Tag Archives: CWE

CWEs in NVD CVE feed: analysis and complaints

As you probably know, one of the ways to describe the nature of some software vulnerability is to provide corresponding CWE (Common Weakness Enumeration) ids. Let’s see the CWE links in NVD CVE base.

NVD CWEs

I have already wrote earlier how to deal with NVD feed using python in “Downloading and analyzing NVD CVE feed“. You can easily get CWEs ids iterating over cve_dict['CVE_Items'].

Continue reading

New National Vulnerability Database visualizations and feeds

Recently, the National Institute of Standards and Technology (NIST) introduced a new version of National Vulnerability Database (NVD) website.

NIST NVD new site

I will not say that I liked this redesign:

new NVD website

IMHO, old website with US flag was much prettier and useful:

old NVD website

But the very fact that the site is developing, I really like very much. Let’s see what’s new there.

Continue reading