Definition: a standardised way to identify and reference specific vulnerabilities. This is a list of publicly disclosed information about security vulnerabilities.