CVE (Common Vulnerabilities and Exposures) is a format to describe publicly known information security vulnerabilities and exposures. Using this format, new CVE IDs will be created, assigned, and referenced in content on an as-needed basis without a version change.
SCAP 1.0 and 1.2 policies are compliant with CVE. Tell me more
Official CVE List: http://cve.mitre.org/cve/index.html
NVD CVE-based Vulnerabilities: http://nvd.nist.gov/
See Statement of CVE Implementation