Back to Glossary

CVE (Common Vulnerabilities and Exposures)

A standardized identification system for publicly known cybersecurity vulnerabilities, providing unique IDs like CVE-2024-12345.

security conceptvulnerability managementstandards

CVE (Common Vulnerabilities and Exposures) is a system maintained by MITRE Corporation that provides standardized identifiers for publicly known cybersecurity vulnerabilities. Each CVE entry includes a unique ID (e.g., CVE-2024-12345), a description of the vulnerability, and references to related advisories and patches.

The CVE system enables consistent communication about vulnerabilities across security tools, databases, and organizations. When a vendor releases a security advisory, the referenced CVE ID allows administrators to quickly look up details, determine if they're affected, and find patches or mitigations.

CVE entries are linked to CVSS scores for severity rating, NVD (National Vulnerability Database) entries for detailed analysis, and vendor advisories for patches. Security scanners use CVE databases to identify known vulnerabilities in software components.

How APVISO tests for this: APVISO's recon agent fingerprints technologies used by your application (web servers, frameworks, libraries) and cross-references discovered versions against known CVEs. This identifies unpatched components with publicly known vulnerabilities that attackers could exploit.

Related Terms

CVSS (Common Vulnerability Scoring System)Zero-Day VulnerabilityPatch Management

Test your applications for cve (common vulnerabilities and exposures) vulnerabilities

APVISO's AI agents automatically test for this and many more vulnerability categories.

Start Testing Free