https://oss-security.openwall.org/wiki/ 2026-04-17T02:14:51+02:00 https://oss-security.openwall.org/wiki/ https://oss-security.openwall.org/wiki/lib/tpl/local/images/favicon.ico text/html 2014-06-05T02:52:22+02:00 https://oss-security.openwall.org/wiki/disclosure/cve?rev=1401929542&do=diff CVE Common Vulnerabilities and Exposures (CVE) IDs are a unique identifiers given to security flaws. The CVE FAQ describes it best. CVE has be come a de facto standard for identifying vulnerabilities and security flaws. A1. What is CVE? CVE is a list of information security vulnerabilities and exposures that aims to provide common names for publicly known problems. The goal of CVE is to make it easier to share data across separate vulnerability capabilities (tools, repositories, and servic… text/html 2013-10-24T01:31:35+02:00 https://oss-security.openwall.org/wiki/disclosure/project?rev=1382571095&do=diff Project Disclosure All software contains bugs. A subset of those bugs are security flaws that allows a malicious individual to cause software to do something it shouldn't do. The best example of this is when a remote attacker leverages a flaw in a public facing service (web server or mail server for example), which then allows them access to machine resources. text/html 2008-05-23T07:50:39+02:00 https://oss-security.openwall.org/wiki/disclosure/researcher?rev=1211521839&do=diff Researchers have an especially unique challenge when reporting flaws in Open Source Software. There are countless groups that the flaw could be reported to, and many of them don't have any sort of formal security contact. The purpose of this guide is to help give unfamiliar Researchers guidance when reporting security flaws they find in Open Source Software.