Zercurity records every application (OSX), package (Linux) and program (Windows) installed across your assets. We collectively refer to these as packages.
Risk Zercurity uses colours to colour-code the severity of risk.
Name The name of the package. For some common packages, you can click to find out more information about the package and its source of origin.
Version A version number for the package. If the package is out-of-date then the risk icon will be at least a yellow colour.
Assets The number of Assets that currently have this package installed.
Published The date this package was either first seen or released by the publisher. You can click the package name to find out more.
First installed The date the package was first installed across all assets.
Provides a unified overview of the package’s state. This includes any vulnerabilities assigned to the given package or newer and historical package information.
Provides a history of risk changes made to the package.
Provides a list of assigned CVEs against a given package.
Name The CVE name and corresponding CVSS severity score.
Package The version of the package.
Vulnerable Version The vulnerable version that package maintainers identified before a fix was issued.
Fixed Version The fixed package that remedied the vulnerability.
Source Where we found this information. Maybe be user contributed. The source is usually accompanied by a corresponding source id or SID. This id that refers the the external sources Id.
Published When the vulnerability was first published.
Description A short description of the vulnerability.
CVSSv2 CVSSv2 scoring information. More information can be found here about how the scores are calculated and what they mean. https://www.first.org/cvss/v2/guide
Provides a list of other versions for a given package. These versions may be newer or older.
Filename The filename of the package that was processed.
Version The version of the package.
Owner The email address and/or name of the maintainer of the package
Published The date and time of when the package was published.