The NVD is a product of the NIST Information Technology Laboratory’s (ITL) Computer Security Division (CSD) and is sponsored by the Department of Homeland Security's (DHS) U.S. Computer Emergency Readiness Team (US-CERT) to provide timely vulnerability management information.
The NVD provides a searchable interface and data feeds to help inform the public about the nature and severity of the hundreds of new vulnerabilities and variants discovered every month. IT administrators can use the NVD to prioritize the vulnerabilities to address in order to protect important systems.
The NVD data feed information is used by both public and private sector consumers.
For example, US-CERT’s weekly bulletins are generated directly from the NVD data feeds; Payment Card Industry Security Standards Council Data Security Standards (PCI SSC DSS) compliant systems must remediate vulnerabilities above a particular threshold; and some vulnerability management product vendors use NVD information as a starting reference source for their scanners and feeds.
You can search through the CVE and CCE Vulnerability Database at the following URL:
http://web.nvd.nist.gov/view/vuln/search
As of the publication of this article (Wed Dec 18 08:39:38 EST 2013) the NVD DB contains:
- CVE Vulnerabilities: 59549
Checklists: 227
US-CERT Alerts: 248 - US-CERT Vuln Notes: 2785
- OVAL Queries: 10286
- CPE Names: 82315
- CVE Vulnerabilities: 59549
