# Vulnerability
A vulnerability is a weakness that exposes an asset to possible compromise. Weaknesses can be organizational, logical, physical, or human.



See also:
- [Assets](..//Assets.md)
- [Risks](..//Risks.md)
- [Threat](../📚️%20Literature%20notes/Threat.md)
- [Vulnerability Disclosure Policy](../../ISMS/Policy%20examples/Vulnerability%20Disclosure%20Policy.md)
- [Dealing with a reported application vulnerability](../Dealing%20with%20a%20reported%20application%20vulnerability.md)
- [Software vulnerability databases](Software%20vulnerability%20databases.md)
- (https://www.google.nl/search?q=software+vulnerability+databases)
- [API Endpoint Vulnerabilities](https://www.reblaze.com/blog/api-security/how-hackers-attack-your-mobile-apps-part-3-api-endpoint-vulnerabilities/)
- [NSA and CISA publish hardening guides](https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/utm_source/nsa-cisa-release-kubernetes-hardening-guidance/)
- [ISO 27001 A 12.6 Technical vulnerability management](../../Standards/ISO27x/legacy/ISO%2027001%202013/ISO%2027001%20A%2012.6%20Technical%20vulnerability%20management.md)
- [a-8.8-Management-of-technical-vulnerabilities](../../Standards/ISO27x/OST/27002/EN/a-8.8-Management-of-technical-vulnerabilities.md)