Vulnerability database

From Wikipedia, the free encyclopedia
Jump to: navigation, search

A Vulnerability Database is a platform aimed at collecting, maintaining, and disseminating information about discovered vulnerabilities targeting real computer systems. Currently, there are many vulnerabilities databases that have been widely used to collect data from different sources on software vulnerabilities (e.g., bugs). These data essentially include the description of the discovered vulnerability, its exploitability, its potential impact, and the workaround to be applied over the vulnerable system. Examples of web-based vulnerabilities databases are the National Vulnerability Database and the Open Source Vulnerability Database. Various security vendors also provide commercial vulnerability databases, employing full-time analysts to research and publish vulnerability information.

There are also a number of vulnerability mailing lists, such as BugTraq that provide information on current vulnerabilities. Organizations seeking to publish their discovered vulnerabilities use these lists to quickly communicate vulnerabilities to the vulnerability management teams in their customer base.