And Prev? What does that mean?

Some of our data providers use these small typo to explain that a vulnerability affects multiple products and specially “previous version” of a product.

For products like google chrome, we can understand that manually reference 3,000 chrome versions could be hard work. Nevertheless, data integrity is critical! For you, and our alerting system, it’s a big miss. So we have worked hard to find an automated way to tag all versions of a product impacted by a vulnerability. It’s starting today.

We also updated IAVM definitions, all exploit scripts (Snort, Exploitdb, Nessus, Openvas…) and a lot more.

After some investigation, we have rebuilt a better CPE dictionary to let you pick up easily a product or a version. You should find it on your control panel or on the CPE listing

We have rebuilt lots of queries, particularly for big CPE products (examples could be Google Chrome). Before, and without caching, it took circa 10s to gather and display, now, we reduced it to 1-2s Maximum.

And at last, we owe you an apology. Due to a bad configuration of our database, some of our Alerts ’Histories’ are truncated. We use Mysql, but our engine was not in Strict Mode. When we have inserted some LONGTEXT into a TEXT, data was truncated without notice. Changes were made, this kind of error will not happen again. You have our word!

We continue to update the system, and to make code enhancements. Most of our Code is now PSR-2.


Comments

Related Articles

Documentations
Update