A penetration tester is conducting passive reconnaissance to gather information about the security posture of a company. Which source would provide the most comprehensive list of known vulnerabilities associated with the company's publicly acknowledged software?
Common weakness enumeration (CWE) listings
Job listings revealing the technology stack
Strategic search engine analysis of the company
Common vulnerabilities and exposures (CVE) listings