The National Vulnerability Database (NVD) is a repository of vulnerabilities maintained by the National Institute of Standards and Technology (NIST). The NVD contains a wealth of information regarding vulnerabilities in software and hardware systems, which is helpful in assessing, prioritizing, and mitigating security risks.
The NVD integrates the Common Vulnerabilities and Exposures (CVE) database which allows the pentester to easily search for vulnerabilities using the CVE code. The NVD also sorts and classifies vulnerabilities by a variety of factors, including severity, impact, affected products, and attack vectors.
Another benefit of the NVD is that it provides vulnerability scoring systems, such as theCVSS (Common Vulnerability Scoring System) , to quantify the severity and impact of vulnerabilities.