eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Server stats:

223
active users

#nvd

0 posts0 participants0 posts today
VulDB :verified:<p>Submit your new vulnerability discovery here and we will assign a CVE in no time. <a href="https://vuldb.com/?id.add" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">vuldb.com/?id.add</span><span class="invisible"></span></a> <a href="https://infosec.exchange/tags/vuldb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vuldb</span></a> <a href="https://infosec.exchange/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mitre</span></a> <a href="https://infosec.exchange/tags/nvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nvd</span></a></p>
Paco Hope #resist<p>Somehow I missed <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-38392#vulnCurrentDescriptionTitle" rel="nofollow noopener" target="_blank">this CVE</a> when it came out in 2022.</p><p>I think it's called a Jackson-in-the-Middle attack.</p><blockquote><p>Certain 5400 RPM hard drives, ... allow physically proximate attackers to cause a ... device malfunction ... via a resonant-frequency attack with the audio signal from the Rhythm Nation music video.</p></blockquote><p>I like that CVE links to <a href="https://www.youtube.com/watch?v=nSvu9IDUjZw&amp;t=416s" rel="nofollow noopener" target="_blank">a YouTube video</a> where someone tried to reproduce it. </p><p><a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://infosec.exchange/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> <a href="https://infosec.exchange/tags/JanetJackson" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JanetJackson</span></a></p>
VulDB :verified:<p>You want to publish a new vulnerability? Just submit and we will handle your CVE assignment in no time. <a href="https://vuldb.com/?id.add" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">vuldb.com/?id.add</span><span class="invisible"></span></a> <a href="https://infosec.exchange/tags/vuldb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vuldb</span></a> <a href="https://infosec.exchange/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mitre</span></a> <a href="https://infosec.exchange/tags/nvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nvd</span></a></p>
Benjamin Carr, Ph.D. 👨🏻‍💻🧬<p>As <a href="https://hachyderm.io/tags/US" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>US</span></a> <a href="https://hachyderm.io/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a>-tracking falters, <a href="https://hachyderm.io/tags/EU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EU</span></a> enters with its own <a href="https://hachyderm.io/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> bug database<br>The European Vulnerability Database (<a href="https://hachyderm.io/tags/EUVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EUVD</span></a>) is now fully operational, offering a streamlined platform to monitor critical and actively exploited security flaws amid the US struggles with budget cuts, delayed disclosures, and confusion around the future of its own tracking systems. The EUVD is similar to the US government's National Vulnerability Database (<a href="https://hachyderm.io/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a>).<br><a href="https://www.theregister.com/2025/05/13/eu_security_bug_database/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theregister.com/2025/05/13/eu_</span><span class="invisible">security_bug_database/</span></a> <a href="https://hachyderm.io/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a></p>
VulDB :verified:<p>You have discovered a new vulnerability? Submit it here and we will assign a CVE in no time. <a href="https://vuldb.com/?id.add" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">vuldb.com/?id.add</span><span class="invisible"></span></a> <a href="https://infosec.exchange/tags/vuldb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vuldb</span></a> <a href="https://infosec.exchange/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mitre</span></a> <a href="https://infosec.exchange/tags/nvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nvd</span></a></p>
Matthias Schulze<p>Quick writeup on the alleged cut of funding for the <a href="https://ioc.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> and <a href="https://ioc.exchange/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a>. As with everything Trump destroys, tomorrow the situation might be different. But this is my current take on the story: </p><p><a href="https://open.substack.com/pub/internationalcybersecurity/p/the-crumbling-foundation-of-global" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">open.substack.com/pub/internat</span><span class="invisible">ionalcybersecurity/p/the-crumbling-foundation-of-global</span></a></p>
heise online<p>Die Cybersecurity and Infrastructure Security Agency (CISA) arbeitet dringend daran, die Auswirkungen zu mildern und CVE zu erhalten, ist jedoch selbst von erheblichen Kürzungen und Chaos dank Elon Musks DOGE betroffen. </p><p>Zum Artikel: <a href="https://heise.de/-10353326?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&amp;utm_source=mastodon" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">heise.de/-10353326?wt_mc=sm.re</span><span class="invisible">d.ho.mastodon.mastodon.md_beitraege.md_beitraege&amp;utm_source=mastodon</span></a></p><p><a href="https://social.heise.de/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://social.heise.de/tags/ITsicherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsicherheit</span></a> <a href="https://social.heise.de/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MITRE</span></a> <a href="https://social.heise.de/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> <a href="https://social.heise.de/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a></p>
Manuel 'HonkHase' Atug<p>US-Kürzungen: <a href="https://chaos.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a>-Liste könnte sofort stoppen</p><p>"Die CVE-Liste ist zentral für koordinierte Maßnahmen gegen gefährliche Bugs. Die US-Regierung entzieht die Finanzierung. Per sofort.</p><p>Offen bleibt, wie es konkret weitergeht. Eine Liste der bisher zugeteilten CVE-Nummern steht bis auf Weiteres bei Github online...Von Dritten gemeldete Sicherheitslücken wird MITRE ab Donnerstag aber wohl nicht mehr in die Liste aufnehmen."<br><a href="https://chaos.social/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MITRE</span></a> <a href="https://chaos.social/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a><br><a href="https://www.heise.de/news/US-Kuerzungen-CVE-Liste-koennte-sofort-stoppen-10353326.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/US-Kuerzungen-CV</span><span class="invisible">E-Liste-koennte-sofort-stoppen-10353326.html</span></a></p>
