CVE (Common Vulnerabilities and Exposures) is a format to describe publicly known information security vulnerabilities and exposures. Using this format, new CVE IDs will be created, assigned, and referenced in content on an as-needed basis without a version change.

SCAP 1.0 and 1.2 policies are compliant with CVE. Tell me moreTell me more



Official CVE List:

NVD CVE-based Vulnerabilities:

See Statement of CVE Implementation