This page contains links that help in researching application, system and infrastructure vulnerabilities. If you have a suggestion for this list please use the form below.
Microsoft Security Updates – Security Tech Center
Microsoft Security Updates - Security Tech Center
Vulners
Vulners.com is the security database containing descriptions for large amount of software vulnerabilities in machine-readable format.
Vulners.com is the security database containing descriptions for large amount of software vulnerabilities in machine-readable format. Cross-references between bulletins and continuously updating of database keeps you abreast of the latest information security threats.
Adobe Security Bulletins and Advisories
This page contains important information regarding security vulnerabilities that could affect specific versions of Adobe products. Use this information to take the corrective actions prescribed. In our effort to serve you better, you can also register to receive email notifications for future advisories.
CVE Details
Search for vulnerabilities in applications or operating systems.
Have I Been Pwned – Email Check
Check if you have an account that has been compromised in a data breach.
Have I Been Pwned – Websites
Websites that have been compromised
Here's an overview of the various breaches that have been consolidated into this site. Each of these has been dumped publicly and is readily available via various sites on the web. This information is also available via an RSS feed.
Microsoft Advisories
In this library you will find security documents that have been released by the Microsoft Security Response Center (MSRC).
Mitre CVE Database
CVE’s common identifiers enable data exchange between security products and provide a baseline index point for evaluating coverage of tools and services.
Common Vulnerabilities and Exposures (CVE®) is a dictionary of common names (i.e., CVE Identifiers) for publicly known information security vulnerabilities. CVE’s common identifiers make it easier to share data across separate network security databases and tools, and provide a baseline for evaluating the coverage of an organization’s security tools. If a report from one of your security tools incorporates CVE Identifiers, you may then quickly and accurately access fix information in one or more separate CVE-compatible databases to remediate the problem.
Nessus Vulnerability Scanner
Free for home use. License required for business.
NIST National Vulnerability Database
NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance.
NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics.
SANS Internet Storm Center
SANS Internet Storm Center
Security Focus
Since its inception in 1999, SecurityFocus has been a mainstay in the security community. From original news content to detailed technical papers and guest columnists, we’ve strived to be the community’s source for all things security related. SecurityFocus was formed with the idea that community needed a place to come together and share its collected wisdom and knowledge. At SecurityFocus, the community has always been our primary focus. The SecurityFocus website now focuses on a few key areas that are of greatest importance to the security community.
The Oracle Software Security Assurance Blog
This blog provides insight about key aspects of Oracle Software Security Assurance programs.
US-CERT
Official website of the Department of Homeland Security.
Zero Day Vulnerability (Google News)
Zero Day Vulnerability news.