bpmcdevitt/data_importer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

trying to format the md doc better2

Browse source
This commit is contained in:
Brendan McDevitt 2022-05-04 23:48:49 -05:00
parent adfe62353b
commit d587c9131a
3 changed files with 18 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
lib/cna_readme_notes/cnas_with_html_advisories.md
View file

@ -1,7 +1,7 @@
# CNAs with HTML advisories
### Adobe Systems Incorporated
- https://helpx.adobe.com/security/alertus.html
- advisories are located here: https://helpx.adobe.com/security/security-bulletin.html
advisories are located here: https://helpx.adobe.com/security/security-bulletin.html
### AMD
- https://www.amd.com/en/corporate/product-security
### Ampere
@ -12,10 +12,10 @@
- https://support.apple.com/en-us/HT201222
### Arista Networks
- https://www.arista.com/en/support/advisories-notices
- offers a subscribe with RSS button to get an index of advisories at least.
offers a subscribe with RSS button to get an index of advisories at least.
### Atlassian
- https://www.atlassian.com/trust/security/advisories
- the page listed in the CNAList.json for this org is the advisory policy document and not the list of advisories. The link provided in this document is the correct link for security advisories.
the page listed in the CNAList.json for this org is the advisory policy document and not the list of advisories. The link provided in this document is the correct link for security advisories.
### Autodesk
- https://www.autodesk.com/trust/security-advisories
### Avaya, Inc
@ -42,4 +42,4 @@ Both pages need an account to login to view advisories
- CNA json lists https://www.google.com/about/appsecurity/research/ which redirects to their bughutner portal. Navigating from there to this page shows some public reports: https://bughunters.google.com/report/reports
### CISA
- https://www.cisa.gov/uscert/ics/alerts
- they offer an rss feed to get the index of advisories
they offer an rss feed to get the index of advisories

8
lib/cna_readme_notes/cnas_with_no_advisories.md
View file

@ -1,13 +1,13 @@
# CNAs with no advisories
### Alibaba, Inc
- https://github.com/alibaba
- cant find a repo or anything on their github that shows vendor advisories
cant find a repo or anything on their github that shows vendor advisories
### Cloudflare
- https://hackerone.com/cloudflare/hacktivity
- They link their hackerone hacktivity timeline but all of the reports at the time I looked show 'undisclosed reports' that cannot be viewed.
They link their hackerone hacktivity timeline but all of the reports at the time I looked show 'undisclosed reports' that cannot be viewed.
### Crafter CMS
- https://docs.craftercms.org/en/3.2/security/advisory.html
- This page links to an XML document with Access Denied http status. The github issues page might be the closest thing to tracking any bugs/security issues maybe? https://github.com/craftercms/craftercms/issues
This page links to an XML document with Access Denied http status. The github issues page might be the closest thing to tracking any bugs/security issues maybe? https://github.com/craftercms/craftercms/issues
### Cybellum
- https://cybellum.com/vulnerabilities/
- This page redirects to https://cybellum.com/vulnerability-management which is a product they sell
This page redirects to https://cybellum.com/vulnerability-management which is a product they sell

15
lib/cna_readme_notes/cnas_with_other_format_advisories.md
View file

@ -1,11 +1,16 @@
# CNAs with other formats
### Airbus
- https://airbus-seclab.github.io/ - this seems to link to pdfs that have the juicy bits about the vulnerability.
- https://airbus-seclab.github.io/
this seems to link to pdfs that have the juicy bits about the vulnerability.
### Alias Robotics S.L
- https://github.com/aliasrobotics/RVD/issues - they use github issues to track open vulnerabilities.
- https://github.com/aliasrobotics/RVD/issues
they use github issues to track open vulnerabilities.
### Apache Software Foundation
- https://www.openwall.com/lists/oss-security/ - a mailing list but they also have https://www.apache.org/security/projects.html which links back to individual projects which may or may not have their own advisories/format for how they list, depending on the project.
- https://www.openwall.com/lists/oss-security/
a mailing list but they also have https://www.apache.org/security/projects.html which links back to individual projects which may or may not have their own advisories/format for how they list, depending on the project.
### Asea Brown Boveri Ltd. (ABB)
- https://global.abb/group/en/technology/cyber-security/alerts-and-notifications - pdf for each advisory.
- https://global.abb/group/en/technology/cyber-security/alerts-and-notifications
pdf for each advisory.
### Axis Communications AB
- https://help.axis.com/axis-os#axis-acv - this document is an index of vulns/advisories. when you click each advisory its a pdf.
- https://help.axis.com/axis-os#axis-acv
this document is an index of vulns/advisories. when you click each advisory its a pdf.