ExecutiveGov

CISA Unveils Plan to Strengthen Common Vulnerabilities and Exposures Program

With this strategic vision, CISA is reaffirming our leadership role and seizing the opportunity to modernize the CVE Program, solidifying it as the cornerstone of global cybers ...
Nextgov

CISA wants more international involvement in cyber vulnerability catalog, official says

Nick Andersen, the agency’s assistant executive director for cybersecurity, says the CVE project would benefit from a "more ...
Nextgov

CISA officials commit to supporting top vulnerability cataloging program

Get the latest federal technology news delivered to your inbox. LAS VEGAS — Two Cybersecurity and Infrastructure Security Agency officials committed to supporting the MITRE-backed Common ...
DataBreachToday

CISA Unveiled a New Vision for the CVE Program. Can It Work?

The Cybersecurity and Infrastructure Security Agency is hoping a new vision for its Common Vulnerabilities Exposures program ...
Bleeping Computer

MITRE warns that funding for critical CVE program expires today

MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could ...
InfoWorld

Major companies team on vulnerability rating system

Leading IT companies including Cisco Systems, Microsoft , and Symantec are promoting a rating system that will standardize the measurement of the severity of software vulnerabilities. A plan for the ...
Threat Post

Firms Push for CVE-Like Cloud Bug System

Researchers propose fresh approaches to cloud-security bugs and mitigating exposure, impact and risk. Big gaps exist in the 22-year-old Common Vulnerability and Exposures (CVE) system that do not ...
Android Authority

A crucial system behind Android security updates just lost its funding (Update: Funding restored)

The US government has stopped funding the Common Vulnerabilities and Exposures (CVE) database, a standardized global system for identifying and tracking software vulnerabilities across platforms and ...
CSOonline

CVE program averts swift end after CISA executes 11-month contract extension

After DHS did not renew its funding contract for reasons unspecified, MITRE’s 25-year-old Common Vulnerabilities and Exposures (CVE) program was slated for an abrupt shutdown on April 16, which would ...
Krebs on Security

Funding Expires for Key Cyber Vulnerability Database

A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally ...
Computer Weekly

Amid uncertainty, Armis becomes newest CVE numbering authority

Mitre’s Common Vulnerabilities and Exposures (CVE) Program – which last week came close to shutting down altogether amid a wide-ranging shakeup of the United States government – has designated cyber ...
SC Media

Hot or not: The Forum of Incident Response and Security Teams (FIRST) unveils updated common vulnerability scoring system

The new scoring system promises to make it easier for security managers and the IT industry to better measure the real-world risks associated with software flaws. It wasn't too many years ago when ...