Global Security Vulnerability Publishing Platform

1. Domestic:

https://www.cnvd.org.cn/ This is national

https://avd.aliyun.com/ Ali's fast and powerful

2. International:

The following are some authoritative websites that publish information about Linux, Windows system vulnerabilities, and open source software such as MySQL, Nginx, Tomcat, Java virtual machine, etc.:

1. The global vulnerability information publishing platform: CVE (Common Vulnerabilities and Exposures) official website ( CVE -CVE ). CVE is an international vulnerability naming and classification system, which summarizes vulnerability information of various software and hardware systems around the world.

2. Global open source software security organization: CERT/CC (Computer Emergency Response Team Coordination Center) official website ( The CERT Division | Software Engineering Institute ). CERT/CC is one of the organizations responsible for coordinating the handling of global network security issues and responding to incidents. They often issue reports and recommendations on open source software vulnerabilities.

3. Vulnerability library and security bulletin release website: National Vulnerability Database (NVD) ( NVD - Home ), maintained by the National Institute of Standards and Technology (NIST). NVD provides an extensive database of vulnerability information, including vulnerability reports for a variety of software and hardware products.

4. Security notice release website: US-CERT (United States Computer Emergency Readiness Team) ( Home Page | CISA ), which is the official website of the US National Network and Information Security Coordination Center. US-CERT publishes notices about computer security, vulnerability alerts, and security advisories.

These sites are widely recognized for publishing vulnerability information, and they are a reliable source for authoritative vulnerability information. Note, make sure to get the vulnerability information from the official website for accurate and latest updates.

In addition to the authoritative websites mentioned above, there are other well-known websites that publish information on system vulnerabilities and open source software vulnerabilities. Here are some of them:

1. Global Open Vulnerability Database: Open Sourced Vulnerability Database (OSVDB) ( https://osvdb.org/ ). OSVDB is an open database used to collect and publish various software vulnerability information.

2. Security research institutions and communities: Some security research institutions and communities also release information about system vulnerabilities and open source software vulnerabilities, such as:

   • SANS Internet Storm Center ( SANS.edu Internet Storm Center - SANS Internet Storm Center ): Provides news, vulnerability reports, and analysis on system and network security.
   • Exploit Database ( Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers ): Provides exploit codes and vulnerability information for various software and systems.

Note that these sites are publicly released information, but careful verification and evaluation of published vulnerability information is still recommended. In addition, for specific operating systems, software, or open source projects, you can also follow official security bulletins and mailing lists to obtain timely updates and fixes.

1. Global vulnerability information database: CVE (Common Vulnerabilities and Exposures) official website ( CVE -CVE ). This website aggregates vulnerability information for various software, hardware, and systems around the world.

2. National Vulnerability Database: National Information Security Vulnerability Database ( https://www.cnvd.org.cn/ ), maintained by China National Information Security Vulnerability Database. The website publishes vulnerability information on domestic software, hardware and systems.

3. Official websites of hardware manufacturers: Many hardware manufacturers publish vulnerability announcements and security updates about their products on their official websites. You can follow the websites of relevant hardware manufacturers to query vulnerability information.

4. Operating system and open source software communities: Different operating system and open source software projects usually publish vulnerability information in their official communities or developer forums. For example:

   • Linux Kernel Mailing List: The official mailing list of the Linux kernel, used to publish Linux system vulnerability information and patch updates.
   • Microsoft Security TechCenter ( Antimalware and cybersecurity portal - Microsoft Security Intelligence ): Microsoft's security technology center publishes security bulletins and updates related to the Windows operating system.

5. Official websites of programming languages ​​and frameworks: For programming languages ​​and popular development frameworks, you can follow their official websites, developer communities, and mailing lists to obtain related vulnerability information and security updates.

It should be noted that different hardware, operating systems, software and open source projects may have different release channels and official information platforms. In order to obtain vulnerability information and security updates in a timely manner, it is recommended that you regularly visit the above websites and follow relevant official channels and communities.