Airbnb’s information security team wrote about their internal security vulnerability reporting tool called Vulnture. It utilizes the CVE, NVD and other vendor databases and scans infrastructure and the software stack for discovered vulnerabilities.
The Common Vulnerabilities and Exposures (CVE) list was started in 1999, and the National Vulnerability Database (NVD) 6 years later in 2005. The NVD uses the data in CVE and enhances the information, and provides additional search features. Software vendor sites also publish their own vulnerability feeds which may or may not end up these two databases.
