-
Dustin Childs published a blog post UNCOORDINATED VULNERABILITY DISCLOSURE: THE CONTINUING ISSUES WITH CVD on
July 15, 2024. Is there anything in https://www.zerodayinitiative.com/blog/2024/7/15/unco…
-
Hi,
as an avid but paranoid self-hoster, I am considering hosting headscale on a cheap VPS in order to establish VPN connections between my devices. The distrust of the closed-source Tailscale coord…
-
(from https://github.com/CVEProject/strategic-planning-working-group/issues/4)
Consider adding rules about how to handle automated vulnerability discovery (determination in the curent CNA Operation…
-
**Is your feature request related to a problem? Please describe.**
No
**Describe the solution you'd like**
We should highlight some of the supply-chain CVD processes and concerned areas.
**D…
-
As per https://github.com/ossf/SIRT/pull/5#issuecomment-1256341717
The SIRT's goals are indeed to help with incidents and vulnerability coordinations, but the documentation and training of it shoul…
-
### I have searched through the issues and didn't find my problem.
- [X] Confirm
### What would you like to share?
We should add a security policy to properly report vulnerabilities in case there a…
-
Dear PluckCMS team,
We are writing to you from INCIBE (https://www.incibe.es), the National Institute of Cybersecurity of Spain, about a vulnerability reported by an external researcher in one of y…
-
The China National Vulnerability Database (CNVD) is possibly a good source of security information: https://www.cnvd.org.cn/
-
Unfortunately the only way to sign a key for a domain with keys.pub currently is via uploading a file to a server. This does not verify a domain, this simply verifies that a domain is linked to a serv…
-
# Lines of code
https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L430-L437
# Vulnerability details
During the [video](https://driv…