NVD Banner
Vulnerabilities Checklists 800-53/800-53A Product Dictionary Impact Metrics Data Feeds Statistics
Home SCAP SCAP Validated Tools SCAP Events About Contact Vendor Comments
Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status

NVD contains:

55079 CVE Vulnerabilities
202Checklists
231 US-CERT Alerts
2690 US-CERT Vuln Notes
8140OVAL Queries

Last updated:  02/14/13

CVE Publication rate:

18 vulnerabilities / day
Email List

NVD provides five mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index
Vulnerability Workload Index: 8.29
About Us

NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security’s National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).

Report a Vulnerability

Report an Incident

RSS Feed

Checklists

CVE

CCE

CPE

CVSS

XCCDF

OVAL

Common Configuration Enumeration (CCE) Reference Data.

CCE™ provides unique identifiers to system configuration issues in order to facilitate fast and accurate correlation of configuration data across multiple information sources and tools. For example, CCE Identifiers can be used to associate checks in configuration assessment tools with statements in configuration best-practice


The catalog of security controls from NIST SP 800-53 may be found here.
Beta CCE to 800-53 Mappings:

CCE Standards Information - Provided by MITRE:
  1. General information on CCE.
  2. CCE List