Vulnerability defined as the weakness that allows the attacker to enter in and harm, it may be a flaw in design or misconfiguration.
In order to exploit the vulnerability attacker should have applicable tool or technique that connect to the system weakness.
Following are the top sources to trace new vulnerabilities.
National Vulnerability Database
NVD is the U.S. government repository of standards=based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables the automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security-related software flaws, misconfigurations, product names, and impact metrics.
Resource status:
79680 CVE Vulnerabilities
376 Checklists
249 US-CERT Alerts
4458 US-CERT Vuln Notes
10286 OVAL Queries
115232 CPE Names
International in scope and free for public use, CVE is a dictionary of publicly known information security vulnerabilities and exposures. CVE’s common identifiers enable data exchange between security products and provide a baseline index point for evaluating coverage of tools and services.
We can download
Support the originator by clicking the read the rest link below.