PoC Vuln Rediscovery Dataset Using Microsoft Creditee Data
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

View only
 
A
1
2
3
Notes about this data:
4
See blog for full writeup: https://www.riskbasedsecurity.com/2017/07/analysis-of-the-random-report-on-zero-days-and-vulnerability-rediscovery/
5
Impromptu dataset to demonstrate and validate vulnerability rediscovery
6
Data collected from Microsoft advisory or acknowledgement page e.g. https://technet.microsoft.com/en-us/library/security/mt745121.aspx
7
Data point ignored if multiple researchers from same company
8
Microsoft creditee data is inconsisent over the years
9
Total MS Vulns = based on VulnDB data, using CVE / MSSB. Note such oddities as CVE-2017-0023 appearing in MS17-007 and MS17-009, occured many times in 2016 etc.
10
"Notes" in Statistics tab are not comprehensive; serve to give pointers as to where statistics can vary based on aggregation method
11
Loading...