the.com/vulnerabilities
the gaps between what a system should do and what you can trick it into doing.
means a flaw in software, hardware, or process that lets an attacker do something the designer never intended.
from from latin vulnerare, to wound; adopted by computer security in the 1970s once researchers realized code, like people, has soft spots.
cve systemover 240,000 catalogued vulnerabilities since 1999
zero-daymeans defenders had zero days to prepare
most common flawbuffer overflow, known since 1972, still exploited
bug bountiessome pay over 1 million dollars per bug
for instance
heartbleed — 2014 openssl bug exposed memory on millions of servers
log4shell — 2021 java logging flaw hit almost every enterprise network
eternalblue — nsa exploit leaked in 2017, powered wannacry ransomware
spectre meltdown — 2018 chip-level flaws broke decades of processor assumptions