background preloader

National Vulnerability Database Home

National Vulnerability Database Home

National Vulnerability Database CVSS Scoring This page shows the components of the CVSS score for example and allows you to refine the CVSS base score. Please read the CVSS standards guide to fully understand how to score CVSS vulnerabilities and to interpret CVSS scores. The scores are computed in sequence such that the Base Score is used to calculate the Temporal Score and the Temporal Score is used to calculate the Environmental Score. Alert: Environmental 50 Kick-Ass Websites You Need to Know About It's time to update the entries in your browser's links toolbar. But with recent estimates putting the size of the internet at well more than 100 million distinct websites, it's getting harder and harder to get a handle on all the great stuff that's out there. That's why we've compiled this list. And unlike some lists you may have seen, which try to name the very "best" websites, but end up just telling you a lot of stuff you already know, we've chosen instead to highlight 50 of our favorite sites that fly under most people's radar. Think of it as the Maximum PC blog roll (remember those?).

Paul Baran: Publications on Distributed Communications In 1962, a nuclear confrontation seemed imminent. The United States (US) and the Union of Soviet Socialist Republics (USSR) were embroiled in the Cuban missile crisis. Both the US and the USSR were in the process of building hair-trigger nuclear ballistic missile systems. Each country pondered post-nuclear attack scenarios. US authorities considered ways to communicate in the aftermath of a nuclear attack. NIST Launches Vulnerability Tracking Site The National Institute of Standards and Technology (NIST) has launched a new site designed to ease the process of keeping up with the latest vulnerability information. The National Vulnerability Database (NVD) was developed by NIST's Computer Security Division, and is sponsored in part by the U.S. Department of Homeland Security's National Cyber Security Division. According to NIST, it currently contains information on almost 12,000 vulnerabilities. NIST says that approximately 300 new vulnerabilities are reported each month.

HowTo: Find switchport of a MAC Address on Cisco Catalyst Switch If you have a big network with multiple Access Switches connecting to the core switches or routers then tracing a device like a PC or a laptop for troubleshooting or security purposes is one of those tasks that you often end up doing. This is not a difficult task but can certainly be time consuming. Lets start with an IP address on hand. If you have an IP address on hand quickly ping and check if the device is pingable. If yes, then simply logon to one of your core switches or routers and do a simple sh ip arp Core1# sh ip arp

Hacking Gmail with 92 percent success ( —A team of researchers, including an assistant professor at the University of California, Riverside Bourns College of Engineering, have identified a weakness believed to exist in Android, Windows and iOS mobile operating systems that could be used to obtain personal information from unsuspecting users. They demonstrated the hack in an Android phone. The researchers tested the method and found it was successful between 82 percent and 92 percent of the time on six of the seven popular apps they tested. Among the apps they easily hacked were Gmail, CHASE Bank and H&R Block. Amazon, with a 48 percent success rate, was the only app they tested that was difficult to penetrate. The paper, "Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks," will be presented Friday, Aug. 22 at the 23rd USENIX Security Symposium in San Diego. Cookbook : Introduction The Session Initiation Protocol (SIP), is a signaling protocol used for establishing voice, video, and instant messaging communications over the Internet. SIP has been widely adopted by telecommunications carriers and computer software vendors as a means to support next generation communications services. SIP standards are being developed within the Internet Engineering Task Force (IETF) SIP working group. The goals of the Internet2 project are to: Vulnerability Database One of the first step in protecting your company’s software applications against known security vulernabilities is to scan your code base, creating an inventory of the open source components you have in use. Next, you must continually compare this code bill of materials (BOM) to various vulnerability databases. The following databases collectively provide the most comprehensive vulnerability data available and are all leveraged through the Black Duck Hub's lightweight open source vulnerability scanning, tracking, and monitoring solution. The National Vulnerability Database (NVD) The National Vulnerability Database (NVD) is a public resource, managed by the US government, tracking security vulnerabilities reported for all types of software. Black Duck leverages the information tracked in the NVD to help automate and manage open source security.

Internet Crime Schemes Auction Fraud Auction fraud involves fraud attributable to the misrepresentation of a product advertised for sale through an Internet auction site or the non-delivery of products purchased through an Internet auction site. Consumers are strongly cautioned against entering into Internet transactions with subjects exhibiting the following behavior: The seller posts the auction as if he resides in the United States, then responds to victims with a congratulatory email stating he is outside the United States for business reasons, family emergency, etc.

Greg's Jumbo Patches for John Bradley's XV Intro XV is John Bradley's shared-source, shareware image viewer for the X Window System. It has an outstanding user interface, an excellent suite of tools, and read/write support for a large number of image formats.