Your complete reference for CVE, CVSS, vulnerability management, and cybersecurity terminology
A vulnerability that is unknown to the software vendor and has no available patch. These are particularly dangerous because attackers can exploit them before defenders can protect their systems.
Security mechanisms that determine who can access specific resources and what actions they can perform. Includes authentication, authorization, and auditing.
A prolonged and targeted cyberattack where an intruder gains access to a network and remains undetected for an extended period, typically to steal data or monitor activity.
The total number of potential entry points that an attacker could use to gain unauthorized access to a system. Reducing the attack surface is a key security principle.
The path or means by which an attacker gains unauthorized access to a system to deliver a payload or malicious outcome. Common vectors include email, web applications, and network protocols.
The process of verifying the identity of a user, device, or system before granting access. Common methods include passwords, biometrics, and multi-factor authentication.
A method of bypassing normal authentication or security mechanisms to gain unauthorized access to a system. Can be intentionally created by developers or maliciously inserted by attackers.
Security professionals responsible for defending against cyberattacks. They monitor systems, respond to incidents, and implement security controls.
A network of compromised computers (bots) controlled by an attacker to perform coordinated malicious activities like DDoS attacks, spam distribution, or cryptocurrency mining.
An attack method that attempts to gain access by systematically trying all possible password combinations until the correct one is found.
A vulnerability where a program writes more data to a buffer than it can hold, potentially overwriting adjacent memory and allowing attackers to execute arbitrary code.
Organizations that provide incident response services, vulnerability analysis, and security guidance. Examples include US-CERT and various national CERTs.
The three core principles of information security: Confidentiality (protecting data from unauthorized access), Integrity (ensuring data accuracy), and Availability (ensuring systems are accessible when needed).
Cybersecurity and Infrastructure Security Agency, a U.S. federal agency responsible for protecting critical infrastructure and coordinating cybersecurity efforts. Maintains the Known Exploited Vulnerabilities (KEV) catalog.
Infrastructure used by attackers to communicate with and control compromised systems. C2 servers send commands to malware and receive stolen data.
A standardized naming scheme for IT systems, software, and packages. Used in vulnerability databases to identify affected products. Format: cpe:2.3:a:vendor:product:version
An industry standard framework for assessing the severity of security vulnerabilities. Produces a numerical score from 0.0 to 10.0, with 10.0 being the most severe.
A standardized identifier system for publicly known cybersecurity vulnerabilities. Each CVE entry provides a unique ID, description, and references. Format: CVE-YYYY-NNNNN
A community-developed list of software and hardware weakness types. Categorizes the underlying causes of vulnerabilities. Example: CWE-79 (Cross-Site Scripting).
An attack where stolen username/password pairs from one breach are automatically tested against other services, exploiting password reuse.
An attack that tricks a victim's browser into executing unwanted actions on a web application where they're authenticated. Also known as XSRF or Sea Surf.
A web security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. Can steal cookies, session tokens, or sensitive data.
The practice of securing communication and data through the use of codes and ciphers. Includes encryption, hashing, and digital signatures.
The unique identifier assigned to a vulnerability in the CVE system. Format is CVE-YYYY-NNNNN, where YYYY is the year assigned and NNNNN is a sequential number.
The core component of CVSS scoring that reflects the intrinsic characteristics of a vulnerability that are constant over time and across environments. Ranges from 0.0 to 10.0.
A CVSS component that allows organizations to customize vulnerability scores based on their specific environment, including security controls and business impact.
A CVSS component that adjusts the Base Score based on time-dependent factors like exploit availability, patch status, and confidence in the vulnerability description.
An attack that overwhelms a target system with traffic from multiple sources, making it unavailable to legitimate users. Often uses botnets to amplify the attack.
A layered security strategy that uses multiple defensive measures to protect assets. If one layer fails, others continue to provide protection.
An attack that makes a system or network resource unavailable by overwhelming it with requests or exploiting vulnerabilities to crash the service.
