CVE security vulnerability database. Security vulnerabilities ...

CVEdetails.com is a free CVE security vulnerability database/information source. You can view CVE vulnerability details, exploits, references, ... (e.g.:CVE-2009-1234or2010-1234or20101234) LogIn   Register   TakeathirdpartyriskmanagementcourseforFREE VulnerabilityFeeds&WidgetsNew   www.itsecdb.com   Switchtohttps:// Home Browse: Vendors Products VulnerabilitiesByDate VulnerabilitiesByType Reports: CVSSScoreReport CVSSScoreDistribution Search: VendorSearch ProductSearch VersionSearch VulnerabilitySearch ByMicrosoftReferences Top50: Vendors VendorCvssScores Products ProductCvssScores Versions Other: MicrosoftBulletins BugtraqEntries CWEDefinitions About&Contact Feedback CVEHelp FAQ Articles ExternalLinks: NVDWebsite CWEWebSite ViewCVE: (e.g.:CVE-2009-1234or2010-1234or20101234) ViewBID: (e.g.:12345) SearchByMicrosoftReferenceID: (e.g.:ms10-001or979352) CurrentCVSSScoreDistributionForAllVulnerabilities DistributionofallvulnerabilitiesbyCVSSScores CVSSScore NumberOfVulnerabilities Percentage 0-1 948 0.50 1-2 1189 0.70 2-3 8173 4.60 3-4 9086 5.10 4-5 42142 23.70 5-6 33565 18.90 6-7 26459 14.90 7-8 35437 19.90 8-9 878 0.50 9-10 19771 11.10 Total 177648 WeightedAverageCVSSScore:6.5 VulnerabilityDistributionByCVSSScores 948 1189 8173 9086 42142 33565 26459 35437 878 19771   CVSSScoreRanges 0-11-22-33-44-55-66-77-88-99-10 LookingforOVAL(OpenVulnerabilityandAssessmentLanguage)definitions? http://www.itsecdb.comallowsyoutoview exactdetailsofOVAL(OpenVulnerabilityandAssessmentLanguage)definitionsandseeexactlywhat youshoulddotoverifyavulnerability.Itisfullyintegratedwithcvedetailssoyouwillbeableto seeOVALdefinitionsrelatedtoaproductoraCVEentry. SampleCVEentrywithOVALdefinitions:CVE-2007-0994 www.cvedetails.com providesaneasytousewebinterfacetoCVEvulnerabilitydata. Youcanbrowseforvendors,productsandversionsandviewcveentries,vulnerabilities,relatedtothem. Youcanviewstatisticsaboutvendors,productsandversionsofproducts. CVEdetailsaredisplayedinasingle,easytousepage,seeasample here. CVEvulnerabilitydataaretakenfromNationalVulnerabilityDatabase(NVD)xmlfeedsprovidedbyNationalInstitueof StandardsandTechnology. Additionaldatafromseveralsourceslikeexploitsfromwww.exploit-db.com, vendorstatementsandadditionalvendorsupplieddata, MetasploitmodulesarealsopublishedinadditiontoNVDCVEdata. Vulnerabilitiesareclassifiedbycvedetails.comusingkeywordmatchingand cwenumbersifpossible,buttheyaremostlybasedonkeywords. UnlessotherwisestatedCVSSscoreslistedonthissiteare"CVSSBaseScores"providedinNVDfeeds. VulnerabilitydataareupdateddailyusingNVDfeeds.Pleasevisitnvd.nist.govformoredetails. Pleasecontactadminatcvedetails.comoruseour feedbackforum ifyouhaveanyquestions,suggestionsorfeaturerequests. Howdoesitwork?Knownlimitations&technicaldetails   Useragreement,disclaimerandprivacystatement   About&Contact   Feedback CVEisaregistredtrademarkoftheMITRECorporationandtheauthoritativesourceofCVEcontentis MITRE'sCVEwebsite. CWEisaregistredtrademarkoftheMITRECorporationandtheauthoritativesourceofCWEcontentis MITRE'sCWEwebsite. OVALisaregisteredtrademarkofTheMITRECorporationandtheauthoritativesourceofOVALcontentis MITRE'sOVALwebsite. UseofthisinformationconstitutesacceptanceforuseinanASIScondition. ThereareNOwarranties,impliedorotherwise,withregardtothisinformationoritsuse. Anyuseofthisinformationisattheuser'srisk. Itistheresponsibilityofusertoevaluatetheaccuracy,completenessorusefulnessofanyinformation,opinion,adviceorothercontent. EACHUSERWILLBESOLELYRESPONSIBLEFORANYconsequencesofhisorherdirectorindirectuseofthiswebsite. ALLWARRANTIESOFANYKINDAREEXPRESSLYDISCLAIMED.ThissitewillNOTBELIABLEFORANYDIRECT, INDIRECToranyotherkindofloss.