Apache HTTP Server Vulnerability Lists
   Lists of security problems fixed in released versions of the Apache HTTP Server.
   http://httpd.apache.org/security_report.html

AusCERT
   Australian Computer Emergency Response Team. Advisories and tools.
   http://www.auscert.org.au

Bugtraq
   Independent source for security vulnerabilities, alerts, and threats.
   http://www.securityfocus.com/archive/1

CERT Coordination Center
   Studies Internet security vulnerabilities, provides incident response services to sites that have been the victims of attack, publishes a variety of security alerts, researches security and survivability in wide-area-networked computing, and develops info
   http://www.cert.org/

Computer Incident Advisory Capability
   CIAC publishes security bulletins and virus and hoax information. They provide computer security assistance to US Department of Energy (DOE) sites.
   http://www.ciac.org/ciac/index.html

FrSIRT
   Provides security advisories and real-time information about vulnerabilities, exploits, and threats. Sponsor of the Common Vulnerability Scoring System (CVSS).
   http://www.frsirt.com/english/

ISS X-Force
   Security alerts, advisories, and alert summaries from ISS.
   http://xforce.iss.net/xforce/alerts

Linux Security Group
   Security Advisories, Anti Hackers, programming books and related links.
   http://www.linux-security.us/

Makesecure.com
   Network security news, alerts and updates
   http://www.makesecure.com

Microsoft Security Assessment
   A software vendor that provides their own online security assessment. Good for home users.
   http://www.microsoftsecurityassessment.com

New Zealand Computer Emergency Readiness Team
   Security Alerts and Advisories
   http://www.nzcert.org.nz

Open Source Vulnerability Database
   Searchable database of vulnerabilities. Offers data for download in XML format as well as via website. Details of how to submit new vulnerabilities, database schema and FAQ.
   http://www.osvdb.org/

Oracle Security Center
   Tips, tools, and technologies to keep Oracle products safe, secure, and patched.
   http://www.oracle.com/technology/deploy/security/index.html

Patch Management Forum
   Mailing list facilitates networking and information exchange related to patch management: announcements, testing, verification, operations processes, and vulnerabilities.
   http://groups.yahoo.com/group/patchmgmt/

PatchAdvisor
   Fee based patch alert service.
   http://www.patchadvisor.com

PatchEasy
   Software vendor for patch management.
   http://www.patcheasy.com/

PatchManagement.org
   Mailing list dedicated to the discussion of patch management.
   http://www.patchmanagement.org/

Patchlink Corporation
   Software vendor for cross platform patch management.
   http://www.patchlink.com

SANS Internet Storm Center
   Cooperative cyber threat monitor and alert system. Features daily handler diaries that summarize and analyze new threats and events.
   http://isc.sans.org/

Secunia
   Provides security advisories and information about patches, and provides software for vulnerability management.
   http://secunia.com/

Secure Elements
   Software vendor for IS technical control auditing, vulnerability management, and compliance. Provides advisories via XML and RSS, and fully supports OVAL and XCDDF XML standards for compliance and vulnerability functions.
   http://www.secure-elements.com

St Benard
   Software vendor for patch management of operating systems and applications.
   http://www.patches-management.stbernard.com/patches-management.html

Symantec DeepSight Threat Management System
   Fee based security alert service that provides early warning of active attacks.
   http://www.symantec.com/Products/enterprise?c=prodinfo&refId=988

VulnWatch
   Computer security vulnerability disclosure mailing list
   http://www.vulnwatch.org/

eVuln
   Original source of responsible open source vulnerability research.
   http://evuln.com