-
Bulwark is lacking of the most important feature of them all: having a vulnerability database.
Dradis, Ghostwriter, PwnDoc, WriteHat, etc. all collaborative penetration test reporting platforms hav…
noraj updated
3 years ago
-
Do version looks against a database of known vulns. Easy for Apache (http://httpd.apache.org/security/vulnerabilities_20.html) and nginx (http://nginx.org/en/security_advisories.html), more difficult …
kura updated
12 years ago
-
Add a new strategy to support NVD: https://nvd.nist.gov/
The API has a ratelimit but an API key can be requested [here](https://nvd.nist.gov/developers/request-an-api-key)
Maybe we need to someh…
-
**What happened**:
trying to scan images like alpine \ ubuntu.
it starts to download grype-db and then hangs.
this issue started today.
**What you expected to happen**:
download the db
**How to …
-
|Wazuh version|Component|Install type|Install method|Platform|
|---|---|---|---|---|
| v4.8.0 | wazuh-modulesd - vulnerability scanner| Manager | Packages | TBD |
# Description
Members of th…
-
### Current Behavior
### Steps to Reproduce
1. One of the ways this can be caused is through an SBOM update. The Attributed date is updated but the vulnerability stays the same. I also not…
-
Is there currently any way to access location data with regard to exploits/vulnerabilities? The CVEs database table doesn't seem to contain this anywhere. In particular, I am looking to narrow to entr…
-
Mark vulnerable package versions
The plan:
- [x] Implement harvesting CPE data from upstream repositories
- :x: GUIX contains `cpe_name` (is useless without vendor)
- :x: FreeBSD ports defin…
-
Looking at the source, the program is checking each vulnerability against a vulnerability database. Which and where to get it? Can't see any here in cybercapture modules, nor any instructions to get o…
-
## Description
A community user has reported that version 4.8.0 of the vulnerability detector incorrectly reports some vulnerabilities. This issue aims to investigate these reports, verify the accu…