Launched by MITRE in 1999, Common Vulnerabilities and Exposures (CVE) is a catalog of publicly disclosed security vulnerabilities. A security vulnerability is a weakness in a computer system that attackers can leverage to violate the security policy of a system. By exploiting a vulnerability, an attacker might access unauthorized resources or threaten the availability of the system.
Each vulnerability within the catalog is assigned an identification number (CVE ID), a description, a publication date, a severity score, and at least one public reference that provides technical details and possible remediation. For instance, the CVE entry with ID CVE-2020-7592 references a vulnerability impacting various Siemens devices and components where data integrity can be compromised.