如何订阅CVE
CVE:Common Vulnerabilities and Exposures
CVE Entries are used in numerous cybersecurity products and services from around the world,including the U.S. National Vulnerability Database (NVD).
NVD为CVE提供了多种订阅机制,包括:
1、JSON Vulnerability Feeds – These JSON feeds are intended to supplant the XML feeds.
2、XML Vulnerability Feeds – Security related software flaws contained within XML documents. Each vulnerability in the file includes a description and associated reference 3、links from the CVE® dictionary feed, as well as a CVSS base score, vulnerable product configuration, and weakness categorization
4、RSS Vulnerability Feeds – An eight day window of security related software flaws.
5、Vulnerability Translation Feeds – Translations of vulnerability feeds.
6、Vulnerability Vendor Comments – Comments provided by vendors regarding a particular flaw affecting within a product.
7、CPE Dictionary – dictionary containing a list of products.
8、Common Configuration Enumeration (CCE) Reference Data – Reference data for common configuration items.
9、National Checklist Program (NCP) Checklists – A list of all of the checklists categorized by the NCP.
关于RSS订阅,NVD提供了两个源:
第一个源内容是最近八天的最新的漏洞信息。地址是:https://nvd.nist.gov/feeds/xml/cve/misc/nvd-rss.xml
第二个源内容是最近八天分析过的漏洞信息,并提供具体的产品信。地址是:https://nvd.nist.gov/feeds/xml/cve/misc/nvd-rss-analyzed.xml