Looking for OVAL (Open Vulnerability and Assessment Language) definitions?
http://www.itsecdb.com allows you to view
exact details of OVAL(Open Vulnerability and Assessment Language) definitions and see exactly what
you should do to verify a vulnerability. It is fully integrated with cvedetails so you will be able to
see OVAL definitions related to a product or a CVE entry.
Sample CVE entry with OVAL definitions :
CVE-2007-0994
www.cvedetails.com
provides an easy to use web interface to CVE vulnerability data.
You can browse for vendors, products and versions and view cve entries, vulnerabilities, related to them.
You can view statistics about vendors, products and versions of products.
CVE details are displayed in a single, easy to use page, see a sample
here.
CVE vulnerability data are taken from National Vulnerability Database (NVD) xml feeds provided by National Institue of
Standards and Technology.
Additional data from several sources like exploits from www.exploit-db.com,
vendor statements and additional vendor supplied data,
Metasploit modules are also published in addition to NVD CVE data.
Vulnerabilities are classified by cvedetails.com using keyword matching and
cwe numbers if possible, but they are mostly based on keywords.
Unless otherwise stated CVSS scores listed on this site are "CVSS Base Scores" provided in NVD feeds.
Vulnerability data are updated daily using NVD feeds.Please visit nvd.nist.gov for more details.
Please contact support.securityscorecard.com.
if you have any questions, suggestions or feature requests.