Nist NVD

National Vulnerability Database.

Vulnerability Management · Nist NVD

Configuration parameters

  • url — Nist NVD CVES URL
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings

Commands (6)

  • nvd-get-vulnerability

    You can get latest vulnerabilities with given time from National Vulnerability Database.

  • nvd-search-cpe

    NVD analysts identify which product or products are affected by each vulnerability. The set of associated products is known as the applicability statement of the CVE. NVD uses the Common Platform Enumeration (CPE), version 2.3, to convey product vendors, names, versions, etc. For more information, see https://cpe.mitre.org/.

  • nvd-search-cve

    Search specific CVE.

  • nvd-search-cvss

    CVSS refers to the scoring system used by NIST to assess the severity of vulnerabilities, https://www.first.org/cvss/. NVD provides base scores using the CVSS version 2 and, more recently, version 3.x.

  • nvd-search-cwe

    CWE refers to the classification of vulnerabilities at https://cwe.mitre.org/. NIST staff associate one or more CWE to each vulnerability during the analysis process. In the following example, CWE-20 means vulnerabilities caused by Improper Input Validation. To filter search results based on CWE, use the cweId parameter. Example: cweId=CWE-20.

  • nvd-search-keyword

    The keyword parameter allows your application to retrieve records where a word or phrase is found in the vulnerability description or reference links.