O SRD é uma base de dados de excertos de software vulneráveis muito interessante. Saiu a versão 4:
Computer scientists at the National Institute of Standards and Technology (NIST) have dramatically enlarged a database designed to improve applications that help programmers find weaknesses in software. This database, the SAMATE Reference Dataset (SRD), version 4.0, is a freely available online tool aimed at helping programmers fortify their creations against hackers. (...)
"The SRD is for companies that build static analyzers, whose use is expanding within the software industry," says SRD project leader Michael Koo. "It will help their products catch the most common errors in the software they are supposed to check. It brings rigor into software assurance, so that the public can be more confident that there are fewer dangerous weaknesses in the software they use."