Section 02: Vulnerability Assessment Concepts

Vulnerability Classification

Examples of vulnerability classifications are

• Misconfigurations

• Poor patch management

• Third-party risks

• Default passwords

• Zero-day vulnerabilities

• Improper certificate / key(s) management

• Default configurations

• Buffer overflows

• Memory leaks

• DLL (Dynamic Link Library) injection

• Race conditions

Links

• https://en.wikipedia.org/wiki/Buffer_overflow

• https://en.wikipedia.org/wiki/Memory_leak

• https://en.wikipedia.org/wiki/Dynamic-link_library

• https://en.wikipedia.org/wiki/Race_condition

• https://en.wikipedia.org/wiki/Zero-day_(computing)