Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Database Hits 20,000 Software-Flaw Mark

Established just a little over a year ago, the National Institute of Standards and Technology's (NIST) National Vulnerability Database (NVD) now contains information on 20,000 computer system vulnerabilities, up from the original 12,000, and the Web site receives hits at a rate of 25 million per year.

For those trying to prevent computer system attacks, keeping up with the hundreds of new vulnerabilities discovered each month can be an overwhelming task, especially since a single flaw can be known by numerous names. The NVD provides standard vulnerability names, integrates all publicly available U.S. government resources on vulnerabilities, provides links to industry resources, and provides standardized vulnerability impact scores using the Common Vulnerability Scoring System. This makes it easier to learn about new vulnerabilities and how to remediate them.

NVD is updated daily and can be searched by a variety of vulnerability characteristics; including severity, vendor name, software name and version number.

At the request of the software industry, in September, 2006, NIST established a forum on the NVD Web site for software vendors to comment on vulnerabilities in their products.

NVD is sponsored by the Department of Homeland Security's US-CERT and is based upon Common Vulnerabilities and Exposures (CVE) work from the MITRE Corporation. For more information, go to

Released October 26, 2006, Updated February 6, 2023