adam's notes

Common Vulnerabilities and Exposures (CVE)
Elements of a CVE

❯

❯

Common Vulnerabilities and Exposures (CVE)

Common Vulnerabilities and Exposures (CVE)

Common Vulnerabilities and Exposures (CVE) is a dictionary of vulnerabilities in published operating systems and applications software.

developed by MITRE and adopted by NIST
- https://cve.org/
CVE dictionary provides the principal input for NIST’s National Vulnerability Database (NVD)
- supplements the CVE descriptions with
  - additional analysis
  - a criticality metric calculated using the Common Vulnerability Scoring System (CVSS)
  - fix information

Elements of a CVE

An identifier
- format: CVE-YYYY-####
  - YYYY is the year the vulnerability was discovered
  - is at least four digits that indicate the order in which the vulnerability was discovered
description
reference list of URLs that supply more information
date entry was created

Graph View

Backlinks

Explain Vulnerability Management
Perform Vulnerability Analysis
Security Content Automation Protocol (SCAP)

Created with Quartz v4.5.2 © 2026

CC BY-NC-SA
adamfurman.me