.0 Examples</a></li><li><a href="/cvss/v3.0/use-design">CVSS v3.0 Calculator Use &amp; Design</a></li></ul></li><li><a href="/cvss/v2">CVSS v2 Archive</a><ul><li><a href="/cvss/v2/guide">CVSS v2 Complete Documentation</a></li><li><a href="/cvss/v2/history">CVSS v2 History</a></li><li><a href="/cvss/v2/team">CVSS-SIG team</a></li><li><a href="/cvss/v2/meetings">SIG Meetings</a></li><li><a href="/cvss/v2/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v2/adopters">CVSS Adopters</a></li><li><a href="/cvss/v2/links">CVSS Links</a></li></ul></li><li><a href="/cvss/v1">CVSS v1 Archive</a><ul><li><a href="/cvss/v1/intro">Introduction to CVSS</a></li><li><a href="/cvss/v1/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v1/guide">Complete CVSS v1 Guide</a></li></ul></li><li><a href="/cvss/data-representations">JSON &amp; XML Data Representations</a></li><li><a href="/cvss/training">CVSS On-Line Training Course</a></li><li><a href="/cvss/identity">Identity &amp; logo usage</a></li></ul></li><li><a href="/global/sigs/csirt">CSIRT Framework Development SIG</a></li><li><a href="/global/sigs/cyberinsurance">Cyber Insurance SIG</a><ul><li><a href="/global/sigs/cyberinsurance/events">Cyber Insurance SIG Webinars</a></li></ul></li><li><a href="/global/sigs/cti">Cyber Threat Intelligence SIG</a><ul><li><a href="/global/sigs/cti/curriculum/">Curriculum</a><ul><li><a href="/global/sigs/cti/curriculum/introduction">Introduction</a></li><li><a href="/global/sigs/cti/curriculum/cti-introduction">Introduction to CTI as a General topic</a></li><li><a href="/global/sigs/cti/curriculum/methods-methodology">Methods and Methodology</a></li><li><a href="/global/sigs/cti/curriculum/pir">Priority Intelligence Requirement (PIR)</a></li><li><a href="/global/sigs/cti/curriculum/source-evaluation">Source Evaluation and Information Reliability</a></li><li><a href="/global/sigs/cti/curriculum/machine-human">Machine and Human Analysis Techniques (and Intelligence Cycle)</a></li><li><a href="/global/sigs/cti/curriculum/threat-modelling">Threat Modelling</a></li><li><a href="/global/sigs/cti/curriculum/training">Training</a></li><li><a href="/global/sigs/cti/curriculum/standards">Standards</a></li><li><a href="/global/sigs/cti/curriculum/glossary">Glossary</a></li><li><a href="/global/sigs/cti/curriculum/cti-reporting/">Communicating Uncertainties in CTI Reporting</a></li></ul></li><li><a href="/global/sigs/cti/events/">Webinars and Online Training</a></li><li><a href="/global/sigs/cti/cti-program">Building a CTI program and team</a><ul><li><a href="/global/sigs/cti/cti-program/program-stages">Program maturity stages</a><ul><li><a href="/global/sigs/cti/cti-program/stage1">CTI Maturity model - Stage 1</a></li><li><a href="/global/sigs/cti/cti-program/stage2">CTI Maturity model - Stage 2</a></li><li><a href="/global/sigs/cti/cti-program/stage3">CTI Maturity model - Stage 3</a></li></ul></li><li><a href="/global/sigs/cti/cti-program/starter-kit">Program Starter Kit</a></li><li><a href="/global/sigs/cti/cti-program/resources">Resources and supporting materials</a></li></ul></li></ul></li><li><a href="/global/sigs/digital-safety">Digital Safety SIG</a></li><li><a href="/global/sigs/dns">DNS Abuse SIG</a><ul><li><a href="/global/sigs/dns/policies">Code of Conduct &amp; Other Policies</a></li><li><a href="/global/sigs/dns/dns-abuse-examples">Examples of DNS Abuse</a></li></ul></li><li><a href="/global/sigs/ethics">Ethics SIG</a><ul><li><a href="/global/sigs/ethics/ethics-first">Ethics for Incident Response Teams</a></li></ul></li><li><a href="/epss/">Exploit Prediction Scoring System (EPSS)</a><ul><li><a href="/epss/model">The EPSS Model</a></li><li><a href="/epss/data_stats">Data and Statistics</a></li><li><a href="/epss/user-guide">User Guide</a></li><li><a href="/epss/research">EPSS Research and Presentations</a></li><li><a href="/epss/faq">Frequently Asked Questions</a></li><li><a href="/epss/who_is_using">Who is using EPSS?</a></li><li><a href="/epss/epss_tools">Open-source EPSS Tools</a></li><li><a href="/epss/api">API</a></li><li><a href="/epss/papers">Related Exploit Research</a></li><li><a>Blog</a><ul><li><a href="/epss/articles/prob_percentile_bins">Understanding EPSS Probabilities and Percentiles</a></li><li><a href="/epss/articles/log4shell">Log4Shell Use Case</a></li><li><a href="/epss/articles/estimating_old_cvss">Estimating CVSS v3 Scores for 100,000 Older Vulnerabilities</a></li></ul></li><li><a href="/epss/partners">Data Partners</a></li></ul></li><li><a href="/global/sigs/msr/">FIRST Multi-Stakeholder Ransomware SIG</a></li><li><a href="/global/sigs/hfs/">Human Factors in Security SIG</a></li><li><a href="/global/sigs/ics">Industrial Control Systems SIG (ICS-SIG)</a></li><li><a href="/global/sigs/iep">Information Exchange Policy SIG (IEP-SIG)</a></li><li><a href="/global/sigs/information-sharing">Information Sharing SIG</a><ul><li><a href="/global/sigs/information-sharing/misp">Malware Information Sharing Platform</a></li></ul></li><li><a href="/global/sigs/le">Law Enforcement SIG</a></li><li><a href="/global/sigs/malware">Malware Analysis SIG</a><ul><li><a href="/global/sigs/malware/ma-framework">Malware Analysis Framework</a></li><li><a href="/global/sigs/malware/ma-framework/malwaretools">Malware Analysis Tools</a></li></ul></li><li><a href="/global/sigs/metrics">Metrics SIG</a><ul><li><a href="/global/sigs/metrics/events">Metrics SIG Webinars</a></li></ul></li><li><a href="/global/sigs/netsec/">NETSEC SIG</a></li><li><a href="/global/sigs/passive-dns">Passive DNS Exchange</a></li><li><a href="/global/sigs/policy">Policy SIG</a></li><li><a href="/global/sigs/psirt">PSIRT SIG</a></li><li><a href="/global/sigs/red-team">Red Team SIG</a></li><li><a href="/global/sigs/cpg">Retail and Consumer Packaged Goods (CPG) SIG</a></li><li><a href="/global/sigs/ctf">Security Lounge SIG</a></li><li><a href="/global/sigs/tic/">Threat Intel Coalition SIG</a><ul><li><a href="/global/sigs/tic/membership-rules">Membership Requirements and Veto Rules</a></li></ul></li><li><a href="/global/sigs/tlp">Traffic Light Protocol (TLP-SIG)</a></li><li><a href="/global/sigs/transport">Transportation and Mobility SIG</a></li><li><a href="/global/sigs/vulnerability-coordination">Vulnerability Coordination</a><ul><li><a href="/global/sigs/vulnerability-coordination/multiparty">Multi-Party Vulnerability Coordination and Disclosure</a></li><li><a href="/global/sigs/vulnerability-coordination/multiparty/guidelines">Guidelines and Practices for Multi-Party Vulnerability Coordination and Disclosure</a></li></ul></li><li><a href="/global/sigs/vrdx">Vulnerability Reporting and Data eXchange SIG (VRDX-SIG)</a><ul><li><a href="/global/sigs/vrdx/vdb-catalog">Vulnerability Database Catalog</a></li></ul></li><li><a href="/global/sigs/wof">Women of FIRST</a></li></ul></li><li><a href="/global/governance">Internet Governance</a></li><li><a href="/global/irt-database">IR Database</a></li><li><a href="/global/fellowship">Fellowship Program</a><ul><li><a href="https://portal.first.org/fellowship">Application Form</a></li></ul></li><li><a href="/global/mentorship">Mentorship Program</a></li><li><a href="/hof">IR Hall of Fame</a><ul><li><a href="/hof/inductees">Hall of Fame Inductees</a></li></ul></li><li><a href="/global/victim-notification">Victim Notification</a></li><li><a href="/volunteers/">Volunteers at FIRST</a><ul><li><a href="/volunteers/list">FIRST Volunteers</a></li><li><a href="/volunteers/participation">Volunteer Contribution Record</a></li></ul></li><li><a href="#new">Previous Activities</a><ul><li><a href="/global/practices">Best Practices Contest</a></li></ul></li></ul></li></ul></div></div><div id="sidebar" data-studio="CU52CV1W8g"><div id="c6" data-studio="Yu8FjCC11g"><p><img src="/global/sigs/vrdx/vrdx-sig-first.png" alt="Vulnerability Reporting and Data eXchange SIG (VRDX-SIG)" /> </p></div></div><footer><div id="footer" data-studio="CU52CV1W8g"><div id="c3" data-studio="Yu8FjCC11g"><div class="content"> <div class="support"> <div class="kbsearch bottom"> <p><a href="https://support.first.org"><img src="/_/img/icon-portal_support.svg" alt="FIRST Support" title="FIRST Support" /></a> <input class="kb-search" type="search" placeholder="Do you need help?"></p> </div> </div> <div id="socialnetworks"><a href="/about/sdg" title="FIRST Supported Sustainable Development Goals (SDG)" class="icon-sdg"></a><a rel="me" href="https://infosec.exchange/@firstdotorg" target="_blank" title="@FIRSTdotOrg@infosec.exchange" class="icon-mastodon"></a><a href="https://twitter.com/FIRSTdotOrg" target="_blank" title="Twitter @FIRSTdotOrg" class="icon-tw"></a><a href="https://www.linkedin.com/company/firstdotorg" target="_blank" title="FIRST.Org at LinkedIn" class="icon-linkedin"></a><a href="https://www.facebook.com/FIRSTdotorg" target="_blank" title="FIRST.Org at Facebook" class="icon-fb"></a><a href="https://github.com/FIRSTdotorg" target="_blank" title="FIRST.Org at Github" class="icon-github"></a><a href="https://www.youtube.com/c/FIRSTdotorg" target="_blank" title="FIRST.Org at Youtube" class="icon-youtube"></a><a href="/podcasts" title="FIRST.Org Podcasts" class="icon-podcast"></a></div> <p><a href="/copyright">Copyright</a> © 2015—2024 by Forum of Incident Response and Security Teams, Inc. All Rights Reserved.</p> </div> <p><span class="tlp"></span></p></div></div></footer><script nonce="_UvoeyHNgF1s7OnjBR5Aug" async="async" src="/_/web.js?20241125212614"></script><script nonce="_UvoeyHNgF1s7OnjBR5Aug" async="async" src="/_/s.js?20241125-212616"></script></body></html>

Pages: 1 2 3 4 5 6 7 8 9 10