Bugtraq

Bugtraq is an electronic mailing list dedicated to issues about computer security. On-topic issues are new discussions about vulnerabilities, vendor security-related announcements, methods of exploitation, and how to fix them. It is a high-volume mailing list, and almost all new vulnerabilities are discussed there. This forum provides a vehicle for software and system manufacturers to communicate in a targeted fashion with their installed base to inform them of new vulnerabilities, so they can be rapidly addressed. From the perspective of the enterprise, it also provides a consolidated view of vulnerabilities, eliminating the need to try to track down announcements from individual vendors; as well as providing a forum to seek information from peers.

Bugtraq was created on November 5, 1993 by Scott Chasin in response to the perceived failings of the existing Internet security infrastructure of the time, particularly CERT. Bugtraq's policy was to publish vulnerabilities, regardless of vendor response, as part of the full disclosure movement of vulnerability disclosure.