0Pricing
Cyber Security Academy · Lesson

CVE, CWE, and CVSS Scoring

Understand vulnerability identifiers, weakness classifications, and severity scoring with real examples.

What is a CVE?

CVE (Common Vulnerabilities and Exposures) is a standardized identifier for publicly known vulnerabilities. Each CVE has a unique ID (e.g., CVE-2021-44228), a description, and references to patches and advisories.

CVE ID Structure

CVE IDs follow the format CVE-YEAR-NUMBER. The number portion has no leading zeros and can be 4+ digits. MITRE assigns CVE IDs; the NVD enriches them with severity scores.

# Famous examples:
CVE-2021-44228  # Log4Shell (Log4j)
CVE-2017-0144   # EternalBlue (MS17-010)
CVE-2014-0160   # Heartbleed (OpenSSL)
CVE-2021-34527  # PrintNightmare

All lessons in this course

  1. CVE, CWE, and CVSS Scoring
  2. Running Nessus or OpenVAS Scans
  3. Web App Scanning with Nikto and OWASP ZAP
  4. Prioritizing and Remediating Findings
← Back to Cyber Security Academy