opencve
vulnmine
Our great sponsors
opencve | vulnmine | |
---|---|---|
21 | 1 | |
1,618 | 38 | |
3.2% | - | |
4.4 | 0.0 | |
9 days ago | 10 months ago | |
Python | Python | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
opencve
- Auth0 increases price by 300%
- how to stay up to date with new CVEs?
- Where do you get your information regarding new vulnerabilities and security risks?
-
PaperCut MF/NG vulnerability
Don't like someone else running it? No problem, it's open source and you can run it yourself https://github.com/opencve/opencve
-
Tracking vulnerabilities that your company is effected by.
I use https://www.opencve.io you can make a account and then subscribe to different products and/or vendors to get automated updates via mail if there are new vulnerabilities that affect these products
-
Getting informed about exploits / CVEs
www.opencve.io and filter on your vendors and hw models.
- CVE sources
-
CVE Vulnerability Tracking
Check out OpenCVE, I find it as an excellent tool.
-
zero-day exploit notifications
https://www.opencve.io/ - Site that allows you to be emailed of new CVEs by subscribing to different products and vendors.
-
CVE Search
https://www.opencve.io/ is something to use as well.
vulnmine
-
Is there a tool to track CVEs for the software that we use?
It is hard. Look at vulmine and the logic behind it for feeding SCCM reports into it.
What are some alternatives?
grype - A vulnerability scanner for container images and filesystems
PMD - An extensible multilanguage static code analyzer.
vulnix - Vulnerability (CVE) scanner for Nix/NixOS.
CVE-2021-37740 - PoC for DoS vulnerability CVE-2021-37740 in firmware v3.0.3 of SCN-IP100.03 and SCN-IP000.03 by MDT. The bug has been fixed in firmware v3.0.4.
openvas-scanner - This repository contains the scanner component for Greenbone Community Edition.
DependencyCheck - OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
faraday - Open Source Vulnerability Management Platform
vulnerablecode - A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Spotbugs - SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Loki - Loki - Simple IOC and YARA Scanner
cvelistV5 - CVE cache of the official CVE List in CVE JSON 5.0 format