Vulnerabilities Introduction - Resources

CVE

Catalogs

• NIST NVD National Vulnerability Database, "the" reference for CVE.
• CVEdetails Indexed and browsable in many different ways (by vendor, product and alike).
• CISA - Industrial Control Systems / Medical Systems Filter the advisories in this page.

Statistics and Analyses

• 2023 CVE Data Review Statistics since year 2000.
• The Evolving CVE Landscape We examine the universe of vulnerabilities (defined by the CVE) and how it’s changed in the last 20 years.
• Backlogs at National Vulnerability Database prompt action from NIST and CISA "Backlogs at the US National Vulnerability Database (NVD) have reached crisis proportions...more than 100 vulnerabilities per day in 2024...The number of CVEs is growing at an astounding rate, while the resources available to analyze those CVEs are not...There were more than 4,000 critical severity vulnerabilities reported in 2022, up more than 59% over the previous year...The number of reported CVEs is growing because of both the increasing rate of software development and increasing pressure to publicly report security vulnerabilities...The number of software developers worldwide grew by 45% in the last two years, from 26.8 million to 38.9 million. That’s 12 million more people creating and reporting software security vulnerabilities in just two years.”

Exploits

• ExploitDB A list of public exploits, free to download.
• CVExploits Search Your comprehensive database for CVE exploits from across the internet.
• Comprehensive list of all Metasploit Windows exploits that are currently available in the open source version (>1300 exploits). Issued in 2021.
• Rhino CVE Proof-of-Concept Exploits A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs. It may be useful for understanding many different kinds of vulnerabilities.
• CVE-2017-0199 Practical exploitation ! (PoC) File Word that downloads a malware upon opening (shown in the slides).

Notable Worms (Injection)

Malware that propagates automatically over a network by exploiting vulnerabilities with: Impact: Command Execution; Injection: Remote, No user interaction

• 2017 WannaCry
• 2016-2018 Petya / NotPetya
• 2001 CodeRed
• 2001 Nimda

CWE, CVSS

• Common Weakness Enumeration (CWE) is a community-developed list of software and hardware weakness types.
• Common Vulnerability Scoring System (CVSS) All versions, including description, calculator and faqs. I suggest to have a look at v2 FAQ: an old version but a very useful reading.