What is this site ?
This site collects OVAL(Open Vulnerability and Assessment Language) definitions from several
sources like Mitre, Red Hat, Suse, NVD, Apache etc
and provides a unified, easy to use web interface to all IT security related items including
patches, vulnerabilities and compliance checklists.
You can view full details of oval definitions, which is not possible at any other public web site.
Other similar web sites just display comments about the definitions but here you can view exactly what you should look for to
verify a vulnerability or a patch.
Without itsecdb.com it is almost impossible to view details of an OVAL definition without getting lost in several xml files,
definition documentation, xml schemas etc.
itsecdb is fully integrated to www.cvedetails.com so you can easily
navigate between CVE, product and oval definition details.
Most of the definitions, whenever cpe or vulnerability mappings are possible,
are mapped to products defined by cvedetails.com to increase usability.
You can also browse or search for items used in oval definitions like file names, rpm packages, AIX patch numbers etc,
so you can easily find all patches or vulnerabilities related to any file. For example you can view list of all
patches, vulnerabilities and compliance checks related to
mshtml.dll here.