New on the CVE Blog: “New CVE Record Format Enables Additional Data Fields at Time of Disclosure” https://lnkd.in/eZTxXiv6 #CVE #VulnerabilityManagement #Vulnerability #InformationSecurity #Cybersecurity
CVE Program
Computer and Network Security
The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
About us
The mission of the CVE Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.
- Website
-
https://www.cve.org
External link for CVE Program
- Industry
- Computer and Network Security
- Company size
- 11-50 employees
- Type
- Nonprofit
- Founded
- 1999
Employees at CVE Program
Updates
-
New versions of the #CVE Record Format (v5.1.0) & CVE Services (v2.3.0) are coming on May 8 Now supported: - #CVSS v4.0 (with v2, v3, v3.1 still supported) - Single product IDs (not just ranges) - Other product IDs (UPC, GTIN, GMN, Package URLs, SKUs) - Bug fixes For more information on these features, bugs, and additional compatibility considerations, please visit the CVE Record Format release notes at https:// bit.ly/3UHc4Zu
-
533 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of April 22, 2024 https://lnkd.in/ebzaQjBd #CVE #CVEID #CVSS #CWE #Vulnerability #VulnerabilityManagement #HSSEDI #CISA
-
New on the CVE Blog: “Support for Legacy CVE Download Formats to End on June 30, 2024” The final two once-per-month updates to the legacy formats will occur in May & June 2024 https://lnkd.in/e-wthcyA #CVE #VulnerabilityManagement #Vulnerability #InformationSecurity #Cybersecurity
-
CVE Program reposted this
An exciting update from the CVE program! Now that CNAs have the ability to directly supplement CVE record information, I’m hopeful we’ll see improvements in security scanning reports which will in turn help customers to focus on remediating the CVEs that are actually most important to your environment.
New on the CVE Blog: “New CVE Record Format Enables Additional Data Fields at Time of Disclosure” https://lnkd.in/eZTxXiv6 #CVE #VulnerabilityManagement #Vulnerability #InformationSecurity #Cybersecurity
-
Edgewatch Security Intelligence is now a CVE Numbering Authority (CNA) assigning CVE IDs for vulnerabilities in 3rd-party software discovered by Edgewatch that are not in another CNA’s scope https://lnkd.in/eaQMDCrW #CVE #CNA #VulnerabilityManagement #Vulnerability #Cybersecurity
-
Jamf is now a CVE Numbering Authority (CNA) assigning CVE IDs for Jamf issues and Jamf Open Source https://lnkd.in/eYrBZ3vT #CVE #CNA #VulnerabilityManagement #Vulnerability #OpenSource #Cybersecurity
-
1,063 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of April 15, 2024 https://lnkd.in/eAiXnvqj #CVE #CVEID #CVSS #CWE #Vulnerability #VulnerabilityManagement #HSSEDI #CISA
Vulnerability Summary for the Week of April 15, 2024 | CISA
cisa.gov
-
REMINDER: Legacy #CVE Download Formats now only updated once per month until support ends on 6/30/2024. Product teams & others need to update tools & processes to the new download format prior to the legacy format files no longer being updated. https://bit.ly/4bedoc1
-
Dremio is now a CVE Numbering Authority (CNA) assigning CVE IDs for all Dremio products https://lnkd.in/eQMZi7in #CVE #CNA #VulnerabilityManagement #Vulnerability #OpenSource #Cybersecurity