The U.S. Government repository of standards-based vulnerability management data, enabling automation of vulnerability management, security measurement, and compliance (e.g., FISMA).
Sources:
CNSSI 4009-2015
under National Vulnerability Database
from
NVD
The U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data informs automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics.
Sources:
NISTIR 7511 Rev. 4
under National Vulnerability Database
NISTIR 8011 Vol. 4
under National Vulnerability Database
from
NISTIR 7511 Rev. 4