A password cracking technique that tries common words, phrases, and previously compromised passwords rather than all possible combinations.
A cryptographic technique that verifies the authenticity and integrity of digital messages or documents. Uses public key cryptography.
The process of converting plaintext data into ciphertext using an algorithm and key, making it unreadable without the decryption key. Protects confidentiality.
Any device that connects to a network, such as computers, smartphones, tablets, servers, or IoT devices. Each endpoint represents a potential security risk.
Security tools that continuously monitor and respond to threats on endpoint devices. Provides visibility, threat detection, and incident response capabilities.
Code or a technique that takes advantage of a vulnerability to cause unintended behavior in software or hardware. Can be used for unauthorized access, privilege escalation, or denial of service.
A software toolkit designed to automatically detect vulnerabilities in target systems and deploy exploits. Often used in drive-by download attacks.
A system configuration issue or mistake that allows unauthorized access to data or functionality, but is not a vulnerability in itself. Can be exploited by attackers.
A network security device that monitors and filters incoming and outgoing traffic based on predetermined security rules. Acts as a barrier between trusted and untrusted networks.
The process of securing a system by reducing its attack surface, disabling unnecessary services, applying patches, and implementing security best practices.
A cryptographic algorithm that converts input data into a fixed-size string of characters (hash). Used for data integrity verification and password storage. Examples: SHA-256, MD5.
A decoy system designed to attract attackers and study their tactics, techniques, and procedures. Helps security teams understand threats and improve defenses.
The organized approach to addressing and managing the aftermath of a security breach or cyberattack. Aims to handle the situation to limit damage and reduce recovery time.
Evidence that a security breach has occurred, such as unusual network traffic, file changes, or presence of malware. Used to detect and investigate incidents.
A vulnerability that allows unauthorized access to sensitive information. Can expose user data, system details, or configuration that aids further attacks.
An attack where malicious code is inserted into a program's input to manipulate execution. Includes SQL injection, command injection, and LDAP injection.
A security tool that monitors network traffic or system activities for malicious activity or policy violations. Generates alerts when threats are detected.
A security tool that monitors network traffic like an IDS but can also actively block detected threats by dropping malicious packets or blocking connections.
A catalog maintained by CISA listing vulnerabilities that are actively being exploited in the wild. Organizations are urged to prioritize patching these CVEs.
Techniques used by attackers to move through a network after initial compromise, accessing additional systems and escalating privileges to reach their objectives.
A security principle stating that users, programs, and systems should have only the minimum access rights necessary to perform their functions.
Malicious software designed to harm, exploit, or otherwise compromise systems. Includes viruses, worms, trojans, ransomware, and spyware.
An attack where an attacker intercepts and potentially alters communication between two parties who believe they are directly communicating with each other.
A vulnerability class where program memory is modified in unintended ways, potentially leading to crashes, arbitrary code execution, or information disclosure.
A non-profit organization that operates federally funded research centers. Maintains the CVE system, ATT&CK framework, and other cybersecurity resources.
A globally accessible knowledge base of adversary tactics and techniques based on real-world observations. Used for threat modeling and security improvement.
An authentication method that requires two or more verification factors to gain access. Combines something you know (password), have (token), or are (biometric).
A U.S. government repository of standards-based vulnerability data maintained by NIST. Provides enhanced information for CVE entries including CVSS scores and affected products.
A software update that fixes vulnerabilities, bugs, or adds features. Applying security patches promptly is critical for maintaining system security.
The process of identifying, acquiring, testing, and installing patches to systems. A critical component of vulnerability management programs.
The component of malware or an exploit that performs the malicious action, such as stealing data, installing backdoors, or encrypting files.
Authorized simulated cyberattacks performed to evaluate system security. Identifies vulnerabilities that could be exploited by attackers.
A social engineering attack where attackers impersonate legitimate entities to trick victims into revealing sensitive information or clicking malicious links.
A technique where attackers gain elevated access rights beyond what they were initially granted. Can be vertical (to admin) or horizontal (to other users).
