As seen in Figure 1, about 1,500 vulnerabilities per quarter has been registered to JVN iPedia since its initial release of 3,562 vulnerabilities on April 25, 2007.
As of December 31, 2012, the number of vulnerabilities registered has grown to 38,099, of which 139 are collected from domestic software developers, 2,412 from JVN and 35,548 from NVD.
•JVN iPedia English Version: http://jvndb.jvn.jp/en/
•JVN iPedia Japanese Version: http://jvndb.jvn.jp/
|4th Quarter (October – September) of 2012||Feb 26, 2013|
|3rd Quarter (July – September) of 2012||Dec 3, 2012|
|2nd Quarter (April – June) of 2012||Aug 8, 2012|
|1st Quarter (January – March) of 2012||May 15, 2012|
|4th Quarter (October – December) of 2011||Feb 29, 2012|
|3rd Quarter (July – September) of 2011||Nov 18, 2011|
|2nd Quarter (April – June) of 2011||Aug 12, 2011|
|1st Quarter (January – March) of 2011||May 19, 2011|
|4th Quarter (October – December) of 2010||Feb 14, 2011|
|3rd Quarter (July – September) of 2010||Nov 9, 2010|
|2nd Quarter (April – June) of 2010||Aug 6, 2010|
|1st Quarter (January – March) of 2010||May 10, 2010|
|4th Quarter (October – December) of 2009||Feb 3, 2010|
|3rd Quarter (July - September) of 2009||Nov 11, 2009|
|2nd Quarter (April - June) of 2009||Jul 27, 2009|
|1st Quarter (January - March) of 2009||May 20, 2009|
|4th Quarter (October - December) of 2008||Feb 10, 2009|
|3rd Quarter (July - September) of 2008||Oct 31, 2008|
|2nd Quarter (April - June) of 2008||Aug 15, 2008|
Under Information Security Early Warning Partnership, IPA receives private vulnerability reports and JPCERT/CC coordinates with developers to prepare patches or remedies.
JVN provides the information such as:
Vulnerability information, especially on Open Source Software (OSS), often affects multiple products. In such a case, JVN provides notes from those vendors affected.
Records of security events are useful when planning the vulnerability remediation process.
We provide "Status Tracking Notes", the list of relevant events, for some vulnerability information on a trial basis. Records contain exploit code availability, related incidents observed, and availability of fixes.
We provide JVN updates in RSS (RDF(*1) Site Summary) format. These updates are readily available using an RSS reader. This enables system administrators and integrators to rapidly collect vulnerability information and solutions.
We also provide tools for displaying JVN updates on your website. (This tool requires Adobe Flash 7.0 or higher for a plug-in.)
(*1)RDF:Resource Description Framework
•Hitachi HIRT(Hitachi Incident Response Team) uses this tool to automatically display JVN updates.
JVN iPedia is an information database that stores summary and countermeasure information on vulnerabilities in Japanese software and other products posted on JVN.
In the six months following its public release in April 2007, iPedia catalogued 4,100 vulnerabilities (Japanese Version).
JVN iPedia is equipped with search functions(Keyword search, product search, and severity scoring based on CVSS(*2)) and RSS feeds, which provides the accumulated data in a comprehensive manner.
In addition, user can use the CVSS Calculator to calculate the overall CVSS assessment score, by selecting the own Environmental Score Metrics or Temporal Score Metrics.
(*2)CVSS: Common Vulnerability Scoring System
•Provides vulnerability countermeasure information collected and accumulated every day.