NIST Feed is a special tool able to retrieve information about existing CVE (Common Vulnerabilities and Exposures) and inform you about a new published or updated CVE by a popup notification by connecting to the NIST National Vulnerability Database (NVD)!
The notification contains a description of the CVE. When the popup notification is shown, users can left-click on it for accessing to the NIST NVD page with all detailed information, or right-click for closing it.
A sample of enabled popup notification is the following
An output sample on retrieving information about an existing CVE by terminal is the following:
NIST Feed can be configured according to the parameters shown by
nist-feed -h command. Users can decide which kind of CVE they wish to be informed about, for instance CVEs with a high impact on the confidentiality and integrity, or CRITICAL CVEs. Some examples:
- Set Desktop Notifications for latest or updated CVE with CRITICAL severity:
- Show details about the last three CVEs. No Desktop Notifications:
- Show details about the last twenty CVEs with PHYSICAL as attack vector and MEDIUM severity. No Desktop Notifications:
- Set Desktop Notifications for latest or updated CVE having high Confidentiality, Integrity and Availability impact: or
- Set Desktop Notifications for latest or updated CVE with HIGH attack complexity and NETWORK as attack vector:
-s argument is used for setting a scheduled popup notification on crontab according to the specified filters.