Computer Vulnerabilities

In computer security, a vulnerability is a weakness which can be exploited by a threat actor, such as an attacker, to cross privilege boundaries (i.e. perform unauthorized actions) within a computer system. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerabilities are also known as the attack surface.

Vulnerability management is a cyclical practice that varies in theory but contains common processes which include: discover all assets, prioritize assets, assess or perform a complete vulnerability scan, report on results, remediate vulnerabilities, verify remediation - repeat. This practice generally refers to software vulnerabilities in computing systems. Agile vulnerability management refers preventing attacks by identifying all vulnerabilities as quickly as possible.

A security risk is often incorrectly classified as a vulnerability. The use of vulnerability with the same meaning of risk can lead to confusion. The risk is the potential of a significant impact resulting from the exploit of a vulnerability. Then there are vulnerabilities without risk: for example when the affected asset has no value. A vulnerability with one or more known instances of working and fully implemented attacks is classified as an exploitable vulnerabilitya vulnerability for which an exploit exists. The window of vulnerability is the time from when the security hole was introduced or manifested in deployed software, to when access was removed, a security fix was available/deployed, or the attacker was disabledsee zero-day attack.

Security bug (security defect) is a narrower concept. There are vulnerabilities that are not related to software: hardware, site, personnel vulnerabilities are examples of vulnerabilities that are not software security bugs.

Constructs in programming languages that are difficult to use properly can manifest large numbers of vulnerabilities. 

Common types of software flaws that lead to vulnerabilities include:

    Memory safety violations, such as:
        Buffer overflows and over-reads
        Dangling pointers
    Input validation errors, such as:
        Code injection
        Cross-site scripting in web applications
        Directory traversal
        E-mail injection
        Format string attacks
        HTTP header injection
        HTTP response splitting
        SQL injection
    Privilege-confusion bugs, such as:
        Clickjacking
        Cross-site request forgery in web applications
        FTP bounce attack
    Privilege escalation
    Race conditions, such as:
        Symlink races
        Time-of-check-to-time-of-use bugs
    Side-channel attack
        Timing attack
    User interface failures, such as:
        Blaming the Victim prompting a user to make a security decision without giving the user enough information to answer it
        Race Conditions
        Warning fatigue or user conditioning.