IT Vulnerability Databases

This post includes a list of  public resources (e.g., databases) for vulnerability research. It also features some well-known sites that are no longer available.

  • Common Vulnerabilities and Exposure (CVE)
  • NVD
  • EUVD
  • CISA Known Exploited Vulnerabilities Catalog
  • ExploitDB
  • SecurityFocus
  • Microsoft Security Response Center (MSRC)
  • CVE Details
  • Vulnerability Lab

CVE

Common Vulnerabilities and Exposure (CVE) is managed by MITRE.

CVE is funded by the USA public organization CISA.

The CVE Foundation was founded in 2025 to reduce the government dependency.

NVD

National Vulnerability Database (NVD) is aimed to the USA public sector. It is managed by NIST.

NVA official websit

EUVD

European Union Vulnerability System (EUVD) is maintained by ENISA.

It is created under the NIS2 Directive. It was announced in June 2024.

EUVD official website

CISA Known Exploited Vulnerabilities Catalog

The Cybersecurity & Instrastructure Security Agency (CISA) holds the CISA Known Exploited Vulnerabilities Catalog.

CISA Known Exploited Vulnerabilities Catalog official webiste

Exploit DB

Exploit Database (Exploit DB) isĀ an archive of exploits for the purpose of public security, and it explains what can be found on the database.

MSRC

Microsoft Security Response Center (MSRC)

CVE Details

CVE Details offers statistics about CVE.

List of Extinct Vulnerability Resources

The vulnerability resources that disappeared:

  • Open Source Vulnerability Database
  • SecurityFocus
  • WindowsSecurity
  • SecurityTracker

Open Source Vulnerability Database

Open Source Vulnerability Database is now defunct. It worked from 2002 to 2016. Its domain was osvdb.org.

It was independent an open-sourced vulnerability database.

Mapping of OSVDB to CVE

SecurityFocus


SecurityFocus is now defunct. It worked from 2002 to 2021.

It hosted the BugTraq mailing lists.

Bugtraq was a mailing list about IT security that was started in 1993. The archive was kept, but the activity of the group stopped completely in 2021.

BugTraq at SecurityFocus Archive at Wayback Machine

WindowsSecurity.com


WindowsSecurity.com was a vulnerability resource active from 2001 to 2017.

Since 2018 the domain was redirecting to techgenix.com/security website.

Windows Security at Wayback Machine

Security Tracker

Security Tracker was a vulnerability resource active since April 2001 to November 2018

Security Tracker at Wayback Machine

You might also be interested in…

Leave a Reply

Your email address will not be published. Required fields are marked *