Get this blog as an RSS Feed

Secunia Research Page Improvements

14:15 CET, 3rd February 2011 By Carsten Eiram.

Yesterday, we updated the Secunia Research page, which lists the advisories describing vulnerabilities discovered internally at Secunia by the Secunia Research team.

The changes to the Secunia Research page are:

  • Instead of listing an advisory for the year the vulnerability/vulnerabilities covered by the advisory were discovered, the listing is now based on the publication year. Vulnerabilities e.g. discovered in 2010, but published in 2011 will, therefore, be listed in the 2011 section and not, as before, in the 2010 section.
  • The number of advisories published each year as well as the number of vulnerabilities covered by the advisories published that year are clearly listed. Similarly, each published advisory also clearly lists the number of covered vulnerabilities.
  • The pending disclosures section has been removed.
  • A coordinated disclosures sub-section for vulnerabilities discovered by external researchers, but validated and coordinated by Secunia Research has been added. Each year, a number of talented, external researchers ask Secunia to validate their vulnerability discoveries and then handle the disclosure process on their behalf. In order to highlight these researchers' efforts more clearly than before, this new sub-section has been added.

This new Secunia Research page is a major improvement over the old page and makes the efforts not only of the Secunia Research team evident, but also those of external researchers asking Secunia to verify and handle their vulnerability discoveries.

Stay Secure,

Carsten Eiram
Chief Security Specialist

Discuss this blog entry
A new thread in our forum is created. Activate the thread by commenting/discussing below.

Subject: Secunia Research Page Improvements

User Message


RE: Secunia Research Page Improvements
This reply has been minimised due to a negative Relevancy Score.
Anthony Wells RE: Secunia Research Page Improvements
Expert Contributor 10th Feb, 2011 12:40
Score: 2473
Posts: 3,364
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 10th Feb, 2011 12:44
Hello Ron ,

You set an "ignore rule" for the specific programme you wish to retain , despite it being "insecure" or "EOL" - be sure you know why you wish to do this and the potentially dangerous consequences .

Click the [+] to the left of the programme in question and in the PSI V2.0 you will see two small yellowish folder icons to the left of the "detected instance" , click the one with the red blob and you can set an "ignore rule" - the programme is no longer scanned . In V 1.5.x you will see the "ignore program" icon in the "toolbox" in the expanded page - the programme is still scanned but the results not displayed .

In future you would be best advised to create your own thread - see the lhs column on this page - rather the post under a blog which is/was not really relevant ; that way you may get less -ve votes and a quicker response .

Take care


PS: posting your email address to an open forum is not a good idea - spam hell beckons ;((


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?

You must be logged in to post a comment.