Shostack + Friends Blog Archive


Congratulations to the CVE team!

The CVE Web site now contains 30,000 unique information security issues with publicly known names. CVE, which began in 1999 with just 321 common names on the CVE List, is considered the international standard for public software vulnerability names. Information security professionals and product vendors from around the world use CVE Identifiers (CVE-IDs) as a standard method for identifying vulnerabilities, and for cross-linking among products, services, and other repositories that use the identifiers.

See the CVE News page. I remember proposing that we have a CVE-1. I’m tremendously proud to have helped get such a useful thing off the ground, and really happy for the CVE team.