It is our hope that the software industry will actively participate in this open forum and that the Official Vendor Comments will be propagated throughout the 300+ products and services that …

Incident Response Assistance and Non-NVD Related Technical Cyber Security Questions: US-CERT Security Operations Center Email: [email protected] Phone: 1-888-282-0870

May 29, 2025 · The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This …

This description includes the type of vulnerability (e.g., a buffer overflow, NULL pointer dereference, or cross-site request forgery), the product’s vendor, and the affected code base (s).

Search Common Platform Enumerations (CPE) This search engine can perform a keyword search, or a CPE Name search. The keyword search will perform searching across all …

Unlike a CPE Name, match strings and match string ranges do not require a value in the part, vendor, product, or version components. The URL stem for retrieving match criteria …

NVD provides a service whereby software development organizations can submit "Official Vendor Comments" on the set of CVE vulnerabilities that apply to their products.

Search Please make use of the interactive search interfaces to find information in the database!

Product Identification A fundamental part of the CVE analysis process is to uniquely identify the vulnerable products affected by any given vulnerability. This effort allows consumers of our …

NVD Visualizations This section of the NVD is designed to give users of the NVD data different ways to look at the data and provide an overview to the data and hopefully spark some interest …