The weakness in an asset is called vulnerability.
CVE (Common Vulnerabilities and Exposures) is an industry-wide standard identification number for vulnerabilities. Each vulnerability gets assigned an ID. These vulnerabilities then get assigned a severity score using the CVSS (Common Vulnerability Scoring System).
An exploit can be a software or a sequence of commands that take advantage of a vulnerability.
An exploitation kit is a software tool used by cybercriminals to automate the exploitation of vulnerabilities in systems and applications, typically for the purpose of delivering malware.