All about Security



European Union Vulnerability Database

https://euvd.enisa.europa.eu/

CVE | Dataset | Security | Vulnerability

The European Union Vulnerability Database tracks and scores vulnerabilities. It uses the EUVD- prefix for their identifiers, but has references to other identifiers like CVE and GHSA. The entries are enriched with information about the current exploitation, the Exploit Prediction Scoring System (EPSS), and Common Vulnerability Scoring System (CVSS). Lastly, vulnerabilities that are coordinated by EU Computer Security Incident Response Team (CSIRT) are marked.






OWASP Cheat Sheet Series

https://cheatsheetseries.owasp.org/

Cheatsheet | Security

The OWASP Cheat Sheet Series was created to provide a concise collection of high-value information on specific application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics. The website contains cheat sheets on a wide area of topics. The all cheat sheets are available as download.




Transient Execution Attacks

https://transient.fail/

Dataset | Security

The website lists all known speculation side channel attacks. Each attack contains information about the attacked buffer, the affected vendors, and working state. They are sorted into a hierarchy. Each attack is also linked to proof-of-concepts and the academic papers.


deps.dev

https://deps.dev/

Security | Tool

deps.dev is a dependency analyzer for multiple language ecosystems (npm, Go modules, Maven, PyPI, Cargo). It shows basic information, such as the metadata (including license) about each package, dependencies, and reverse dependencies. It enhances this information by adding a diff viewer for the versions. Security advisories affecting a package or dependency are highlighted. The OpenSSF scorecard is also integrated, showing more insights about the project health.

The second feature of the website is an advisory viewer. It shows details about each advisory, including affected versions. It also calculates how much of the ecosystem is affected and patched.