Cybersecurity is the practice of protecting computers, networks, and data from unauthorized access, attacks, or damage. It involves a range of technologies, processes, and best practices designed to safeguard digital systems from cyber threats, such as hacking, malware, and data breaches. This glossary provides clear definitions of essential cybersecurity terms, helping users understand the key concepts and tools used to defend against these growing digital risks.

Various terms used in Advisories

Term	Meaning	Definition
CVE	Common Vulnerabilities and Exposures.	System that provides a reference method for publicly known information-security vulnerabilities and exposures.
CVE ID	CVE Identifier	An alphanumeric string that identifies a Publicly Disclosed vulnerability. The format of the CVE ID is defined in the CVE Record Format.
CWE	Common Weakness Enumeration	Category system for hardware and software weaknesses and vulnerabilities. Check the top 25 CWE of 2023.
CNA	CVE Numbering Authority	An authorized entity with specific scope and responsibility to regularly assign CVE IDs and publish corresponding CVE Records.
Fix		A change to software to remediate, mitigate, or otherwise address a vulnerability. “Fix” is used broadly and includes terms such as patch, fix, hotfix, update, and upgrade.
POC	proof of concept	A proof of concept is a prototype that demonstrates the viability of a vulnerabilty
CVSS	Common Vulnerability Scoring System	A free and open industry standard for assessing the severity of computer system security vulnerabilities.
SU	Super user	vulnerabilities accessible only under authentication (weak via unpredictable immutable token or strong via login / password or token with a limited lifespan)

Type of vulnerability

All categories are available on NIST site.

Term	CWE	Meaning
SQLi	CWE-89	SQL injection
RCE	CWE-94	Remote Code Execution
XSS	CWE-79	Cross-site Scripting
SSRF	CWE-918	Server-side request forgery
XXE	CWE-611	XML External Entity attack
CSRF	CWE-352	Cross-Site Request Forgery