From c3732be9e7f28fc0ba7419bc43129d634cafd6d3 Mon Sep 17 00:00:00 2001 From: Brendan McDevitt Date: Fri, 20 May 2022 15:24:26 -0500 Subject: [PATCH] cleanup the markdown document for html with advisories and add potential what we can capture. need to backfill for cnas 1-40 --- .../cnas_with_html_advisories.md | 56 +++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/doc/cna_readme_notes/cnas_with_html_advisories.md b/doc/cna_readme_notes/cnas_with_html_advisories.md index 57cc655..864995e 100644 --- a/doc/cna_readme_notes/cnas_with_html_advisories.md +++ b/doc/cna_readme_notes/cnas_with_html_advisories.md @@ -6,113 +6,169 @@ https://helpx.adobe.com/security/alertus.html Advisories are located here: https://helpx.adobe.com/security/security-bulletin.html. This page can be used as an index to get all individual adivsory ids. Each advisory has HTML tables with tr and td tags. h1 and h2 tags for validation of specific headings. [adobe_security_bulletin_example](img/adobe_security_bulletin_example.png) +#### Captured Data Potential From Advisory + ## AMD ### Advisory https://www.amd.com/en/corporate/product-security ## Ampere #### Advisory https://amperecomputing.com/products/product-security.html +#### Captured Data Potential From Advisory + ## Android ### Advisory https://source.android.com/security/bulletin +#### Captured Data Potential From Advisory + ## Apple Inc. ### Advisory https://support.apple.com/en-us/HT201222 +#### Captured Data Potential From Advisory + ## Arista Networks ### Advisory https://www.arista.com/en/support/advisories-notices #### Notes Offers a subscribe with RSS button to get an index of advisories at least. +#### Captured Data Potential From Advisory + ## Atlassian ### Advisory https://www.atlassian.com/trust/security/advisories #### Notes The page listed in the CNAList.json for this org is the advisory policy document and not the list of advisories. The link provided in this document is the correct link for security advisories. +#### Captured Data Potential From Advisory + ## Autodesk ### Advisory https://www.autodesk.com/trust/security-advisories +#### Captured Data Potential From Advisory + ## Avaya, Inc ### Advisory https://support.avaya.com/security +#### Captured Data Potential From Advisory + ## Becton, Dickinson and Company (BD) ### Advisory https://cybersecurity.bd.com/bulletins-and-patches +#### Captured Data Potential From Advisory + ## Bitdefender ### Advisory https://www.bitdefender.com/support/security-advisories/ +#### Captured Data Potential From Advisory + ## BlackBerry ### Advisory https://www.blackberry.com/us/en/services/blackberry-product-security-incident-response +#### Captured Data Potential From Advisory + ## Brocade Communication Systems, LLC ### Advisory https://www.broadcom.com/support/fibre-channel-networking/security-advisories +#### Captured Data Potential From Advisory + ## CA Technologies - A Broadcom Company ### Advisory - Software advisories: https://support.broadcom.com/security-advisory/security-advisories-list.html?segment=ES - Mainframe advisories: https://support.broadcom.com/security-advisory/security-advisories-list.html?segment=MF #### Notes Both pages need an account to login to view advisories +#### Captured Data Potential From Advisory + ## CERT/CC ### Advisory https://www.kb.cert.org/vuls/bypublished/desc/ +#### Captured Data Potential From Advisory + ## CERT@VDE ### Advisory https://cert.vde.com/en/advisories/ +#### Captured Data Potential From Advisory + ## Checkpoint ### Advisory https://www.checkpoint.com/advisories/ +#### Captured Data Potential From Advisory + ## Chrome ### Advisory https://www.google.com/about/appsecurity/research/ #### Notes CNA json lists https://www.google.com/about/appsecurity/research/ which redirects to their bughutner portal. Navigating from there to this page shows some public reports: https://bughunters.google.com/report/reports +#### Captured Data Potential From Advisory + ## CISA - ICS ### Advisory https://www.cisa.gov/uscert/ics/alerts #### Notes They offer an rss feed to get the index of advisories +#### Captured Data Potential From Advisory + ## Cyber Security Works Pvt. Ltd. ### Advisory https://cybersecurityworks.com/zerodays-vulnerability-list/ #### Notes Paginated list of vulns. +#### Captured Data Potential From Advisory + ## Dahua Technologies ### Advisory https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice #### Notes Paginated index of vulns. +#### Captured Data Potential From Advisory + ## Debian Gnu/Linux ### Advisory https://www.debian.org/security/#DSAS #### Notes Wide range of formats. +#### Captured Data Potential From Advisory + ## DeepSurface Security, Inc ### Advisory https://deepsurface.com/tag/blog/ #### Notes The page has advisories but also just regular release notes and blog posts +#### Captured Data Potential From Advisory + ## Dell ### Advisory https://www.dell.com/support/security/en-us ### Notes Has an Export table button that can be used to export the index of cves to a spreadsheet +#### Captured Data Potential From Advisory + ## Devolutions Inc. ### Advisory https://devolutions.net/security/advisories/ #### Notes HTML table for index. subscribe to security advisories via email on bottom of index page. +#### Captured Data Potential From Advisory + ## Document Foundatino, The ### Advisory https://www.libreoffice.org/about-us/security/advisories/ #### Notes Header and p tags for index +#### Captured Data Potential From Advisory + ## Drupal.org ### Advisory https://www.drupal.org/security #### Notes Heading and p tags for index +#### Captured Data Potential From Advisory + ## Elastic ### Advisory https://www.elastic.co/community/security #### Notes HTML table index has everything. cve-id links to mitre. ESA-ID, CVE, Date Disclosed, Vulnerability Summary, Remediation Summary +#### Captured Data Potential From Advisory +``` +captured_keys = { :esa_id, :cve, :date_disclosed, :vulnerability_summary, :remediation_summary } +``` \ No newline at end of file