National Vulnerability Database (NVD) – Experimental News Clipping Site

Infosecurity Magazine: European Vulnerability Database Launches Amid US CVE Chaos

May 14, 2025

—

by

Source URL: https://www.infosecurity-magazine.com/news/european-vulnerability-database-us/ Source: Infosecurity Magazine Title: European Vulnerability Database Launches Amid US CVE Chaos Feedly Summary: European Vulnerability Database Launches Amid US CVE Chaos AI Summary and Description: Yes Summary: The European Union’s cybersecurity agency, ENISA, has officially launched a new vulnerability database initiative named the European Vulnerability Database (EUVD). This centralized hub is…

Anchore: The NVD Enrichment Crisis: One Year Later—How Anchore is Filling the Vulnerability Data Gap

Apr 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/nvd-crisis-one-year-later/ Source: Anchore Title: The NVD Enrichment Crisis: One Year Later—How Anchore is Filling the Vulnerability Data Gap Feedly Summary: About one year ago, Anchore’s own Josh Bressers broke the story that NVD (National Vulnerability Database) was not keeping up with its vulnerability enrichment. This week, we sat down with Josh to see…

Anchore: Contributing to Vulnerability Data: Making Security Better for Everyone

Mar 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/contributing-to-vulnerability-data-making-security-better-for-everyone/ Source: Anchore Title: Contributing to Vulnerability Data: Making Security Better for Everyone Feedly Summary: Software security depends on accurate vulnerability data. While organizations like NIST maintain the National Vulnerability Database (NVD), the sheer volume of vulnerabilities discovered daily means that sometimes data needs improvement. At Anchore, we’re working to enhance this ecosystem…

Hacker News: Curl Project and Go Security Teams Reject CVSS as Broken

Jan 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://socket.dev/blog/curl-project-and-go-security-teams-reject-cvss-as-broken Source: Hacker News Title: Curl Project and Go Security Teams Reject CVSS as Broken Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The debate surrounding the efficacy of the Common Vulnerability Scoring System (CVSS) is intensifying, particularly as key projects like cURL and Go distance themselves from it, advocating for context-driven…

The Register: Apache issues patches for critical Struts 2 RCE bug

Dec 12, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/12/12/apache_struts_2_vuln/ Source: The Register Title: Apache issues patches for critical Struts 2 RCE bug Feedly Summary: More details released after devs allowed weeks to apply fixes We now know the remote code execution vulnerability in Apache Struts 2 disclosed back in November carries a near-maximum severity rating following the publication of the CVE.……

The Register: Admins better Spring into action over latest critical open source vuln

Oct 29, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/29/admins_spring_into_action_over/ Source: The Register Title: Admins better Spring into action over latest critical open source vuln Feedly Summary: Patch up: The Spring framework dominates the Java ecosystem If you’re running an application built using the Spring development framework, now is a good time to check it’s fully updated – a new, critical-severity vulnerability…

The Register: Mozilla patches critical Firefox vuln that attackers are already exploiting

Oct 10, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/10/firefixed_mozilla_patches_critical_firefox/ Source: The Register Title: Mozilla patches critical Firefox vuln that attackers are already exploiting Feedly Summary: Firefixed: It’s maintenance time for low-complexity, high-impact security flaw It’s patch time for Firefox fans as Mozilla issues a security advisory for a critical code execution vulnerability in the browser.… AI Summary and Description: Yes Summary:…

The Register: NIST’s security flaw database still backlogged with 17K+ unprocessed bugs. Not great

Oct 2, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/02/cve_pileup_nvd_missed_deadline/ Source: The Register Title: NIST’s security flaw database still backlogged with 17K+ unprocessed bugs. Not great Feedly Summary: Logjam ‘hurting infosec processes world over’ one expert tells us as US body blows its own Sept deadline NIST has made some progress clearing its backlog of security vulnerability reports to process – though…

Tag: National Vulnerability Database (NVD)