A vulnerability that exists but is not reported

A vulnerability that does not exist but is reported

A vulnerability that is correctly identified

A vulnerability that is ignored

Because it means a vulnerability is reported but does not exist

Because it means a vulnerability exists but is not detected

Because it means a vulnerability is ignored

Because it means a vulnerability is detected but not reported

A score to prioritize vulnerabilities

A method to fix vulnerabilities

A way to ignore low-priority vulnerabilities

A list of all known vulnerabilities

A list of all vulnerabilities in a system

A percentage representing the potential impact of a vulnerability

A method to patch vulnerabilities

A measure of how often a vulnerability is exploited

The amount of risk an organization is willing to accept

The effectiveness of a patch

The number of vulnerabilities in a system

The speed at which patches are deployed