A CVE (Common Vulnerabilities and Exposures) refers to a security vulnerability that has been assigned an identifier. For each CVE, there will be a short description of the vulnerability or security hole as well as links to reports and advisories. The site lists all known security vulnerabilities. CVEs help professionals coordinate their efforts to prioritize and resolve vulnerabilities, thereby increasing the security of IT systems.

CVE identifiers

CVE identifiers are of the form CVE-AAAA-NNNNN with AAAA the year of publication and NNNNN an identifier number.

More details

As we have seen, a CVE entry has a minimalist content. To go further, a database called NVD (National Vulnerability Database) has been developed ( This allows you to assign a CVSS rating to a CVE, to add relationships with the CWE (Common Weakness Enumeration) and CAPEC (Common Attack Pattern Enumeration and Classification) databases.

The most exploited CVE in 2020

Example of a CVE