Today we’re launching RiskDB, a free, centralized, and open repository of vulnerabilities sourced from public databases.
It provides up-to-the-minute information on security-related software flaws, misconfigurations, and threat advisories. We think RiskDB will be one of the easiest ways to stay on top of vulnerabilities relevant to the infrastructure you’re responsible for.
For a quick search, just enter your query in the search box. If you are looking for something more specific, the RiskDB faceted search is for you. For example, you could do a text search for “overflow,” then select the Microsoft, Operating System and Windows XP facets to see all of the buffer overflow vulnerabilities discovered in Windows XP since it was released.
The CVSS (Common Vulnerability Scoring System) score display gives at-a-glance understanding of the severity of a given vulnerability. Drilling further down, CVSS metrics give an overview of how a vulnerability is exploited and the specific type of impact an exploit can have.
If you find yourself searching for vulnerability information on the web often, you might be interested in adding RiskDB search directly to your OpenSearch-compatible browser. Just click the link in the bottom of the sidebar, and you’ll be able perform a text search of the full RiskDB dataset directly from your browser’s address bar or search box.
Psst… one more thing… if you’re a power user, don’t forget to press ? to get access to the keyboard shortcuts. You’ll love how quickly you can find what you’re looking for.