News and Events

December 22, 1999

• The Editorial Board had a teleconference meeting on December 15. They discussed how to introduce the candidate concept to the public. Candidates are "placeholder" numbers for security problems that are used until a CVE name is assigned by the Editorial Board.

December 15, 1999

• Alliance Qualité Logiciel (AQL) announces that their Vigil@nce AQL on-line vulnerability database (French) is both CVE-searchable and provides CVE-output.

December 8, 1999

• Hiverworld has declared that they intend to integrate CVE into their Risk Management/Vulnerability Assessment tool and their Vulnerability Database.
• Internet Security Systems, Inc. has announced the availability of Internet Scanner version 6.0.1 which allows users to select probes based on CVE names.

November 29, 1999

• The CERIAS/Purdue University vulnerability database now allows users to search by CVE name and includes CVE names in its descriptions.
• Internet Security Systems, Inc. announces that their X-Force database now contains references to CVE numbers.

November 18, 1999

• SANS Institute is hosting a web based audio presentation that discusses CVE. This audio presentation is hosted by Steve Northcutt and features MITRE's Steve Christey and Dave Mann who discuss what CVE is and how you can become involved. This audio presentation is available for free download at www.sans.org/sansgate .
• Network Security Wizards has announced that their Dragon IDS will contain CVE names. For more information on Network Security Wizards' declaration and information on other tools and databases that incorporate CVE names, please click here .

November 10, 1999

• Tom Stracener of Hiverworld and Ken Armstrong of CanCERT have become members of the Editorial Board .
• Click here to find out what others are saying about CVE.
• The Board had a teleconference meeting on November 4. They discussed high level goals for CVE, CVE compatibility, CVE candidate issues, and Board membership, roles, and responsibilities.

October 28, 1999

• Security Focus' vulnerability database now allows users to search by CVE name and includes CVE names in its descriptions.
• A number of organizations have declared their intentions to make their tools or databases CVE-compatible.
• Two new members have joined the Editorial Board : Eric Cole (VistaIT), and David Balenson (NAI).
• CVE was presented at the NISSC Conference in Washington, DC on October 19 and 20.
• CVE was presented at the SANS NS'99 conference in New Orleans, Louisiana, USA on October 12 and 13.