Vulnerability assessments utilise various automated testing tools such as web and network security scanners, the results are often collated and presented into a severity based hierarchy report.
Vulnerability Assessments are very affordable and are great for identifying low hanging fruit security issues, however are only part of the process of a full end to end penetration test and therefore are prone to both false positives as well as false negatives.