VulDB :verified:<p>We are a CNA. Submit your vulnerabilities and we will assign a CVE in no time. <a href="https://vuldb.com/?id.add" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">vuldb.com/?id.add</span><span class="invisible"></span></a> <a href="https://infosec.exchange/tags/vuldb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vuldb</span></a> <a href="https://infosec.exchange/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mitre</span></a> <a href="https://infosec.exchange/tags/nvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nvd</span></a></p>
VulDB :verified:<p>You want to publish a new vulnerability? Just submit and we will handle your CVE assignment in no time. <a href="https://vuldb.com/?id.add" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">vuldb.com/?id.add</span><span class="invisible"></span></a> <a href="https://infosec.exchange/tags/vuldb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vuldb</span></a> <a href="https://infosec.exchange/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mitre</span></a> <a href="https://infosec.exchange/tags/nvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nvd</span></a></p>
Florian Schmidt<p>So here's some first answer. <a href="https://mstdn.social/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> is still out there, but the trouble with <a href="https://mstdn.social/tags/NIST" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NIST</span></a> has already begun.<br><a href="https://cyberplace.social/@GossiTheDog/114038161923959059" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cyberplace.social/@GossiTheDog</span><span class="invisible">/114038161923959059</span></a></p>
VulDB :verified:<p>You want to publish a new vulnerability? Just submit and we will handle your CVE assignment in no time. <a href="https://vuldb.com/?id.add" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">vuldb.com/?id.add</span><span class="invisible"></span></a> <a href="https://infosec.exchange/tags/vuldb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vuldb</span></a> <a href="https://infosec.exchange/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mitre</span></a> <a href="https://infosec.exchange/tags/nvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nvd</span></a></p>
Christian Gudrian<p>And just now I wonder how long the National Vulnerability Database will remain online. <a href="https://social.tchncs.de/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> <a href="https://social.tchncs.de/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://social.tchncs.de/tags/NIST" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NIST</span></a></p>
Florian Schmidt<p>Not the biggest question right now, for sure, but one that still has worldwide effects:<br>With the ongoing <a href="https://mstdn.social/tags/BrainDrain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BrainDrain</span></a> (aka <a href="https://mstdn.social/tags/layoffs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>layoffs</span></a>) and meddling in US institutions, how will software security analysis be affected? Can <a href="https://mstdn.social/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> still be trusted with being the main source of <a href="https://mstdn.social/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> in many popular tools?<br>Should e.g. Europe build up own capacities in vulnerability analysis and set up own databases? Are there existing solutions already?<br><a href="https://mstdn.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mstdn.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mstdn.social/tags/threatmodeling" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatmodeling</span></a></p>
VulDB :verified:<p>You have discovered a new vulnerability? Submit it here and we will assign a CVE in no time. <a href="https://vuldb.com/?id.add" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">vuldb.com/?id.add</span><span class="invisible"></span></a> <a href="https://infosec.exchange/tags/vuldb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vuldb</span></a> <a href="https://infosec.exchange/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mitre</span></a> <a href="https://infosec.exchange/tags/nvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nvd</span></a></p>
VulDB :verified:<p>You want to publish a new vulnerability? Just submit and we will handle your CVE assignment in no time. <a href="https://vuldb.com/?id.add" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">vuldb.com/?id.add</span><span class="invisible"></span></a> <a href="https://infosec.exchange/tags/vuldb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vuldb</span></a> <a href="https://infosec.exchange/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mitre</span></a> <a href="https://infosec.exchange/tags/nvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nvd</span></a></p>
Josh Bressers<p>The <a href="https://infosec.exchange/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> API has been broken for a few days now</p><p>At least they updated their status page<br><a href="https://www.nist.gov/itl/nvd" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">nist.gov/itl/nvd</span><span class="invisible"></span></a></p>
Josh Bressers<p>Looks like <a href="https://infosec.exchange/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> has stopped enriching <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> again. So that's neat</p>
VulDB :verified:<p>Submit your new vulnerability discovery here and we will assign a CVE in no time. <a href="https://vuldb.com/?id.add" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">vuldb.com/?id.add</span><span class="invisible"></span></a> <a href="https://infosec.exchange/tags/vuldb" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vuldb</span></a> <a href="https://infosec.exchange/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mitre</span></a> <a href="https://infosec.exchange/tags/nvd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nvd</span></a></p>
CVE Program<p>New on the CVE Blog: <br>Chris Turner of NIST Joins the CVE Board as the “NIST CVE Board Liaison” <br> <br><a href="https://medium.com/@cve_program/chris-turner-of-nist-joins-the-cve-board-as-the-nist-cve-board-liaison-d23a03dbfa69" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">medium.com/@cve_program/chris-</span><span class="invisible">turner-of-nist-joins-the-cve-board-as-the-nist-cve-board-liaison-d23a03dbfa69</span></a> <br> <br><a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/NIST" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NIST</span></a> <a href="https://mastodon.social/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/InformationSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InformationSecurity</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a></p>