Tag archives for Open Standards - Page 2
13
Apr
CVEchecker v3.0 released
The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE ...
The 2010 CWE/SANS Top 25 Most Dangerous Software Errors is a list of the most widespread and critical programming errors that can lead to serious ...
CWE Version 1.12 has been posted on the CWE List page. A detailed report is available that lists specific changes between Version 1.11 and Version ...
Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to ...
09
Feb
Open SCAP v0.6.8 released
The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of ...
MAEC™ International in scope and free for public use, MAEC is a standardized language for encoding and communicating high-fidelity information about malware ...
05
Jan
OpenFISMA 2.11 Released
What is OpenFISMA?
The OpenFISMA project is an open source application designed to reduce the complexity ...
So for each weakness in the architecture, design, code or implementation that might be introduced into an application, which in some cases can contribute to a vulnerability within that software, we need to be able toreason and communicate about the relative importance of different weaknesses. For example, a buffer overflow vulnerability might arise from aweakness in which the programmer doesnot properly validate the length of an input buffer. This weakness only contributes to a vulnerability if the input buffer can be influenced by amalicious party, and the malicious buffer is copied toa smaller buffer.
CAPEC Version 1.6 has been posted on the CAPEC List page. A detailed report is available that lists specific changes between Version 1.5 and Version ...
CWE