- Bugtraq (BID) - Software security bug identification database compiled from submissions to the SecurityFocus mailing list and other sources, operated by Symantec, Inc.
- CXSecurity - Archive of published CVE and Bugtraq software vulnerabilities cross-referenced with a Google dork database for discovering the listed vulnerability.
- China National Vulnerability Database (CNNVD) - Chinese government-run vulnerability database analoguous to the United States's CVE database hosted by Mitre Corporation.
- Common Vulnerabilities and Exposures (CVE) - Dictionary of common names (i.e., CVE Identifiers) for publicly known security vulnerabilities.
- Distributed Weakness Filing (DWF) - Federated CNA (CVE Number Authority) mirroring MITRE's CVE database and offering additional CVE-equivalent numbers to otherwise out-of-scope vulnerability disclosures.
- Exploit-DB - Non-profit project hosting exploits for software vulnerabilities, provided as a public service by Offensive Security.
- Full-Disclosure - Public, vendor-neutral forum for detailed discussion of vulnerabilities, often publishes details before many other sources.
- HPI-VDB - Aggregator of cross-referenced software vulnerabilities offering free-of-charge API access, provided by the Hasso-Plattner Institute, Potsdam.
- Inj3ct0r - Exploit marketplace and vulnerability information aggregator. (Onion service.)
- Microsoft Security Advisories - Archive of security advisories impacting Microsoft software.
- Microsoft Security Bulletins - Announcements of security issues discovered in Microsoft software, published by the Microsoft Security Response Center (MSRC).
- Mozilla Foundation Security Advisories - Archive of security advisories impacting Mozilla software, including the Firefox Web Browser.
- National Vulnerability Database (NVD) - United States government's National Vulnerability Database provides additional meta-data (CPE, CVSS scoring) of the standard CVE List along with a fine-grained search engine.
- Packet Storm - Compendium of exploits, advisories, tools, and other security-related resources aggregated from across the industry.
- SecuriTeam - Independent source of software vulnerability information.
- US-CERT Vulnerability Notes Database - Summaries, technical details, remediation information, and lists of vendors affected by software vulnerabilities, aggregated by the United States Computer Emergency Response Team (US-CERT).
- Vulnerability Lab - Open forum for security advisories organized by category of exploit target.
- Vulners - Security database of software vulnerabilities.
- Vulmon - Vulnerability search engine with vulnerability intelligence features that conducts full text searches in its database.
- Zero Day Initiative - Bug bounty program with publicly accessible archive of published security advisories, operated by TippingPoint.
漏洞更新地址库
最后编辑于 :
©著作权归作者所有,转载或内容合作请联系作者
【社区内容提示】社区部分内容疑似由AI辅助生成,浏览时请结合常识与多方信息审慎甄别。
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。
【社区内容提示】社区部分内容疑似由AI辅助生成,浏览时请结合常识与多方信息审慎甄别。
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。
