NVD V2.2

http://nvd.nist.gov/

National Vulnerability Database Version 2.2

NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics.

Federal Desktop Core Configuration settings (FDCC)

NVD contains content (and pointers to tools) for performing configuration checking of systems implementing the FDCC using the Security Content Automation Protocol (SCAP).
FDCC Checklists are available here (to be used with SCAP FDCC capable tools).
SCAP FDCC Capable Tools are available here.

NVD Primary Resources

• Vulnerability Search Engine (CVE software flaws and CCE misconfigurations)
• National Checklist Program (automatable security configuration guidance in XCCDF and OVAL)
• SCAP (program and protocol that NVD supports)
• SCAP Compatible Tools
• SCAP Data Feeds (CVE, CCE, CPE, CVSS, XCCDF, OVAL)
• Product Dictionary (CPE)
• Impact Metrics (CVSS)
• Common Weakness Enumeration (CWE)

NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).

NVD contains:

59443

CVE Vulnerabilities

227

Checklists

248

US-CERT Alerts

2783

US-CERT Vuln Notes

10285

OVAL Queries

81860

CPE Names