Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status
NVD contains:

Last updated: 9/3/2014 12:46:13 AM

CVE Publication rate: 13.43

Email List

NVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index
Vulnerability Workload Index: 5.97
About Us
NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security's National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).

Common Configuration Enumeration (CCE)

This is the new home for the Common Configuration Enumeration (CCE) and will be updated to provide complete information regarding CCE.

An email discussion list is available for discussion about the development of CCE. (Subscribe) (Unsubscribe)


CCE Submissions, comments and questions can be sent to cce@nist.gov.
CCE Transition

We are working to transition the information currently located at the MITRE site to this location. In the meantime the existing MITRE site still serves as a source of information about CCE.

CCE List

The current release of CCE is 5.20130214 (CCE Version 5, updated on February 14, 2013). A ChangeLog (https) is available that details the changes since the last release, 5.20120521.

DOWNLOADS (XML format) DATE UPDATED
CCE v5 - All Platform Groups-COMBINED FILE (https) (11.5 MB) February 14, 2013
DOWNLOADS (MS Excel format) DATE UPDATED
CCE v5 - All Platform Groups-COMBINED FILE (https) (5398 KB) February 14, 2013
CCE v5 - AIX 5.3 (https) (226 KB) May 6, 2009
CCE v5 - Apache HTTP 1.3 (https) (47 KB) February 14, 2013
CCE v5 - Apache HTTP 2.0 (https) (97 KB) February 14, 2013
CCE v5 - Apache HTTP 2.2 (https) (123 KB) February 14, 2013
CCE v5 - Apache Tomcat 4 (https) (71 KB) February 14, 2013
CCE v5 - Apache Tomcat 5 (https) (48 KB) February 14, 2013
CCE v5 - Apache Tomcat 6 (https) (47 KB) February 14, 2013
CCE v5 - HP-UX 11.23 (https) (202 KB) May 6, 2009
CCE v5 - Internet Explorer 7 (https) (260 KB) March 14, 2012
CCE v5 - Internet Explorer 8 (https) (906 KB) September 26, 2010
CCE v5 - IIS 5 (https) (53 KB) February 14, 2013
CCE v5 - IIS 6 (https) (80 KB) February 14, 2013
CCE v5 - Microsoft Exchange 2007 (https) (241 KB) March 14, 2012
CCE v5 - Microsoft Exchange 2010 (https) (245 KB) March 14, 2012
CCE v5 - Microsoft Office 2007 (https) (519 KB) February 14, 2013
CCE v5 - Microsoft Office 2010 (https) (986 KB) February 14, 2013
CCE v5 - MS SQL 2000 (https) (48 KB) February 14, 2013
CCE v5 - MS SQL 2005 (https) (82 KB) February 14, 2013
CCE v5 - Polycom HDX 3.X (https) (260 KB) May 21, 2012
CCE v5 - Red Hat Enterprise Linux 4 (https) (213 KB) May 6, 2009
CCE v5 - Red Hat Enterprise Linux 5 (https) (261 KB) October 7, 2011
CCE v5 - Sun Solaris 8 (https) (219 KB) May 6, 2009
CCE v5 - Sun Solaris 9 (https) (231 KB) May 6, 2009
CCE v5 - Sun Solaris 10 (https) (211 KB) April 28, 2010
CCE v5 - Oracle WebLogic Server 11g (https) (184 KB) October 7, 2011
CCE v5 - Windows Vista (https) (354 KB) March 14, 2012
CCE v5 - Windows 2000 (https) (352 KB) April 28, 2010
CCE v5 - Windows Server 2003 (https) (342 KB) April 28, 2010
CCE v5 - Windows Server 2008 (https) (269 KB) March 14, 2012
CCE v5 - Windows Server 2008 R2 (https) (505 KB) March 14, 2012
CCE v5 - Windows 7 (https) (537 KB) May 21, 2012
CCE v5 - Windows XP (https) (525 KB) March 14, 2012