Not Simon 🐐

Here's a handy resource: A list of vendor security advisories, sorted by Patch Tuesday schedule (if they adhere to it). This is not a complete or definitive list, but it's better than nothing. I also don't worry about all of the listed vendors, and didn't include ones who don't even have a portal/landing page for security advisories. I'll try to keep the page updated when I add more vendors, or know that their link changed. (Ideally you'd be monitoring these on your own using RSS). Visit the Vendor Verbiage page to figure out what was publicly disclosed or exploited.

Page last updated: December 25, 2024.

First Monday of the month

• Android: https://source.android.com/docs/security/bulletin

First Weekday of the month

• Qualcomm: https://docs.qualcomm.com/product/publicresources/securitybulletin

Second Tuesday of the month

• Adobe: https://helpx.adobe.com/security/security-bulletin.html
• Fortinet: https://www.fortiguard.com/psirt
• Intel: https://www.intel.com/content/www/us/en/security-center/default.html
• Ivanti: https://www.ivanti.com/blog/topics/security-advisory
• Microsoft: https://msrc.microsoft.com/update-guide/vulnerability/
• SAP: https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html

Preferred on (second Tuesday) of the month (but whenever)

• Arm: link shortened for length reasons
• Cisco: https://sec.cloudapps.cisco.com/security/center/publicationListing.x
• Google Chrome: https://chromereleases.googleblog.com/

Third Tuesday of the month

• Atlassian: https://www.atlassian.com/trust/security/advisories

Quarterly

• Oracle (third Tuesday of January, April, July, and October): https://www.oracle.com/security-alerts/
• Splunk: https://advisory.splunk.com/

Regular Schedule? LOL

• AMD: https://www.amd.com/en/resources/product-security.html
• Apple: https://support.apple.com/en-us/100100
• Citrix: https://support.citrix.com/s/topic/0TO4z0000001GYdGAM/security-bulletin?language=en_US
• Dell: https://www.dell.com/support/security/en-us
• Draytek: https://www.draytek.com/about/security-advisory/
• Elastic: https://discuss.elastic.co/c/announcements/security-announcements/31?ascending=false&order=activity
• GitLab: https://about.gitlab.com/releases/categories/releases/
• Jenkins: https://www.jenkins.io/security/advisories/
• JetBrains: https://www.jetbrains.com/privacy-security/issues-fixed/
• Juniper: https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=relevancy&f:ctype=[Security%20Advisories]
• Mozilla: https://www.mozilla.org/en-US/security/advisories/
• Okta: https://trust.okta.com/security-advisories/
• Palo Alto Networks: https://security.paloaltonetworks.com/
• Red Hat: https://access.redhat.com/security/security-updates/security-advisories
• Rockwell Automation: https://www.rockwellautomation.com/en-us/trust-center/security-advisories.html
• SolarWinds: https://www.solarwinds.com/trust-center/security-advisories
• SonicWall: https://psirt.global.sonicwall.com/vuln-list
• VMware: https://support.broadcom.com/web/ecx/security-advisory?
• Zimbra: https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

Patching? LMAO

• D-Link: https://supportannouncement.us.dlink.com/