Data Publication

National Vulnerability Database

Robert Byers, Chris Turner, Tanya Brewer
Contact: Tanya Brewer..
Identifier: doi:10.18434/M3436
Version: 1.0... First Released: 1991-12-31 Revised: 2021-10-15


Security automation reference data is currently housed within the National Vulnerability Database (NVD). The NVD is the U.S. Government repository of security automation data based on security automation specifications. This data provides a standards-based foundation for the automation of software asset, vulnerability, and security configuration management; security measurement; and compliance activities. This data supports security automation efforts based on the Security Content Automation Protocols (SCAP). The NVD includes databases of security configuration checklists for the NCP, listings of publicly known software flaws, product names, and impact metrics. A formal validation program tests the ability of vendor products to use some forms of security automation data based on a product's conformance in support of specific enterprise capabilities.
Research Topics: Information Technology: Cybersecurity, Information Technology    
Subject Keywords: CVE, CVSS, SCAP, 800-53, Vulnerability, NVD, Checklists    

Data Access

These data are public.
Data and related material can be found at the following locations:

About This Dataset

Version: 1.0... First Released: 1991-12-31 Revised: 2021-10-15
Cite this dataset
Byers, Robert, Turner, Chris, Brewer, Tanya (2022), National Vulnerability Database, National Institute of Standards and Technology, (Accessed 2022-12-03)
Repository Metadata
Machine-readable descriptions of this dataset are available in the following formats:
Access Metrics
Metrics data is not available for all datasets, including this one. This may be because the data is served via servers external to this repository.