National Vulnerability Database

National Vulnerability Database is a comprehensive cyber security vulnerability database that integrates all publicly available U.S. Government vulnerability resources and provides references to industry resources.

  • USERS POPULATE THE VULNERABILITY DATABASE
    A database of computer vulnerabilities created by the National Institute of Standards and Technology (NIST) has proven extremely popular, both for reporting new problems and for researching existing ones. Since its debut one year ago, the National Vulnerability Database receives hits at the rate of 25 million per year and has grown from 12,000 vulnerabilities to 20,000, with new ones being reported regularly. According to Peter Mell, senior computer scientist at NIST, who created the database, “I think 20,000 is just the tip of the iceberg.” The database categorizes vulnerabilities by product and version number, directing users to resources to fix the problems. The database uses the Common Vulnerability Scoring System to rate the severity of each vulnerability recorded. Alan Paller, director of research at the SANS Institute, noted that a significant portion of the most recently reported problems affect Web-based applications. Federal Computer Week, 31 October 2006" – source Educause Edupage Listserv