diff --git a/tools/cve_cna_security_advisories/cna_security_advisories.rb b/tools/cve_cna_security_advisories/cna_security_advisories.rb new file mode 100755 index 0000000..e5e8539 --- /dev/null +++ b/tools/cve_cna_security_advisories/cna_security_advisories.rb @@ -0,0 +1,43 @@ +#!/usr/bin/env ruby +# outputs the list of CNA organizationNames and the securityAdvisory urls from the json file here: +# https://raw.githubusercontent.com/CVEProject/cve-website/dev/src/assets/data/CNAsList.json + +require 'json' +require 'rest-client' + +class CnaSecurityAdvisories + attr_accessor :url + def initialize + @url = 'https://raw.githubusercontent.com/CVEProject/cve-website/dev/src/assets/data/CNAsList.json' + end + + def send_request_rest + RestClient::Request.execute( + method: :get, + url: url + ) + end + + def parse_res(response) + JSON.parse(response.body) + end + + def get_json + res = send_request_rest + if res.code == 200 + parse_res(res) + else + "HTTP Status: #{res.code}" + end + end + + def perform + json = get_json + json.map do |d| + org_name = d.dig('organizationName') + security_advisories = d.dig('securityAdvisories') + security_advisory_urls = security_advisories.dig('advisories').map { |adv| adv.dig('url') } + { orgName: org_name, security_advisories_urls: security_advisory_urls } + end + end +end diff --git a/tools/cve_cna_security_advisories/cna_security_advisory_urls.json b/tools/cve_cna_security_advisories/cna_security_advisory_urls.json new file mode 100644 index 0000000..ea00811 --- /dev/null +++ b/tools/cve_cna_security_advisories/cna_security_advisory_urls.json @@ -0,0 +1,1288 @@ +[ + { + "orgName": "Adobe Systems Incorporated", + "security_advisories_urls": [ + "https://helpx.adobe.com/security.html" + ] + }, + { + "orgName": "Advanced Micro Devices Inc.", + "security_advisories_urls": [ + "https://www.amd.com/en/corporate/product-security" + ] + }, + { + "orgName": "Airbus", + "security_advisories_urls": [ + "https://airbus-seclab.github.io/" + ] + }, + { + "orgName": "Alias Robotics S.L.", + "security_advisories_urls": [ + "https://github.com/aliasrobotics/RVD" + ] + }, + { + "orgName": "Alibaba, Inc.", + "security_advisories_urls": [ + "https://github.com/alibaba" + ] + }, + { + "orgName": "Ampere Computing", + "security_advisories_urls": [ + "https://amperecomputing.com/product/" + ] + }, + { + "orgName": "Android (associated with Google Inc. or Open Handset Alliance)", + "security_advisories_urls": [ + "https://source.android.com/security/bulletin" + ] + }, + { + "orgName": "Apache Software Foundation", + "security_advisories_urls": [ + "https://www.openwall.com/lists/oss-security" + ] + }, + { + "orgName": "Apple Inc.", + "security_advisories_urls": [ + "https://support.apple.com/en-us/HT201222" + ] + }, + { + "orgName": "Arista Networks, Inc.", + "security_advisories_urls": [ + "https://www.arista.com/en/support/advisories-notices" + ] + }, + { + "orgName": "Asea Brown Boveri Ltd. (ABB)", + "security_advisories_urls": [ + "https://global.abb/group/en/technology/cyber-security/alerts-and-notifications" + ] + }, + { + "orgName": "Atlassian", + "security_advisories_urls": [ + "https://www.atlassian.com/trust/security/advisory-publishing-policy" + ] + }, + { + "orgName": "Autodesk", + "security_advisories_urls": [ + "https://www.autodesk.com/trust/security-advisories" + ] + }, + { + "orgName": "Avaya, Inc.", + "security_advisories_urls": [ + "https://support.avaya.com/security" + ] + }, + { + "orgName": "Axis Communications AB", + "security_advisories_urls": [ + "https://www.axis.com/en-gh/support/product-security" + ] + }, + { + "orgName": "Becton, Dickinson and Company (BD)", + "security_advisories_urls": [ + "https://cybersecurity.bd.com/bulletins-and-patches" + ] + }, + { + "orgName": "Bitdefender", + "security_advisories_urls": [ + "https://www.bitdefender.com/support/security-advisories" + ] + }, + { + "orgName": "BlackBerry", + "security_advisories_urls": [ + "https://www.blackberry.com/us/en/services/blackberry-product-security-incident-response" + ] + }, + { + "orgName": "Brocade Communications Systems, LLC", + "security_advisories_urls": [ + "https://www.broadcom.com/support/fibre-channel-networking/security-advisories" + ] + }, + { + "orgName": "Canonical Ltd.", + "security_advisories_urls": [ + "https://usn.ubuntu.com/" + ] + }, + { + "orgName": "CA Technologies - A Broadcom Company", + "security_advisories_urls": [ + "https://techdocs.broadcom.com/us/product-content/news/vulnerability-alerts/vulnerability-alerts---view-all.html" + ] + }, + { + "orgName": "CERT/CC", + "security_advisories_urls": [ + "https://www.kb.cert.org/vuls/bypublished/desc/" + ] + }, + { + "orgName": "CERT@VDE", + "security_advisories_urls": [ + "https://cert.vde.com/en-us/advisories" + ] + }, + { + "orgName": "Check Point Software Ltd.", + "security_advisories_urls": [ + "https://www.checkpoint.com/advisories/" + ] + }, + { + "orgName": "Chrome", + "security_advisories_urls": [ + "https://www.google.com/about/appsecurity/research/" + ] + }, + { + "orgName": "Cisco Systems, Inc.", + "security_advisories_urls": [ + "https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html#sa", + "https://duo.com/labs/psa/" + ] + }, + { + "orgName": "Cloudflare, Inc.", + "security_advisories_urls": [ + "https://hackerone.com/cloudflare/hacktivity" + ] + }, + { + "orgName": "Crafter CMS", + "security_advisories_urls": [ + "https://docs.craftercms.org/en/3.2/security/advisory.html" + ] + }, + { + "orgName": "Cybellum Technologies LTD", + "security_advisories_urls": [ + "https://cybellum.com/vulnerabilities/" + ] + }, + { + "orgName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)", + "security_advisories_urls": [ + "https://us-cert.cisa.gov/ics/alerts" + ] + }, + { + "orgName": "Cyber Security Works Pvt. Ltd.", + "security_advisories_urls": [ + "https://cybersecurityworks.com/zerodays-vulnerability-list/" + ] + }, + { + "orgName": "Dahua Technologies", + "security_advisories_urls": [ + "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice" + ] + }, + { + "orgName": "Debian GNU/Linux", + "security_advisories_urls": [ + "https://www.debian.org/security/#DSAS" + ] + }, + { + "orgName": "DeepSurface Security, Inc.", + "security_advisories_urls": [ + "https://deepsurface.com/tag/blog/" + ] + }, + { + "orgName": "Dell", + "security_advisories_urls": [ + "https://www.dell.com/support/security/en-us" + ] + }, + { + "orgName": "Devolutions Inc.", + "security_advisories_urls": [ + "https://devolutions.net/security/advisories/" + ] + }, + { + "orgName": "Document Foundation, The", + "security_advisories_urls": [ + "https://www.libreoffice.org/about-us/security/advisories/" + ] + }, + { + "orgName": "Drupal.org", + "security_advisories_urls": [ + "https://www.drupal.org/security" + ] + }, + { + "orgName": "Eaton", + "security_advisories_urls": [ + "https://www.eaton.com/us/en-us/company/news-insights/cybersecurity/security-notifications.html" + ] + }, + { + "orgName": "Eclipse Foundation", + "security_advisories_urls": [ + "https://www.eclipse.org/security/known.php" + ] + }, + { + "orgName": "Elastic", + "security_advisories_urls": [ + "https://www.elastic.co/community/security" + ] + }, + { + "orgName": "Electronic Arts, Inc.", + "security_advisories_urls": [ + "https://www.ea.com/security/advisories" + ] + }, + { + "orgName": "Environmental Systems Research Institute, Inc.", + "security_advisories_urls": [ + "https://trust.arcgis.com/" + ] + }, + { + "orgName": "ESET, spol. s r.o.", + "security_advisories_urls": [ + "https://support-feed.eset.com/advisories/", + "https://github.com/eset/vulnerability-disclosures", + "https://welivesecurity.com/" + ] + }, + { + "orgName": "F5 Networks", + "security_advisories_urls": [ + "https://support.f5.com/csp/knowledge-center/security" + ] + }, + { + "orgName": "Facebook, Inc.", + "security_advisories_urls": [ + "https://www.facebook.com/security" + ] + }, + { + "orgName": "Fedora Project", + "security_advisories_urls": [ + "https://bodhi.fedoraproject.org/updates/?type=security" + ] + }, + { + "orgName": "Fidelis Cybersecurity, Inc.", + "security_advisories_urls": [ + "https://support.fidelissecurity.com/hc/en-us/categories/360001842694-Advisories-News-and-Policies" + ] + }, + { + "orgName": "Flexera Software LLC", + "security_advisories_urls": [ + "https://community.flexera.com/t5/FlexNet-Publisher-Knowledge-Base/tkb-p/FNP-Knowledge/label-name/vulnerability" + ] + }, + { + "orgName": "floragunn GmbH", + "security_advisories_urls": [ + "https://search-guard.com/cve-advisory" + ] + }, + { + "orgName": "Fluid Attacks", + "security_advisories_urls": [ + "https://fluidattacks.com/advisories/" + ] + }, + { + "orgName": "Forcepoint", + "security_advisories_urls": [ + "https://support.forcepoint.com/Login" + ] + }, + { + "orgName": "Fortinet, Inc.", + "security_advisories_urls": [ + "https://www.fortiguard.com/psirt" + ] + }, + { + "orgName": "FPT Software Co., Ltd.", + "security_advisories_urls": [ + "https://www.fpt-software.com/vulnerability-disclosure/" + ] + }, + { + "orgName": "FreeBSD", + "security_advisories_urls": [ + "https://www.freebsd.org/" + ] + }, + { + "orgName": "F-Secure", + "security_advisories_urls": [ + "https://labs.f-secure.com/advisories/" + ] + }, + { + "orgName": "Gallagher Group Ltd.", + "security_advisories_urls": [ + "https://security.gallagher.com/Security-Advisories" + ] + }, + { + "orgName": "GitHub, Inc.", + "security_advisories_urls": [ + "https://github.com/advisories" + ] + }, + { + "orgName": "GitHub, Inc. (Products Only)", + "security_advisories_urls": [ + "https://enterprise.github.com/releases" + ] + }, + { + "orgName": "GitLab Inc.", + "security_advisories_urls": [ + "https://gitlab.com/gitlab-org/cves" + ] + }, + { + "orgName": "Google LLC", + "security_advisories_urls": [ + "https://cloud.google.com/support/bulletins/", + "https://www.google.com/about/appsecurity/research/" + ] + }, + { + "orgName": "GS McNamara LLC", + "security_advisories_urls": [ + "https://gsmcnamara.github.io/CVE/" + ] + }, + { + "orgName": "HackerOne", + "security_advisories_urls": [ + "https://hackerone.com/hacktivity?querystring=&filter=type:hacker-published&order_direction=DESC&order_field=popular" + ] + }, + { + "orgName": "Hangzhou Hikvision Digital Technology Co., Ltd.", + "security_advisories_urls": [ + "https://us.hikvision.com/en/support-resources/cybersecurity-center/security-notices" + ] + }, + { + "orgName": "HCL Software", + "security_advisories_urls": [ + "https://hclpnpsupport.hcltech.com/csm?id=search&spa=1&t=kb&q=Security%20Bulletin" + ] + }, + { + "orgName": "Hewlett Packard Enterprise (HPE)", + "security_advisories_urls": [ + "https://support.hpe.com/portal/site/hpsc/public/kb/secBullArchive/" + ] + }, + { + "orgName": "Hitachi Energy", + "security_advisories_urls": [ + "https://www.hitachienergy.com/cybersecurity/alerts-and-notifications" + ] + }, + { + "orgName": "HP Inc.", + "security_advisories_urls": [ + "https://support.hp.com/us-en/security-bulletins" + ] + }, + { + "orgName": "Huawei Technologies", + "security_advisories_urls": [ + "https://www.huawei.com/en/psirt/all-bulletins" + ] + }, + { + "orgName": "huntr.dev", + "security_advisories_urls": [ + "https://huntr.dev/bounties/hacktivity" + ] + }, + { + "orgName": "IBM Corporation", + "security_advisories_urls": [ + "https://www.ibm.com/security/secure-engineering/bulletins.html" + ] + }, + { + "orgName": "Intel Corporation", + "security_advisories_urls": [ + "https://www.intel.com/content/www/us/en/security-center/default.html" + ] + }, + { + "orgName": "Internet Systems Consortium (ISC)", + "security_advisories_urls": [ + "https://kb.isc.org/docs/aa-01020" + ] + }, + { + "orgName": "Israel National Cyber Directorate (INCD)", + "security_advisories_urls": [ + "https://www.gov.il/en/departments/faq/cve_advisories" + ] + }, + { + "orgName": "Jenkins Project", + "security_advisories_urls": [ + "https://jenkins.io/security/advisories/" + ] + }, + { + "orgName": "Johnson Controls", + "security_advisories_urls": [ + "https://www.johnsoncontrols.com/buildings/specialty-pages/product-security/security-advisories" + ] + }, + { + "orgName": "Joomla! Project", + "security_advisories_urls": [ + "https://developer.joomla.org/security-centre.html" + ] + }, + { + "orgName": "JPCERT/CC", + "security_advisories_urls": [ + "https://jvn.jp/" + ] + }, + { + "orgName": "Juniper Networks, Inc.", + "security_advisories_urls": [ + "https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES" + ] + }, + { + "orgName": "Kaspersky", + "security_advisories_urls": [ + "https://support.kaspersky.com/general/vulnerability.aspx?el=12430" + ] + }, + { + "orgName": "KrCERT/CC", + "security_advisories_urls": [ + "https://www.krcert.or.kr/krcert/secNoticeList.do" + ] + }, + { + "orgName": "Kubernetes", + "security_advisories_urls": [ + "https://kubernetes.io/cve" + ] + }, + { + "orgName": "Larry Cashdollar", + "security_advisories_urls": [ + "http://vapidlabs.com/" + ] + }, + { + "orgName": "Lenovo Group Ltd.", + "security_advisories_urls": [ + "https://support.lenovo.com/us/en/product_security/home" + ] + }, + { + "orgName": "LINE Corporation", + "security_advisories_urls": [ + "https://line.github.io/security-advisory-blog/advisory" + ] + }, + { + "orgName": "Logitech", + "security_advisories_urls": [ + "https://hackerone.com/logitech/hacktivity" + ] + }, + { + "orgName": "MarkLogic Corporation", + "security_advisories_urls": [ + "https://www.marklogic.com/bulletins/" + ] + }, + { + "orgName": "Mattermost, Inc.", + "security_advisories_urls": [ + "https://mattermost.com/security-updates/" + ] + }, + { + "orgName": "Mautic", + "security_advisories_urls": [ + "https://www.mautic.org/tag/security-announcement" + ] + }, + { + "orgName": "Trellix", + "security_advisories_urls": [ + "https://www.mcafee.com/enterprise/en-us/threat-center/product-security-bulletins.html" + ] + }, + { + "orgName": "Micro Focus International", + "security_advisories_urls": [ + "https://www.microfocus.com/security" + ] + }, + { + "orgName": "Microsoft Corporation", + "security_advisories_urls": [ + [ + "https://www.microsoft.com/en-us/msrc/technical-security-notifications" + ] + ] + }, + { + "orgName": "MITRE Corporation", + "security_advisories_urls": [ + "" + ] + }, + { + "orgName": "Mitsubishi Electric Corporation", + "security_advisories_urls": [ + "https://www.mitsubishielectric.com/en/psirt/vulnerability/index.html" + ] + }, + { + "orgName": "MongoDB, Inc.", + "security_advisories_urls": [ + "https://www.mongodb.com/security" + ] + }, + { + "orgName": "Mozilla Corporation", + "security_advisories_urls": [ + "https://www.mozilla.org/en-US/security/advisories/" + ] + }, + { + "orgName": "Naver Corporation", + "security_advisories_urls": [ + "https://cve.naver.com/" + ] + }, + { + "orgName": "NEC Corporation", + "security_advisories_urls": [ + "https://jpn.nec.com/security-info/index.html" + ] + }, + { + "orgName": "NetApp, Inc.", + "security_advisories_urls": [ + "https://security.netapp.com/advisory/" + ] + }, + { + "orgName": "Netflix, Inc.", + "security_advisories_urls": [ + "https://github.com/Netflix/security-bulletins" + ] + }, + { + "orgName": "NetMotion Software", + "security_advisories_urls": [ + "https://www.netmotionsoftware.com/support/security-advisories" + ] + }, + { + "orgName": "NLnet Labs", + "security_advisories_urls": [ + "https://nlnetlabs.nl/projects/rpki/security-advisories/", + "https://nlnetlabs.nl/projects/nsd/security-advisories/", + "https://nlnetlabs.nl/projects/unbound/security-advisories/" + ] + }, + { + "orgName": "Node.js", + "security_advisories_urls": [ + "https://github.com/nodejs/security-advisories" + ] + }, + { + "orgName": "NortonLifeLock Inc.", + "security_advisories_urls": [ + "https://us.norton.com/support/tools/security-advisories.html" + ] + }, + { + "orgName": "Nozomi Networks Inc.", + "security_advisories_urls": [ + "https://security.nozominetworks.com/" + ] + }, + { + "orgName": "NVIDIA Corporation", + "security_advisories_urls": [ + "https://www.nvidia.com/en-us/security/" + ] + }, + { + "orgName": "Objective Development Software GmbH", + "security_advisories_urls": [ + "https://obdev.at/cve/published-vulnerabilities.html" + ] + }, + { + "orgName": "Octopus Deploy", + "security_advisories_urls": [ + "https://advisories.octopus.com/" + ] + }, + { + "orgName": "Odoo", + "security_advisories_urls": [ + "https://www.odoo.com/security-advisories" + ] + }, + { + "orgName": "openEuler", + "security_advisories_urls": [ + "https://openeuler.org/en/security/safety-bulletin/" + ] + }, + { + "orgName": "OpenSSL Software Foundation", + "security_advisories_urls": [ + "https://www.openssl.org/news/vulnerabilities.html" + ] + }, + { + "orgName": "OpenVPN Inc.", + "security_advisories_urls": [ + "https://openvpn.net/security-advisories/", + "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements" + ] + }, + { + "orgName": "Opera", + "security_advisories_urls": [ + "https://security.opera.com/advisories/" + ] + }, + { + "orgName": "OPPO Mobile Telecommunication Corp., Ltd.", + "security_advisories_urls": [ + "https://security.oppo.com/en/mend.html" + ] + }, + { + "orgName": "Oracle", + "security_advisories_urls": [ + "https://www.oracle.com/security-alerts/" + ] + }, + { + "orgName": "OTRS AG", + "security_advisories_urls": [ + "https://otrs.com/overview-release-notes-security-advisories/security-advisories/" + ] + }, + { + "orgName": "Palo Alto Networks, Inc.", + "security_advisories_urls": [ + "https://securityadvisories.paloaltonetworks.com/" + ] + }, + { + "orgName": "Patchstack", + "security_advisories_urls": [ + "https://patchstack.com/database/", + "https://patchstack.com/security-advisories/" + ] + }, + { + "orgName": "Pegasystems Inc.", + "security_advisories_urls": [ + "https://www.pega.com/trust/security-advisories" + ] + }, + { + "orgName": "PHP Group", + "security_advisories_urls": [ + "https://www.php.net/ChangeLog-7.php" + ] + }, + { + "orgName": "Puppet", + "security_advisories_urls": [ + "https://puppet.com/security/cve/security-vulnerability-announcements" + ] + }, + { + "orgName": "QNAP Systems, Inc.", + "security_advisories_urls": [ + "https://www.qnap.com/en-us/security-advisory" + ] + }, + { + "orgName": "Qualcomm, Inc.", + "security_advisories_urls": [ + "https://www.qualcomm.com/company/product-security/bulletins" + ] + }, + { + "orgName": "Rapid7, Inc.", + "security_advisories_urls": [ + "https://www.rapid7.com/db/" + ] + }, + { + "orgName": "Red Hat, Inc.", + "security_advisories_urls": [ + "https://access.redhat.com/security/security-updates/#/security-advisories" + ] + }, + { + "orgName": "Replicated, Inc.", + "security_advisories_urls": [ + "https://www.replicated.com/security/advisories/" + ] + }, + { + "orgName": "Robert Bosch GmbH", + "security_advisories_urls": [ + "https://psirt.bosch.com/security-advisories/" + ] + }, + { + "orgName": "Salesforce, Inc.", + "security_advisories_urls": [ + "https://trust.salesforce.com/en/security/security-advisories/" + ] + }, + { + "orgName": "Samsung Mobile", + "security_advisories_urls": [ + "https://security.samsungmobile.com/workScope.smsb" + ] + }, + { + "orgName": "SAP SE", + "security_advisories_urls": [ + "https://wiki.scn.sap.com/wiki/display/PSR/The+Official+SAP+Product+Security+Response+Space" + ] + }, + { + "orgName": "Secomea A/S", + "security_advisories_urls": [ + "https://www.secomea.com/cybersecurity-advisory/" + ] + }, + { + "orgName": "Schneider Electric", + "security_advisories_urls": [ + "https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp" + ] + }, + { + "orgName": "SICK AG", + "security_advisories_urls": [ + "https://sick.com/psirt#advisories" + ] + }, + { + "orgName": "Siemens", + "security_advisories_urls": [ + "https://new.siemens.com/global/en/products/services/cert.html#SecurityPublications" + ] + }, + { + "orgName": "Sierra Wireless Inc.", + "security_advisories_urls": [ + "https://www.sierrawireless.com/company/security/archive/" + ] + }, + { + "orgName": "Silver Peak Systems, Inc.", + "security_advisories_urls": [ + "https://www.silver-peak.com/support/user-documentation/security-advisories" + ] + }, + { + "orgName": "Simplinx Ltd.", + "security_advisories_urls": [ + "https://simplinx.com/en/security-advisories/" + ] + }, + { + "orgName": "Snyk", + "security_advisories_urls": [ + "https://snyk.io/vuln/" + ] + }, + { + "orgName": "SolarWinds", + "security_advisories_urls": [ + "https://www.solarwinds.com/trust-center/security-advisories" + ] + }, + { + "orgName": "SonicWall, Inc.", + "security_advisories_urls": [ + "https://psirt.global.sonicwall.com/vuln-list" + ] + }, + { + "orgName": "Sophos Limited", + "security_advisories_urls": [ + "https://community.sophos.com/b/security-blog/" + ] + }, + { + "orgName": "Spanish National Cybersecurity Institute, S.A. (INCIBE)", + "security_advisories_urls": [ + "https://www.incibe-cert.es/alerta-temprana/vulnerabilidades/avisos-cna", + "https://www.incibe-cert.es/en/early-warning/vulnerabilities/cna-advisories" + ] + }, + { + "orgName": "Splunk Inc.", + "security_advisories_urls": [ + "https://www.splunk.com/page/securityportal" + ] + }, + { + "orgName": "SUSE", + "security_advisories_urls": [ + "https://www.suse.com/support/update/", + "by CVE ID" + ] + }, + { + "orgName": "Swift Project", + "security_advisories_urls": [ + "https://swift.org/support/security.html" + ] + }, + { + "orgName": "Symantec - A Division of Broadcom", + "security_advisories_urls": [ + "https://support.broadcom.com/security-advisory/security-advisories-list.html" + ] + }, + { + "orgName": "Synaptics, Inc.", + "security_advisories_urls": [ + "https://www.synaptics.com/products/touchpad-family", + "https://www.synaptics.com/products/biometrics", + "https://www.synaptics.com/products/far-field-voice-dsp" + ] + }, + { + "orgName": "Synology Inc.", + "security_advisories_urls": [ + "https://www.synology.com/en-global/security/advisory" + ] + }, + { + "orgName": "Synopsys", + "security_advisories_urls": [ + "https://www.synopsys.com/blogs/software-security/" + ] + }, + { + "orgName": "Talos", + "security_advisories_urls": [ + "https://talosintelligence.com/vulnerability_reports" + ] + }, + { + "orgName": "Tcpdump Group", + "security_advisories_urls": [ + "https://www.tcpdump.org/public-cve-list.txt" + ] + }, + { + "orgName": "Tenable Network Security, Inc.", + "security_advisories_urls": [ + "https://www.tenable.com/security" + ] + }, + { + "orgName": "Teradici Corporation", + "security_advisories_urls": [ + "https://advisory.teradici.com/security-advisories/" + ] + }, + { + "orgName": "TianoCore.org", + "security_advisories_urls": [ + "https://edk2-docs.gitbook.io/security-advisory/" + ] + }, + { + "orgName": "TIBCO Software Inc.", + "security_advisories_urls": [ + "https://www.tibco.com/services/support/advisories" + ] + }, + { + "orgName": "Tigera, Inc.", + "security_advisories_urls": [ + "https://www.projectcalico.org/security-bulletins/" + ] + }, + { + "orgName": "Toshiba Corporation", + "security_advisories_urls": [ + "https://www.global.toshiba/ww/cybersecurity/corporate/psirt.html" + ] + }, + { + "orgName": "TR-CERT (Computer Emergency Response Team of the Republic of Turkey)", + "security_advisories_urls": [ + "https://www.usom.gov.tr/tehdit.html" + ] + }, + { + "orgName": "Trend Micro, Inc.", + "security_advisories_urls": [ + "https://success.trendmicro.com/vulnerability-response#report" + ] + }, + { + "orgName": "TWCERT/CC", + "security_advisories_urls": [ + "https://www.twcert.org.tw/tw/lp-132-1.html", + "https://www.twcert.org.tw/en/lp-139-2.html" + ] + }, + { + "orgName": "Vaadin Ltd.", + "security_advisories_urls": [ + "https://vaadin.com/security" + ] + }, + { + "orgName": "Vivo Mobile Communication Co., Ltd.", + "security_advisories_urls": [ + "https://www.vivo.com/en/activity/security-advisory" + ] + }, + { + "orgName": "VMware", + "security_advisories_urls": [ + "https://www.vmware.com/security/advisories.html" + ] + }, + { + "orgName": "WhiteSource", + "security_advisories_urls": [ + "https://www.whitesourcesoftware.com/vulnerability-database/" + ] + }, + { + "orgName": "Wordfence", + "security_advisories_urls": [ + "https://www.wordfence.com/blog/category/vulnerabilities/" + ] + }, + { + "orgName": "WPScan", + "security_advisories_urls": [ + "https://wpscan.com/wordpresses", + "https://wpscan.com/plugins", + "https://wpscan.com/themes" + ] + }, + { + "orgName": "Xen Project", + "security_advisories_urls": [ + "https://xenbits.xen.org/xsa/" + ] + }, + { + "orgName": "Xiaomi Technology Co., Ltd.", + "security_advisories_urls": [ + "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement?locale=en" + ] + }, + { + "orgName": "Xylem", + "security_advisories_urls": [ + "https://www.xylem.com/en-us/about-xylem/cybersecurity/advisories?page=1&pagesize=24&categories=1324" + ] + }, + { + "orgName": "Yandex N.V.", + "security_advisories_urls": [ + "https://cloud.yandex.com/docs/overview/security-bulletins/" + ] + }, + { + "orgName": "Zabbix", + "security_advisories_urls": [ + "https://support.zabbix.com/projects/ZBX/issues/" + ] + }, + { + "orgName": "Zephyr Project", + "security_advisories_urls": [ + "https://docs.zephyrproject.org/latest/security/vulnerabilities.html" + ] + }, + { + "orgName": "Zero Day Initiative", + "security_advisories_urls": [ + "https://www.zerodayinitiative.com/advisories/published/" + ] + }, + { + "orgName": "Zoom Video Communications, Inc.", + "security_advisories_urls": [ + "https://zoom.us/trust/security/security-bulletin" + ] + }, + { + "orgName": "Zscaler, Inc.", + "security_advisories_urls": [ + "https://trust.zscaler.com/security-advisories" + ] + }, + { + "orgName": "ZTE Corporation", + "security_advisories_urls": [ + "http://support.zte.com.cn/support/news/NewsMain.aspx" + ] + }, + { + "orgName": "Zyxel Corporation", + "security_advisories_urls": [ + "https://www.zyxel.com/support/security_advisories.shtml" + ] + }, + { + "orgName": "Snow Software", + "security_advisories_urls": [ + "https://community.snowsoftware.com/s/group/0F91r000000QUhPCAW/news-updates" + ] + }, + { + "orgName": "LG Electronics", + "security_advisories_urls": [ + "https://lgsecurity.lge.com/security_updates_mobile.html", + "https://lgsecurity.lge.com/security_updates_monitor.html", + "https://lgsecurity.lge.com/security_updates_pc.html" + ] + }, + { + "orgName": "Censys", + "security_advisories_urls": [ + "https://censys.io/blog" + ] + }, + { + "orgName": "Ping Identity Corporation", + "security_advisories_urls": [ + "https://support.pingidentity.com/" + ] + }, + { + "orgName": "Palantir Technologies", + "security_advisories_urls": [ + "https://github.com/palantir/security-bulletins" + ] + }, + { + "orgName": "M-Files Corporation", + "security_advisories_urls": [ + "https://www.m-files.com/company/trust-center/security-vulnerabilities/" + ] + }, + { + "orgName": "JFrog", + "security_advisories_urls": [ + "https://www.jfrog.com/confluence/display/RTF/Fixed+Security+Vulnerabilities" + ] + }, + { + "orgName": "Switzerland National Cyber Security Centre (NCSC)", + "security_advisories_urls": [ + "https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-it-spezialisten/themen/schwachstelle-melden/advisories.html" + ] + }, + { + "orgName": "MediaTek, Inc.", + "security_advisories_urls": [ + "https://corp.mediatek.com/product-security-bulletin" + ] + }, + { + "orgName": "Thales Group", + "security_advisories_urls": [ + "https://cpl.thalesgroup.com/software-monetization/security-updates" + ] + }, + { + "orgName": "Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)", + "security_advisories_urls": [ + "https://govtech-csg.github.io/security-advisories/advisories" + ] + }, + { + "orgName": "Yugabyte, Inc.", + "security_advisories_urls": [ + "https://docs.yugabyte.com/latest/secure/vulnerability-disclosure-policy/#security-tracker-cve-list" + ] + }, + { + "orgName": "ForgeRock, Inc.", + "security_advisories_urls": [ + "https://backstage.forgerock.com/knowledge/kb/book/b21824339" + ] + }, + { + "orgName": "ASUSTOR, Inc.", + "security_advisories_urls": [ + "https://www.asustor.com/security/security_advisory" + ] + }, + { + "orgName": "Okta", + "security_advisories_urls": [ + "https://trust.okta.com/security-advisories" + ] + }, + { + "orgName": "Indian Computer Emergency Response Team (CERT-In)", + "security_advisories_urls": [ + "https://www.cert-in.org.in/" + ] + }, + { + "orgName": "Western Digital", + "security_advisories_urls": [ + "https://www.westerndigital.com/support/productsecurity" + ] + }, + { + "orgName": "AppCheck Ltd.", + "security_advisories_urls": [ + "https://appcheck-ng.com/category/security-alerts/" + ] + }, + { + "orgName": "Acronis International GmbH", + "security_advisories_urls": [ + "https://security-advisory.acronis.com/advisories" + ] + }, + { + "orgName": "Carrier Global Corporation", + "security_advisories_urls": [ + "https://www.corporate.carrier.com/product-security/advisories-resources/" + ] + }, + { + "orgName": "Artica PFMS", + "security_advisories_urls": [ + "https://pandorafms.com/common-vulnerabilities-and-exposures/" + ] + }, + { + "orgName": "Silicon Labs", + "security_advisories_urls": [ + "https://siliconlabs.force.com/s/alert/Alert__c/00B1M000009sQ4R" + ] + }, + { + "orgName": "Panasonic Corporation", + "security_advisories_urls": [ + "https://www.panasonic.com/global/corporate/product-security/sec/psirt/advisories.html" + ] + }, + { + "orgName": "ZGR", + "security_advisories_urls": [ + "https://www.zigor.com/list-of-vulnerabilities/" + ] + }, + { + "orgName": "Profelis IT Consultancy", + "security_advisories_urls": [ + "https://www.profelis.com.tr/politikalar/bilgi-guvenligi-politikamiz/" + ] + }, + { + "orgName": "TeamViewer Germany GmbH", + "security_advisories_urls": [ + "https://www.teamviewer.com/en/trust-center/security-bulletins/" + ] + }, + { + "orgName": "Vulnscope Technologies", + "security_advisories_urls": [ + "https://www.vulnscope.com/vulnscope" + ] + }, + { + "orgName": "Mirantis", + "security_advisories_urls": [ + "https://github.com/Mirantis/security/blob/main/advisories/advisories.md" + ] + }, + { + "orgName": "VulDB", + "security_advisories_urls": [ + "https://vuldb.com/?cna.recent" + ] + }, + { + "orgName": "Frappe Technologies Pvt. Ltd.", + "security_advisories_urls": [ + "https://erpnext.com/security/references" + ] + }, + { + "orgName": "Rhino Mobility", + "security_advisories_urls": [ + "https://support.rhinomobility.com/security/releases" + ] + }, + { + "orgName": "The OpenBMC Project", + "security_advisories_urls": [ + "https://github.com/openbmc/openbmc/issues?utf8=%E2%9C%93&q=Security+Advisory", + "https://github.com/openbmc/openbmc/security/advisories" + ] + }, + { + "orgName": "Dutch Institute for Vulnerability Disclosure (DIVD)", + "security_advisories_urls": [ + "https://csirt.divd.nl/cves/" + ] + }, + { + "orgName": "Baxter Healthcare", + "security_advisories_urls": [ + "https://www.baxter.com/product-security#additionalresources" + ] + } +]