|
NVD contains:
32678 | CVE Vulnerabilities |
161 | Checklists |
151 | US-CERT Alerts |
2257 | US-CERT Vuln Notes |
2097 | OVAL Queries |
Last updated: 09/15/08
CVE Publication rate:
11 vulnerabilities / dayNVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists
NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security’s National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).
The interactive schema defines a conceptual framework for representing questions designed as an XCCDF checking system.
An XCCDF document contains a series of checks; each check represents a question that is responsible for determining information relating to the state of a target system. In an XCCDF document, the majority of checks are automated to allow SCAP scanners to consume the checks and resolve the answers with no human interaction. However, there are some checks where automation is not possible due to the need for human input. For example, a computer cannot answer a check designed to verify that a department’s security logs are up to date. A human responsible for the department’s security logs must answer this question.
The interactive schema provides the conceptual framework for representing non-automatable questions. The following list defines the features supported by the schema:
The Interactive Schema Interpreter demonstrates how an interactive schema document can be evaluated.
Disclaimer Notice & Privacy Statement / Security Notice
Send comments or suggestions to nvd@nist.gov
NIST Computer Security Resource Center (CSRC)
NIST is an Agency of the U.S. Commerce Department
Full vulnerability listing