Assiste.com - Sécurité informatique - Vie privée sur le Web - Neutralité d'Internet

cr  10.01.2018      r+  07.09.2022      r-  20.10.2024      Pierre Pinard.         (Alertes et avis de sécurité au jour le jour)

L'acronyme CNA (01) est utilisé pour : CVE Numbering Authority.




Le dictionnaire CVE (Common Vulnerabilities and Exposures - CVE), géré par MITRE, donne la priorité à l'attribution d'identificateurs CVE (ID CVE) aux produits, fournisseurs et catégories de produits répertoriés ci-dessous, mais vous pouvez demander un ID CVE pour toute vulnérabilité.

Les CNA réservent des blocs d'identificateurs, ce qui fait que les identificateurs ne sont pas purement chronologiques.

CNAObjet
360 Security Technology, Inc.360 Total Security, 360 Safeguard, 360 Mobile Safe, and 360 Safe Router products, and vulnerabilities in third-party products discovered by 360
Adobe Systems IncorporatedAdobe issues only
AirbusAll Airbus products as well as vulnerabilities in third-party software discovered by Airbus that are not covered by another CNA
Alibaba, Inc.Projects listed on its Alibaba GitHub website only
Android (associated with Google Inc. or Open Handset Alliance)Android issues only
Apache Software FoundationAll Apache Software Foundation issues
Apple Inc.Apple issues only
AppthorityAll Appthority products, as well as vulnerabilities in third-party software discovered by Appthority that are not covered by another CNA
ASUSTOR Inc.ASUSTOR network attached storage (NAS) products, as well as its ADM systems, NAS apps, mobile apps, and utilities
AtlassianAll Atlassian products, as well as Atlassian-maintained projects hosted on https://bitbucket.org/atlassian and https://github.com/atlassian/
AutodeskAll currently supported Autodesk Applications and Cloud Services
Avaya, Inc.All Avaya products
BlackBerryBlackBerry and Good product issues only
Booz Allen Hamilton, Inc.All Booz Allen Hamilton products as well as vulnerabilities in third-party software discovered by Booz Allen Hamilton that are not covered by another CNA
Brocade Communications Systems, LLCBrocade products only
CA Technologies - A Broadcom CompanyCA Technologies issues only
Canonical Ltd.All Canonical issues (including Ubuntu Linux) only
CERT/CCVulnerability assignment related to its vulnerability coordination role
Check Point Software Technologies Ltd.Check Point Security Gateways product line only
Cisco Systems, Inc.Cisco issues only
Cloudflare, Inc.All Cloudflare products, projects hosted at https://github.com/cloudflare/, and any vulnerabilities discovered by Cloudflare that are not covered by another CNA
CyberSecurity Philippines - CERTVulnerability assignment related to its vulnerability coordination role that are not covered by another CNA
Dahua TechnologiesDahua issues only
Debian GNU/LinuxDebian issues only
DellDell, Dell EMC, RSA, Pivotal, and VCE issues only
Distributed Weakness Filing ProjectAny open source software issues not already covered by the Program Root CNA or another CNA
Distributed Weakness Filing ProjectAny open source software issues not already covered by the Primary CNA or another CNA
Drupal.orgAll projects hosted under drupal.org only
Duo Security, Inc.All Duo products and any third-party research targets that are not already in another CNA's scope
Eclipse FoundationEclipse IDE and the Eclipse Foundation's eclipse.org, polarysys.org, and locationtech.org open source projects only
ElasticElasticsearch, Kibana, Beats, Logstash, X-Pack, and Elastic Cloud Enterprise products only
F5 NetworksF5 issues only
Facebook, Inc.Facebook-supported open source projects, mobile apps, and other software, as well as vulnerabilities in third-party software discovered by Facebook that are not covered by another CNA; see: https://www.facebook.com/whitehat and https://github.com/facebook/
Flexera Software LLCAll Flexera products and vulnerabilities discovered by Secunia Research that are not covered by another CNA
ForcepointForcepoint products only
Fortinet, Inc.Fortinet issues only
FreeBSDPrimarily FreeBSD issues only
Google Inc.Chrome and Chrome OS issues only
HackerOneProvides CVE IDs for its customers as part of its bug bounty and vulnerability coordination platform
