Categories of vulnerabilities
- Operating System: found within Operating Systems (OSs).
- (Mis)Configuration-based: incorrectly configured application or service.
- Weak or Default Credentials: Applications and services that have an element of authentication will come with default credentials when installed.
- Application Logic: the result of poorly designed applications.
- Human-Factor: vulnerabilities that leverage human behaviour.
Scoring vulnerabilities
- Common Vulnerability Scoring System (CVSS)
- Vulnerability Priority Rating (VPR)
Vulnerability databases
Finding manual exploits
