Mission and Overview
NVD is the U.S. government repository of standards based
vulnerability management data. This data enables automation of vulnerability management,
security measurement, and compliance (e.g. FISMA).
Resource Status
NVD contains:
53868 | CVE Vulnerabilities |
202 | Checklists |
222 |
US-CERT Alerts |
2661 |
US-CERT Vuln Notes |
8140 | OVAL Queries |
Last updated: 11/15/12
CVE Publication rate:
11
vulnerabilities / day
Email List
NVD provides five mailing lists to the public. For information and subscription instructions please visit
NVD Mailing Lists
Workload Index
Vulnerability Workload Index:
5.17
About Us
NVD is a product of the NIST Computer Security Division
and is sponsored by the Department of Homeland Security’s
National Cyber Security Division. It supports the U.S. government
multi-agency (OSD, DHS,
NSA, DISA,
and NIST) Information Security Automation Program. It is the U.S. government content
repository for the Security Content Automation Protocol (SCAP).
Official Common Platform Enumeration (CPE) Dictionary
CPE is a structured naming scheme for
information technology systems, software, and packages. Based upon the
generic syntax for Uniform Resource Identifiers (URI), CPE includes a
formal name format, a method for checking names against a system, and a
description format for binding text and tests to a name.
Below is the current official version of the CPE Product Dictionary. The dictionary provides an agreed upon list of official CPE
names. The dictionary is provided in XML format and is available to the general public. Please check back frequently as the CPE
Product Dictionary will continue to grow to include all past, present and future product releases. The CPE Dictionary is updated nightly when modifications or new names are added. Archived CPE dictionaries are available at
static.nvd.nist.gov/feeds/xml/cpe/dictionary/.
As of December 2009, The National Vulnerability Database is now accepting contributions to the Official CPE Dictionary. Organizations interested in submitting
CPE Names should contact the NVD CPE team at cpe_dictionary@nist.gov for help with the processing of their submission.
The CPE Dictionary hosted and maintained at NIST may be used by nongovernmental organizations on a voluntary basis and is not
subject to copyright in the United States. Attribution would, however, be appreciated by NIST.
CPE Dictionary:
- official-cpe-dictionary_v2.2.xml - 15.4MB, Updated: 11/15/12 at 00:27
- CPE Dictionary Search
- CPE Dictionary Growth Statistics
CPE Standards Information - Provided by MITRE:
- General information on CPE
- The CPE Specification, providing the name format and description
- The CPE 2.2 XML Schema
NIST Dictionary CPE Repository Metadata
- The NIST CPE Metadata 0.2 XML Schema