What is CVE?


CVE, also known as "Common Vulnerabilities and Exposures" or "Common Vulnerabilities and Exposures" is a list of common information security vulnerabilities identified for public knowledge.

The information is issued in reports containing the description of security flaws in computer systems, computing, including a summary of how to mitigate risks and apply corrections.

Keeping an eye on the reports released, it is essential to know if there may be any risk to the organization and company you work for.

Currently, CVE has a total of 145,389 security reports issued at the time of writing, and constantly issue new reports as soon as flaws are found.

Usually as soon as the fault is found, until there is a definitive correction, the report is not issued, due to a zero day failure, that if there is no correction, other hackers may end up exploring the failure scenarios with the information disclosed, and many of the items released are generally found by security research institutes that are working in exchange for receiving awards in identifying proven flaws.

CVE was launched in 1999 to centralize information on system failures, and before CVE, several decentralized proprietary tools and reports on common failures were emerging that were not so easy to track. From the centralization of reports, it became easier for everyone to communicate and for everyone to be aware of the risks at the same time, adjusting their systems in time before major risks occur.

See more about CVE at:

No comments