Question 1

What is a CVE?

Accepted Answer

A CVE (Common Vulnerabilities and Exposures) is a unique identifier assigned to a publicly known cybersecurity vulnerability. Each CVE ID (e.g., CVE-2021-44228) provides a standardized reference for a specific vulnerability, making it easier for security teams to track, communicate about, and remediate security issues.

Question 2

What is a CVSS score?

Accepted Answer

CVSS (Common Vulnerability Scoring System) rates the severity of vulnerabilities on a 0-10 scale. Scores are categorized as: Critical (9.0-10.0), High (7.0-8.9), Medium (4.0-6.9), and Low (0.1-3.9). The score considers factors like attack vector, complexity, privileges required, and impact on confidentiality, integrity, and availability.

Question 3

What is the NVD?

Accepted Answer

The NVD (National Vulnerability Database) is the U.S. government repository of standards-based vulnerability management data. It provides CVSS scores, fix information, and affected product listings for every CVE. It is maintained by NIST and is freely accessible.

Question 4

How do I check if my software is affected by a CVE?

Accepted Answer

Search for the CVE ID or your software name in this tool. The results show affected product versions using CPE (Common Platform Enumeration) data. For automated detection across your entire infrastructure, use CyberOrbit's full security assessment which scans for known CVEs in your technology stack.

CVE Lookup

What is a CVE?

Understanding CVSS Scores

Popular CVE Searches

Frequently Asked Questions

What is a CVE?

What is a CVSS score?

Where does this data come from?

Is this tool free?