Wed, 01 Nov 2023 17:00:00 +0000
In June 2023, attendees at the 35th Annual FIRST Conference, in Montréal, Canada got a first-look preview of the new version of the Common Vulnerability Scoring System (CVSS), version 4.0. After two month of public comment followed by two months of addressing those comments, FIRST is proud to announce the official publication of CVSS version 4.0.
Thu, 14 Nov 2019 00:00:00 +0000
Article on CVSS v3.1 on Security Boulevard, a syndicated blog post from WhiteSource. The article explains the changes made in CVSS v3.1, their importance, and how this scoring should figure in when looking at security vulnerabilities.
Thu, 18 Jul 2019 00:00:00 +0000
An updated version of the Common Vulnerability Scoring System (CVSS) has been introduced, complete with new functionality to make it easier for security professionals to measure threats faced by critical infrastructure sectors, among other improvements.
Fri, 12 Jul 2019 13:00:00 +0000
July 12th, 2019 - The Forum of Incident Response and Security Teams (FIRST) has published an update of its internationally recognized Common Vulnerability Scoring System (CVSS). CVSS is a common scoring system designed to provide open and universally standard severity ratings of software vulnerabilities for the security community. Used by organizations worldwide, version 3.1 documentation is now available on the FIRST website for members and non-members to reference.
Fri, 12 Jul 2019 00:00:00 +0000
The Forum of Incident Response and Security Teams (FIRST) on Friday announced version 3.1 of the Common Vulnerability Scoring System (CVSS). CVSS is a widely adopted standard for rating the severity of software vulnerabilities, and it provides a framework for communicating the characteristics and impact of security flaws.
Thu, 19 Jan 2017 00:00:00 +0000
Cisco Blogs – Omar Santos of Cisco describes the value of using CVSSv3 to score security advisories that address security vulnerabilities in Cisco software
Mon, 07 Jul 2008 18:43:00 +0000
The Common Vulnerability Scoring System Special Interest Group (CVSS- SIG) had a very busy and successful working meeting during the 20th annual FIRST conference in Vancouver. We covered many of the CVSS use cases post v2 deployment - namely PCI and S-CAP - thanks for all the great participation.
Fri, 20 Jun 2008 20:17:00 +0000
The Common Vulnerability Scoring System Special Interest Group (CVSS-SIG) has scheduled a working meeting during the 20th annual FIRST conference in Vancouver (June 22-27,2008). This meeting will take place on Monday, June 23rd 08:30-10:30 PST
Sun, 11 Nov 2007 13:34:00 +0000
ScienceDaily — As this year's holiday season approaches, your credit card transactions may be a little more secure thanks to standards adopted by the payment card industry. The latest incarnation of these standards include the Common Vulnerability Scoring System (CVSS) Version 2 that was coauthored this year by researchers at the National Institute of Standards and Technology and Carnegie Mellon University in collaboration with 23 other organizations
Fri, 31 Aug 2007 16:41:00 +0000
NIST IR 7435 is published as final. CVSS provides an open framework for communicating the characteristics and impacts of IT vulnerabilities.
Thu, 19 Jul 2007 15:22:00 +0000
On Wednesday, August 15th, 2007, Tenable Network Security will begin converting CVSS base scores for Nessus and the Passive Vulnerability Scanner (PVS) plugins from version 1 to version 2. This blog entry discusses how some of the plugin severity...
Thu, 19 Jul 2007 15:22:00 +0000
On Wednesday, August 15th, 2007, Tenable Network Security will begin converting CVSS base scores for Nessus and the Passive Vulnerability Scanner (PVS) plugins from version 1 to version 2. This blog entry discusses how some of the plugin severity...
Mon, 09 Jul 2007 21:00:00 +0000
A standardized system to rank computer system vulnerabilities has been revised to help IT managers make better decisions more quickly about potential threats [SearchWinIt.com]
Mon, 09 Jul 2007 21:00:00 +0000
A standardized system to rank computer system vulnerabilities has been revised to help IT managers make better decisions more quickly about potential threats [SearchWinIt.com]
Tue, 26 Jun 2007 17:00:00 +0000
Standards-based system to rate vulnerabilities [Computerworld]
Tue, 26 Jun 2007 17:00:00 +0000
Standards-based system to rate vulnerabilities [Computerworld]
Thu, 21 Jun 2007 05:24:00 +0000
The National Institute of Standards and Technology has released a suite of tools to help automate vulnerability management and evaluate compliance with federal IT security requirements.
Thu, 21 Jun 2007 05:24:00 +0000
The National Institute of Standards and Technology has released a suite of tools to help automate vulnerability management and evaluate compliance with federal IT security requirements.
Wed, 20 Jun 2007 22:00:00 +0000
NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance.
Wed, 20 Jun 2007 22:00:00 +0000
NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance.
Wed, 20 Jun 2007 20:00:00 +0000
The Forum of Incident Response and Security Teams (FIRST) announced on Wednesday a revised version of the Common Vulnerability Scoring System (CVSS), which modifies the ranking system's recipe for judging the severity of software flaws.
Wed, 20 Jun 2007 20:00:00 +0000
The Forum of Incident Response and Security Teams (FIRST) announced on Wednesday a revised version of the Common Vulnerability Scoring System (CVSS), which modifies the ranking system's recipe for judging the severity of software flaws.
Wed, 20 Jun 2007 02:00:00 +0000
Seville Spain – June 20, 2007: Millions of computer users worldwide will enjoy more secure virtual experiences and transactions with the advent today of CVSSv2 – the latest version of the Common Vulnerability Scoring System.
Wed, 30 May 2007 15:15:00 +0000
Can a single number sum up the full significance of a security vulnerability? The CVSS attempts to prove that it can, but it has its weak points.
Wed, 30 May 2007 15:15:00 +0000
Can a single number sum up the full significance of a security vulnerability? The CVSS attempts to prove that it can, but it has its weak points.
Fri, 01 Dec 2006 14:25:00 +0000
Several sites provide easy ways to get CVSS scores. The major ones are listed on the SIG website.
Tue, 20 Sep 2005 00:53:00 +0000
The Forum of Incident Response and Security Teams (FIRST) a not-for-profit network of computer security incident response teams representing government, law enforcement, ...
Wed, 11 May 2005 06:05:00 +0000
The biggest challenge facing any new standard is the universal adoption of the standard. In order to address the inconsistency of scoring metrics for vulnerabilities...
Wed, 27 Apr 2005 19:18:00 +0000
Corporate executives from around the world were today being urged to attend a special conference on risk, to be staged this June in Singapore by FIRST, the world's premier force...
RDF Site Summary (RSS) is a lightweight multipurpose extensible metadata description and syndication format.
Subscribe to the Common Vulnerability Scoring System News using our RSS feed:
RSS 2.0