Hangzhou Hikvision Digital Technology Co., Ltd.All Hikvision Internet of Things (IoT) products including cameras and digital video recorders (DVRs)
Hewlett Packard Enterprise (HPE)HPE issues only
Hillstone Networks, Inc.All Hillstone products only
HP Inc.HP Inc. issues only
Huawei TechnologiesHuawei issues only
IBM CorporationAll IBM products, as well as vulnerabilities in third-party software discovered by IBM X-Force Red that are not covered by another CNA
ICS-CERTInfrastructure sector control systems
Intel CorporationIntel branded products and technologies and Intel managed open source projects
Internet Systems Consortium (ISC)All ISC.org projects
JPCERT/CCVulnerability assignment related to its vulnerability coordination role
Juniper Networks, Inc.Juniper issues only
Kaspersky LabsKaspersky B2C and B2B products as well as vulnerabilities discovered in third-party software not covered by another CNA
KrCERT/CCVulnerability assignment related to its vulnerability coordination role
Larry CashdollarThird-party products he researches
Lenovo Group Ltd.Lenovo general-purpose computers, software for general-purpose operating systems, mobile devices, enterprise storage, and networking products only
MarkLogic CorporationMarkLogic issues only
McAfeeMcAfee issues only
Micro Focus InternationalAll Attachmate, Borland, Gwava, Micro Focus, NetIQ, Novell, Serena, and SUSE products, as well as all former HP Enterprise software suites
Microsoft CorporationMicrosoft issues only
MITRE CorporationAll vulnerabilities not already covered by a CNA listed on this page
MITRE CorporationAll vulnerabilities not already covered by a CNA listed on this page
MongoDB, Inc.MongoDB products only
Mozilla CorporationMozilla issues only
Naver CorporationNaver products only, except Line products
NetApp, Inc.All NetApp products as well as projects hosted on https://github.com/netapp
Netflix, Inc.Current versions of Netflix Mobile Streaming Application for iOS, Android, and Windows Mobile, plus all Netflix Open Source projects hosted on https://github.com/Netflix and https://github.com/spinnaker
Netgear, Inc.Netgear issues only
Node.jsAll actively developed versions of software developed under the Node.js project on https://github.com/nodejs
Nvidia CorporationNvidia issues only
Objective Development Software GmbHObjective Development issues only
OdooOdoo issues only
OpenSSL Software FoundationOpenSSL software projects only
OracleOracle Premier and Extended Support product versions per Oracle’s Lifetime Support Policy
Palo Alto Networks, Inc.All Palo Alto Networks products
PuppetAll Puppet products, as well as all projects on https://github.com/puppetlabs
QNAP Systems, Inc.QNAP QTS, QES, and QVR products as well as its mobile apps and utilities
Qualcomm, Inc.Qualcomm and Snapdragon issues only
Rapid7, Inc.All Rapid7 products and vulnerabilities discovered by Rapid7 that are not covered by another CNA
Red Hat, Inc.Linux issues only
Riverbed Technology, Inc.Riverbed products only
SAP SEAll SAP products
Schneider Electric SEAll Schneider Electric products, including Proface, Pelco, APC, and Eurotherm
Siemens AGSiemens issues only
SonicWALL, Inc.SonicWALL issues only
Symantec CorporationSymantec issues only
Synology Inc.Synology issues only
TalosThird-party products it researches
Tenable Network Security, Inc.Tenable products and third-party products they research not covered by another CNA
TIBCO Software Inc.TIBCO, Talarian, Spotfire, Data Synapse, Foresight, Kabira, Proginet, LogLogic, StreamBase, JasperSoft, and Mashery products/brands only
Trend Micro, Inc.Trend Micro supported products and end-of-life products issues only
TWCERT/CCVulnerability assignment related to its vulnerability coordination role
VMwareVMware issues only
Yandex N.V.Yandex issues only
Zephyr ProjectZephyr project components and vulnerabilities that are not covered by another CNA
Zero Day InitiativeProducts and projects covered by its bug bounty programs not already covered by another CNA
ZTE CorporationZTE products only

CNA CVE Numbering Authority (recherches avec google)
CNA CVE Numbering Authority (recherches avec qwant)