Tom Alrich's Blog

Monday, March 31, 2025

Here’s your chance to advise CVE.org!

›
I was pleased to see in my LinkedIn feed this morning a post from Alec Summers of MITRE containing a link to a “CVE Data Usage and Satisf...
Friday, March 28, 2025

Is CVE.org on the chopping block?

›
I’ve been writing a lot about problems with the National Vulnerability Database (NVD) lately. It didn’t occur to me that there might be si...
Sunday, March 23, 2025

A longstanding CVE problem needs to be resolved - along with two others

›
  Last December in the annual CNA Workshop run by CVE.org, an important issue was brought up during a presentation by Lisa Olsen of Micro...
Saturday, March 22, 2025

Implementing purl in the CVE ecosystem

›
As discussed in this recent  blog post , software vulnerability management is facing a serious problem: The  National Vulnerability Database...
Wednesday, March 19, 2025

Has the NVD become an empty shell?

›
Brian Martin, a well-known vulnerability researcher with whom I’ve had previous online discussions , has been closely following what is happ...
Sunday, March 16, 2025

The two uses of “exploitability”

›
My post about a week ago introduced (for those who weren’t familiar with it already) the concept of exploitability of a vulnerability. Th...
›
Home
View web version

About Me

My photo
Tom Alrich
View my complete profile
Powered by Blogger.