A framework for managing digital certificates and public-key encryption. Enables secure communication, authentication, and digital signatures.
Malware that encrypts victim data and demands payment for the decryption key. Often spreads through phishing emails or exploiting vulnerabilities.
Security professionals who simulate real-world attacks to test an organization's defenses. Helps identify weaknesses before actual attackers do.
A vulnerability that allows an attacker to execute arbitrary code on a target system remotely. Considered one of the most severe vulnerability types.
The process of fixing or mitigating a vulnerability or security issue. Can include applying patches, configuration changes, or implementing compensating controls.
The process of identifying, analyzing, and evaluating security risks to determine their potential impact and likelihood. Guides security investment decisions.
An isolated environment for safely executing and analyzing suspicious code or files without risking the host system. Used in malware analysis and testing.
A comprehensive list of all components, libraries, and dependencies in a software application. Helps track vulnerabilities in third-party components.
Tools that aggregate and analyze security data from across an organization's infrastructure to detect threats, investigate incidents, and maintain compliance.
A centralized unit that monitors, detects, analyzes, and responds to cybersecurity incidents. Operates 24/7 to protect organizational assets.
The overall cybersecurity strength and resilience of an organization, including its policies, controls, awareness, and ability to respond to threats.
A measure of the potential impact of a vulnerability. Often categorized as Critical, High, Medium, or Low based on CVSS scores and other factors.
A targeted phishing attack directed at specific individuals or organizations. Uses personalized information to appear more legitimate and convincing.
An attack where malicious SQL code is inserted into application inputs to manipulate database queries. Can lead to data theft, modification, or deletion.
Cryptographic protocols that provide secure communication over networks. SSL (Secure Sockets Layer) is the predecessor to TLS (Transport Layer Security). HTTPS uses TLS.
An attack that targets less-secure elements in the supply chain to compromise the final product or service. Can affect software, hardware, or services.
An individual or group that carries out cyberattacks. Can be nation-states, cybercriminals, hacktivists, or insiders with varying motivations and capabilities.
Evidence-based knowledge about existing or emerging threats, including indicators, tactics, and context to inform security decisions and improve defenses.
A structured approach to identifying potential threats, vulnerabilities, and countermeasures for a system or application during design and development.
Malware disguised as legitimate software that tricks users into installing it. Once activated, it performs malicious actions like data theft or backdoor creation.
An authentication method requiring two different factors to verify identity. Common combinations include password + SMS code or password + authenticator app.
A memory corruption vulnerability where a program continues to use memory after it has been freed, potentially allowing attackers to execute arbitrary code.
A secure encrypted tunnel that protects data transmission over public networks. Provides confidentiality, integrity, and can authenticate users.
Self-replicating malware that attaches itself to legitimate programs or files and spreads when the host is executed. Can damage systems or steal data.
A weakness in a system, application, or network that can be exploited by threats to gain unauthorized access or cause harm. Can be in software, hardware, or processes.
The process of identifying, quantifying, and prioritizing vulnerabilities in a system. Often automated using scanning tools and followed by manual verification.
The cyclical practice of identifying, evaluating, treating, and reporting on security vulnerabilities in systems and the software that runs on them.
An attack that compromises websites frequently visited by a target group, infecting visitors with malware. Named after predators waiting at watering holes.
A security solution that filters, monitors, and blocks HTTP traffic to and from a web application. Protects against attacks like XSS, SQL injection, and DDoS.
A security approach that only allows explicitly approved entities (applications, IP addresses, users) while blocking everything else. More restrictive than blacklisting.
Self-replicating malware that spreads across networks without user interaction. Unlike viruses, worms don't need to attach to host programs. Can rapidly consume network bandwidth.
A security model that assumes no user or device should be trusted by default, whether inside or outside the network. Requires continuous verification and least privilege access.
Ready to search for vulnerabilities?
Search CVE Database
Social Engineering
Psychological manipulation of people to divulge confidential information or perform actions that compromise security. Phishing is a common form.