Find vulnerabilities

Periodic searching software vulnerabilities is crucial.

You SHOULD check for vulnerabilities when:

  • Using or evaluating new software.

  • Improving existing software with third party components (etc. libraries, modules, plugins)

When a new CVE is out you are vulnerable. It does not matter if exploit code is already published on the Internet or not. Assume that Criminals are misusing the CVEs already.

A simple way to search for vulnerabilities is using Search option that the US National Vulnerability Database (NVD) offers. The NVD is a product of the NIST (National Institute of Standards and Technology).

Find vulnerabilities