What is CVE?

CVE is a list of information security vulnerabilities and exposures that aims to provide common names for publicly known problems. The goal of CVE is to make it easier to share data across separate vulnerability capabilities (tools, repositories, and services) with this "common enumeration." Please visit https://cve.mitre.org/ and https://www.cve.org for more information

What is a "Vulnerability?"

An information security "vulnerability" is a mistake in software that can be directly used by a hacker to gain access to a system or network.

What is an "Exposure?"

An information security exposure is a mistake in software that allows access to information or capabilities that can be used by a hacker as a stepping-stone into a system or network.

What is a CVE Identifier?

CVE Identifiers (also called "CVE names," "CVE numbers," "CVE-IDs," and "CVEs") are unique, common identifiers for publicly known information security vulnerabilities. Each CVE Identifier includes the following:
- CVE identifier number (i.e., "CVE-1999-0067").
- Indication of "entry" or "candidate" status.
- Brief description of the security vulnerability or exposure.
- Any pertinent references (i.e., vulnerability reports and advisories or OVAL-ID).
- CVE Identifiers are used by information security product/service vendors and researchers as a standard method for identifying vulnerabilities and for cross-linking with other repositories that also use CVE Identifiers.

Who owns CVE?

The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. The CVE Board oversees CVE Program operations and determines its strategic direction. The Secretariat (currently The MITRE Corporation) provides administrative and logistical support to the CVE Board and maintains the CVE Program’s infrastructure. Please visit cve.mitre.org and https://www.cve.org for more information.
CVE Program is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). CVE and the CVE logo are registered trademarks of The MITRE Corporation.

What is NVD?

National Vulnerability Database, NVD, is the U.S. government repository of standards based vulnerability management data. Please visit https://nvd.nist.gov/general/FAQ-Sections/General-FAQs for more information about NVD.

What is CPE?

Common Platform Enumeration (CPE) is a standardized method of describing and identifying classes of applications, operating systems, and hardware devices present among an enterprise's computing assets. CPE is a structured naming scheme for information technology systems, software, and packages based upon the generic syntax for Uniform Resource Identifiers (URI), CPE includes a formal name format, a method for checking names against a system, and a description format for binding text and tests to a name. Please visit https://nvd.nist.gov/products/cpe and https://csrc.nist.gov/projects/security-content-automation-protocol/specifications/cpe for more information.

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!