|
|
CVE List Search Tips
Advanced Search
Searching of CVE is available on the U.S. National Vulnerability Database (NVD) where you may Search CVE by individual CVE Identifier (CVE ID) number; by operating system; by vendor name, product name, and/or version number; and by vulnerability type, severity, related exploit range, and impact.
NVD also provides fix information for CVE IDs and Security Content Automation Protocol (SCAP) Mappings for CVE IDs.
Basic Search
Searching or viewing the Master Copy of the CVE List hosted on the CVE Web site provides you with an individual CVE Identifier and/or a list of all CVE Identifiers.
Search by CVE Identifier
If you know the CVE Identifier number for a problem, search by the number to find its description.
Search by keyword
Use a keyword to search the CVE List to find the official CVE entry for a known vulnerability.
Use specific keywords
You must use very specific keywords, such as an application name, when searching CVE. For example: Sendmail, wu-ftp, ToolTalk, ps, etc.
Do not use overly general keywords
CVE is not designed like a vulnerability database, so searches for general terms like "Unix" or "buffer overflow" could give you incomplete or inaccurate results.
Search by multiple keywords
You can search by multiple keywords if the multiple keywords are separated by a space. Your results will include CVE entries that match all specified keywords. Remember to use very specific keywords and to avoid overly general keywords.
Do not search CVE by operating system
The CVE search was designed to help identify specific vulnerabilities and exposures, and not to find sets of problems that share common attributes such as operating systems. Therefore, you should not search CVE by operating system because your results will be incomplete.
Determining which entry is the one you want
Occasionally, you may get back two or more entries when performing a search for a given security problem. When this occurs it is because not enough details about the problem were originally provided, because the description includes unique details that you may not be familiar with, or because of an error in the description itself. While the description for a CVE Identifier should be able to uniquely identify a vulnerability or exposure, the descriptions are intentionally brief and in some instances you may need to rely on the accompanying references to make a determination. In addition to referring to the references, you could also search through CVE-compatible sites by specifying the CVE Identifiers that you are uncertain about.
Don’t expect fix information, impact, classification, or other technical details
Such information can already be found in numerous vulnerability databases and security tool databases. CVE doesn’t have this information because CVE is intended to link these databases, not to replace them.
For additional information, refer to the FAQs and the About CVE Identifiers section of this Web site.
How to Read a CVE Entry
What is a CVE Identifier?
CVE Identifiers (also referred to by the community as "CVE IDs," "CVE numbers," "CVE entries" "CVE names," "CVE entries," and "CVEs") are unique, common identifiers for publicly known cyber security vulnerabilities.
Each CVE Identifier includes the following:
- CVE Identifier number (i.e., "CVE-1999-0067", "CVE-2014-12345", "CVE-2014-7654321").
- Brief description of the security vulnerability or exposure.
- Any pertinent references (i.e., vulnerability reports and advisories or OVAL-ID).
See About CVE Identifiers for more information.
