Revision as of 03:36, 1 June 2025 edit Guninvalid (talk \| contribs) Extended confirmed users 2,037 edits →Development factors: copy edit ← Previous edit		Revision as of 03:40, 1 June 2025 edit undo Guninvalid (talk \| contribs) Extended confirmed users 2,037 edits →National Vulnerability Database classification: i gave up on copy editing Next edit →
Line 32: ===National Vulnerability Database classification=== {{missing information\|section\|the other causes\|date=May 2025}} The [[National Vulnerability Database]] classifies vulnerabilities into eight root causes that may be overlapping, including:{{sfn\|Garg\|Baliyan\|2023\|pp=17–18}} #[[Improper input validation\|Input validation]] ~~(including [[buffer overflow]] and [[boundary condition]])~~ vulnerabilities ~~occur~~exist when [[input checking]] is not sufficient to prevent the attacker from injecting malicious code. [[Buffer overflow]] exploits, [[buffer underflow]] exploits, and [[boundary condition]] exploits typically take advantage of this category.{{sfn\|Garg\|Baliyan\|2023\|p=17}} # [[Access control]] vulnerabilities enable an attacker to access a system that is supposed to be restricted to them, or engage in [[privilege escalation]].{{sfn\|Garg\|Baliyan\|2023\|p=17}} #When the system fails to handle and exceptional or unanticipated condition correctly, an attacker can exploit the situation to gain access.{{sfn\|Garg\|Baliyan\|2023\|p=18}} #~~A [[configuration~~ Configuration vulnerability]] ~~comes~~come into existence when configuration settings cause risks to the system security, leading to such faults as unpatched software or file system permissions that do not sufficiently restrict access.{{sfn\|Garg\|Baliyan\|2023\|p=18}} #A [[race condition]]—when timing or other external factors change the outcome and lead to inconsistent or unpredictable results—can cause a vulnerability.{{sfn\|Garg\|Baliyan\|2023\|p=18}}

Vulnerability (computer security): Difference between revisions