CVE

📌 Article pinned by VulDB Support Team

CVE stands for Common Vulnerabilities and Exposures which is a program lead my MITRE. The goal of CVE is to provide standardized references for disclosed security vulnerabilities.

The CVE program consists of multiple CNAs (CVE Numbering Authorities) which are allowed to reserve and publish CVE entries. There are many vendor CNAs responsible to handle the vulnerabilities in their products. Activities must happen in accordance with the CNA rules which define actions like reservation, publication, disputes, and revokes. VulDB is a researcher CNA, one of the most active CNAs in general and responsible for a large portion of high-quality disclosures of official CVE entries.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Updated by VulDB Documentation Team