The Open Source Vulnerability Database (OSVDB) has, from the beginning, been a database built and maintained for the community, by the community. In an effort to further that mission, the project has recently added the ability for security practitioners to comment on vulnerabilities in OSVDB.
There are mail list discussions, blogs, bug tracking systems, and many other forums for clarifying vulnerability information. Such follow-up often adds information like affected versions, exploitation caveats and additional attack vectors. Unfortunately, this information is often spread out among many sources and remains mostly unknown to a large portion of the community that uses and relies on such details.
While OSVDB has made every effort to include such references in some fashion, we have always desired a better and more concise method for the community to add information about a vulnerability. To help facilitate this, OSVDB will now allow users to comment on specific vulnerabilities. The project hopes this will provide a place for additional information to be maintained in a consolidated location. All user submissions will be moderated to ensure the information is clear, concise and helpful to others.
As always, the OSVDB project thanks you for your support, and continues to look for additional volunteers to help update the content and develop new services. For more information on supporting OSVDB through volunteering or sponsorship, please contact firstname.lastname@example.org.