LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What is CVE and how does it help with security?

CVE is a standardized catalog that gives every publicly known vulnerability a unique ID — so tools and teams all refer to the same flaw consistently.

CVE (Common Vulnerabilities and Exposures) — a standardized catalog of publicly known security vulnerabilities.

How it works:

  • Each vulnerability gets a unique ID (e.g., CVE-2014-0160 for Heartbleed)
  • Managed by CVE Numbering Authorities worldwide
  • Severity scored using CVSS (0-10 scale)
  • Detailed analysis in NVD (National Vulnerability Database)

Why it matters:

  • Common language — Everyone refers to the same issue consistently
  • Tracking — Organizations track which CVEs affect their systems
  • Prioritization — CVSS scores help decide what to patch first
  • Dependency scanning — Tools check your libraries against CVE databases
  • Compliance — Many standards require CVE monitoring

Without CVE, "the OpenSSL bug" could refer to dozens of different issues.

See: https://cve.mitre.org/ and https://nvd.nist.gov/

Go deeper:

From Quiz: SPRG / Secure Programming Introduction | Updated: Jul 05, 2026