Cwe

CVE (Common Vulnerabilities and Exposures) is the global identifier standard for publicly disclosed software and hardware vulnerabilities. This SECMONS glossary entry explains CVE structure, who assigns CVEs, how CVEs relate to CVSS and CWE, and how teams use CVEs for patching, risk, and incident response.

CWE (Common Weakness Enumeration) is the standardized taxonomy used to classify software and hardware weakness types such as use-after-free, buffer overflow, and security feature bypass. This SECMONS glossary entry explains what CWE represents, how it differs from CVE and CVSS, and how defenders use CWE to understand exploitation patterns and prioritize remediation.

Denial of Service (DoS) is an attack that disrupts the availability of a system, service, or network by exhausting resources or triggering crashes. This SECMONS glossary entry explains how DoS works, how it differs from Distributed Denial of Service (DDoS), and how defenders should approach mitigation.

Memory corruption refers to vulnerabilities that allow unintended modification of a program’s memory. This SECMONS glossary entry explains how memory corruption occurs, common weakness types such as use-after-free and buffer overflows, how attackers exploit them, and why memory corruption often leads to remote code execution.