Resources for Vulnerability Research

This post includes a list of  public resources (e.g., databases) for vulnerability research. It also features some well-known sites that are no longer available.

List of resources for Vulnerability Research

These are the resources listed on this post:

  • Common Vulnerabilities and Exposure (CVE)
  • Exploit Database
  • SecurityFocus
  • National Vulnerability Database (NVD)
  • Common Vulnerability Scoring System (CVSS)
  • Microsoft Security Response Center (MSRC)

Common Vulnerabilities and Exposure (CVE)

Common Vulnerabilities and Exposure (CVE) is an online list of vulnerabilities identifiers.

Exploit Database

National Vulnerability Database (NVD)

National Vulnerability Database (NVD) is the US Government vulnerability database. It is managed by NIST.

Common Vulnerability Scoring System (CVSS)

Common Vulnerability Scoring System (CVSS) is an standard that provides an open framework for communicating the characteristics and severity of IT vulnerabilities. You can find more about it on this NIST link.

Microsoft Security Response Center (MSRC)

Microsoft Security Response Center is the report to report vulnerabilities on Microsoft product.

MSRC does not hold a database on its own, but uses CVE instead. Microsoft’s CVE vulnerabilities are listed on the Security Update Guide.

Microsoft develops its Microsoft Vulnerability Research (MSVR) program. It is designed to help improve the security ecosystem as a whole through the sharing of knowledge and best practices.

Security Magazine

Help Net Security


SC Magazine



CVE Details

Security Tracker

Vulnerability Lab


Trend Micro


Dark Reading

List of Disappeared Vulnerability Resources

The vulnerability resources that disappeared:

  • Open Source Vulnerability Database (OSVDB)
  • SecurityFocus

Open Source Vulnerability Database (OSVDB)

Now defunct. It worked from 2002 to 2016.

It was independent an open-sourced vulnerability database.


Now defunct. It worked from 2002 to 2021.

It hosted the BugTraq mailing lists.

Leave a Reply

Your email address will not be published. Required fields are marked *