Tags CVE

How CISA's list of 'must-patch' vulnerabilities has expanded both in size, and who's using it

by Tim Starks

While CISA says the catalog is catching on, some think it needs improvement.

House panel rips CVE contracting and oversight policies

by Sean Lyngaas

The industry-wide program for naming and documenting vulnerabilities suffers from fluctuating funding and insufficient oversight, according to a House panel.

China's vulnerability disclosure system twice as fast as U.S. version

by Shaun Waterman

China’s National Vulnerability Database works more than twice as fast on average as its U.S. counterpart, according to new research.

Government's software vulnerability repository is slow to add new cyberthreats, report says

by Chris Bing

There is a median lag time of approximately seven days between when someone discovers an exploitable software vulnerability and its eventual release on NIST's National Vulnerability Database, according to research conducted by Recorded Future.

Software flaw that allowed Stuxnet virus to spread was the most exploited in 2016

by Chris Bing

Software updates aren’t the cybersecurity silver bullet that some computer experts make them out to be.