https://people.engr.tamu.edu/guofei/sec_conf_stat.htm
Dataset | Paper Writing | SecurityThis website offers a ranking of many computer security conferences. The ranking is accompanied by a yearly acceptance ratio statistic.
https://github.com/github/advisory-database
CVE | Dataset | Security | VulnerabilityGitHub's Advisory Database tracks CVEs and all GitHub advisories. Contributions to GitHub advisories are possible.
https://github.com/cloudsecurityalliance/gsd-database/
CVE | Dataset | Security | VulnerabilityGlobal Security Database (GSD) is a project run by the Cloud Security Alliance to collect and track vulnerabilities. Conceptually it is similar to CVEs but with an open collaborative contribution process. Data from other vulnerability databases is imported and managed together.
The website offers a feed showing which CVEs are exploited in the wild. The entries contain a date and link to the original source. It also contains a feed for available exploits.
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
CVE | Dataset | Security | VulnerabilityThe Known Exploited Vulnerabilities Catalog is a project by the Cybersecurity & Infrastructure Security Agency (CISA) tracking actively exploited vulnerabilities. The data includes the vulnerability, the affected product, a short description of the vulnerability, and remediation actions. The data is available in machine-readable format.
osv.dev is a vulnerability database or open-source projects. It mainly acts as an aggregator for multiple other databases. For example, data from Google's OSS-Fuzz project and various language-specific vulnerability databases is combined.
https://s3.eurecom.fr/~balzarot/security-circus/
Dataset | Paper Writing | SecurityThe System Security Circus by Davide Balzarotti presents many statistics about the Top-4 security conferences, such as authors and affiliations.
The website lists all known speculation side channel attacks. Each attack contains information about the attacked buffer, the affected vendors, and working state. They are sorted into a hierarchy. Each attack is also linked to proof-of-concepts and the academic papers.
deps.dev is a dependency analyzer for multiple language ecosystems (npm, Go modules, Maven, PyPI, Cargo). It shows basic information, such as the metadata (including license) about each package, dependencies, and reverse dependencies. It enhances this information by adding a diff viewer for the versions. Security advisories affecting a package or dependency are highlighted. The OpenSSF scorecard is also integrated, showing more insights about the project health.
The second feature of the website is an advisory viewer. It shows details about each advisory, including affected versions. It also calculates how much of the ecosystem is affected and patched.