The National Institute of Standards and Technology (NIST) has launched a new site designed to ease the process of keeping up with the latest vulnerability information.
The National Vulnerability Database (NVD) was developed by NIST’s Computer Security Division, and is sponsored in part by the U.S. Department of Homeland Security’s National Cyber Security Division. According to NIST, it currently contains information on almost 12,000 vulnerabilities. NIST says that approximately 300 new vulnerabilities are reported each month.
The NVD draws its data from all publicly available U.S. government resources, organized using the Common Vulnerabilities and Exposures (CVE) (define) dictionary.
In addition to providing constantly updated information, NIST provides several means to access its data via a product integration page on the NVD site. Several XML files covering vulnerabilities are available, as are a schema and DTD (define). An RSS feed (define) of the most recent vulnerabilities is available, as is sample HTML for integration of a search form.