U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. GeneralVisualizations

Vulnerability Visualizations

The NVD hosts four visualizations for data found from vulnerabilities.

Description Summary Word

Description Summary Word Similar to the word cloud on the main visualization page, the visualization below was generated by calculating the frequency of words (common words such as "the" and "a" were excluded) that were part of the vulnerability summary description.

CVSS Severity Distribution Over Time

CVSS Severity Distribution Over Time This visualization is a simple graph which shows the distribution of vulnerabilities by severity over time. The choice of LOW, MEDIUM and HIGH is based upon the CVSS V2 Base score.

CWE Over Time

There are two visualizations for the monitoring of vulnerability categories over time:

Relative Vulnerability Type Totals By Year

Relative Vulnerability Type Totals By Year

The vulnerabilties in the NVD are assigned a CWE based on a  slice of the total CWE Dictionary. The visualization below shows a stacked bar graph of the total number of vulnerabilities assigned a CWE for each year. It is possible (although not common) that a vulnerability has multiple CWEs assigned.

Vulnerability Type Change by Year

Vulnerability Type Change by Year

This visualization is a slightly different view that emphasizes how the assignment of CWEs has changed from year to year.