Website: http://cwe.mitre.org
CWE™ is a community-developed list of software and hardware weakness types. It serves as a common language, a measuring stick for security tools, and as a baseline for weakness identification, mitigation, and prevention efforts.
What CVEs do for vulnerabiltiies, CWE does for weaknesses. Soft spots in hardware and software that can turn into vulnerabilities.