CVE - Common Vulnerabilities and Exposures (CVE)

About CVE

Terminology
Documents
FAQs
CVE List

About CVE Identifiers
Search CVE
Search NVD
Updates & RSS Feeds
Request a CVE-ID
CVE In Use

CVE-Compatible Products
NVD for CVE Fix Information
CVE Numbering Authorities
News & Events

Calendar
Free Newsletter
Community

CVE Editorial Board
Sponsor
Contact Us

Search the Site

Latest News

Call for Public Feedback on Upcoming CVE ID Syntax Change

MITRE Announces Initial "Making Security Measurable" Calendar of Events for 2013

2 Products from Huawei Technologies Now Registered as Officially "CVE-Compatible"

Opzoon Technology Makes 3 Declarations of CVE Compatibility

Mozilla and Symantec Added as CVE Numbering Authorities (CNAs)

More News »

Upcoming Events
CVE/Making Security Measurable booth at RSA Conference 2013, February 25 - March 1
More Events »

CVE® International in scope and free for public use, CVE is a dictionary of publicly known information security vulnerabilities and exposures.

CVE’s common identifiers enable data exchange between security products and provide a baseline index point for evaluating coverage of tools and services.

Widespread Use of CVE
Vulnerability Management Patch Management Vulnerability Alerting Intrusion Detection Security Content Automation Protocol (SCAP)	NVD (National Vulnerability Database) US-CERT Bulletins CVE Numbering Authorities (CNAs) Recommendation ITU-T X.1520 Common Vulnerabilities and Exposures (CVE), ITU-T CYBEX Series

Related Efforts
Vulnerability Scoring System (CVSS) Assessment Language (OVAL) Software Weakness Types (CWE)	Making Security Measurable

Focus On

Requesting CVE Identifier Numbers

There are two primary ways to obtain a CVE Identifier (also called "CVE-IDs," "CVE numbers," "CVE names," and "CVEs") before publicizing a new vulnerability:

Contact one of the official CVE Numbering Authorities (CNAs), which will then include a CVE-ID number in its initial public announcement about your new vulnerability.
Contact the CVE project to Request a CVE-ID and we will provide you with our "CVE Identifier Reservation Guidelines for Researchers" and work with you to assign a CVE-ID number while you work through the process of publicly disclosing the vulnerability.

Please review the Researcher Responsibilities.

Page Last Updated: January 24, 2013