Vulnerabilities Checklists Product Dictionary Impact Metrics Data Feeds Statistics
Home ISAP/SCAP SCAP Validated Tools SCAP Events About Contact Vendor Comments
Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status

NVD contains:

33023 CVE Vulnerabilities
130Checklists
151 US-CERT Alerts
2270 US-CERT Vuln Notes
2097OVAL Queries

Last updated:  10/07/08

CVE Publication rate:

15 vulnerabilities / day
Email List

NVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index
Vulnerability Workload Index: 9.46
About Us

NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security’s National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).

Archival NVD Data Feeds

This page contains archival NVD data feeds. The feeds on this page were created with the legacy product naming convention. CPE 2.1 replaced this naming convention on 09/05/2008. The current data feeds can be found at http://nvd.nist.gov/download.cfm

Archival NVD/CVE XML Data Files:
nvdcve-archive-modified.xml 0.3MB, Updated:9/5/08 at 14:04
nvdcve-archive-recent.xml 0.2MB, Updated:9/5/08 at 14:04
nvdcve-archive-2002.xml 8.6MB, Updated:9/5/08 at 10:59
nvdcve-archive-2003.xml 2.3MB, Updated:9/5/08 at 10:59
nvdcve-archive-2004.xml 4.7MB, Updated:9/5/08 at 10:59
nvdcve-archive-2005.xml 7.5MB, Updated:9/5/08 at 10:59
nvdcve-archive-2006.xml 12.2MB, Updated:9/5/08 at 10:59
nvdcve-archive-2007.xml 10.3MB, Updated:9/5/08 at 10:59
nvdcve-archive-2008.xml 5.2MB, Updated:9/5/08 at 10:59
nvd-rss-archive.xml (provides all CVE vulnerabilities)
nvd-rss-analyzed-archive.xml (provides all fully analyzed CVE vulnerabilities)

nvdcve-modified.xml includes all recently published and recently updated vulnerabilities
nvdcve-recent.xml includes all recently published vulnerabilities
nvdcve-2002.xml includes vulnerabilities prior to and including 2002.

Disclaimer Notice & Privacy Statement / Security Notice

Send comments or suggestions to nvd@nist.gov

NIST Computer Security Resource Center (CSRC)

NIST is an Agency of the U.S. Commerce Department

Full vulnerability listing