当前位置:网站首页>Information security - security professional name | CVE | rce | POC | Vul | 0day
Information security - security professional name | CVE | rce | POC | Vul | 0day
2022-07-06 15:48:00 【Empty one by one】
CVE
CVE Our English full name is “Common Vulnerabilities & Exposures” Universal Loophole Disclosure .CVE It's like a dictionary table , For widely recognized Information security Vulnerabilities or weaknesses that have been exposed give a public name . Use a common name , It can help users evaluate vulnerabilities in their independent vulnerability databases Tools Data sharing in , Although these tools are difficult to integrate . So that makes CVE It has become the of security information sharing “ keyword ”. If in a vulnerability report To specify A loophole in , If there is CVE name , You can do it quickly in any other CVE Find the corresponding patching information in the compatible database , Solve security problem .
RCE
Full name :remote command/code execute
Remote code execution (RCE) It is a kind of software security defect / Loophole .RCE The vulnerability will allow malicious actors to pass LAN、WAN or Internet Execute any code of your choice on the remote computer .RCE Belongs to the broader arbitrary code execution (ACE) Vulnerability categories . However , With the popularization of the Internet ,RCE The impact of the vulnerability has expanded rapidly . therefore ,RCEs Now it could be ACE The most important type of vulnerability .
POC
Full name :Proof of Concept, It means to provide evidence for opinions
Just evidence , Prove that the vulnerability exists , But not by means , Can't be used directly .
POC In the hacker world, it refers to the verification program ;
VUL
VUL,Vulnerability Abbreviation , A loophole .
EXP
EXP,Exploit, in ⽂ intend “ Loopholes benefit ⽤”.
intend ⼀ How to benefit from loopholes ⽤ Or ⼀ Individual performance ⽰ Vulnerability attack code , It can make readers fully understand the mechanism and benefits of vulnerabilities ⽤ Of ⽅ Law .
0DAY Loopholes and 0DAY attack
In the field of computer
zero ⽇ Vulnerability or zero time difference vulnerability ( English :Zero-dayexploit) This usually refers to a security hole that has not been patched ;
⽽ zero ⽇ Attack or zero time difference attack ( English :Zero-dayattack) It means profit ⽤ This loophole goes into ⾏ The attack of .
Provide details of the vulnerability or benefit ⽤ programmatic ⼈ It is usually the discoverer of the vulnerability .
zero ⽇ The benefit of loopholes ⽤ Program pair ⽹ Network security has great ⼤ threat , So zero ⽇ Loopholes are not only ⿊ My favorite , Master how many zeros ⽇ Vulnerabilities also become evaluation ⿊ Guest technology ⽔ Flat ⼀ An important parameter .
zero ⽇ Loopholes and their benefits ⽤ Code is not only for crime ⿊ customer ⽽⾔, Have pole ⾼ Benefits of ⽤ value ,⼀ Some state spies and ⽹ The army , For example, the national security agency and the United States ⽹ War command also ⾮ Always pay attention to this information .
According to Reuters report, the US government is zero ⽇ Loophole ⿊ The most ⼤ buyers .
边栏推荐
- Learning record: Tim - Basic timer
- Research Report on market supply and demand and strategy of China's Medical Automation Industry
- F - Birthday Cake(山东省赛)
- 渗透测试 ( 8 ) --- Burp Suite Pro 官方文档
- Ball Dropping
- HDU - 6024 Building Shops(女生赛)
- Research Report on market supply and demand and strategy of China's land incineration plant industry
- STM32学习记录:LED灯闪烁(寄存器版)
- Learning record: use STM32 external input interrupt
- 通俗地理解什么是编程语言
猜你喜欢
X-Forwarded-For详解、如何获取到客户端IP
Determine the Photo Position
C语言必背代码大全
渗透测试 ( 7 ) --- 漏洞扫描工具 Nessus
STM32学习记录:LED灯闪烁(寄存器版)
【高老师UML软件建模基础】20级云班课习题答案合集
STM32如何使用STLINK下载程序:点亮LED跑马灯(库版本)
Learning record: use stm32f1 watchdog
Learning record: understand systick system timer and write delay function
学习记录:串口通信和遇到的错误解决方法
随机推荐
China medical check valve market trend report, technical dynamic innovation and market forecast
Research Report of exterior wall insulation system (ewis) industry - market status analysis and development prospect prediction
Opencv learning log 19 skin grinding
Research Report on medical toilet industry - market status analysis and development prospect forecast
【练习-6】(PTA)分而治之
渗透测试 ( 8 ) --- Burp Suite Pro 官方文档
【练习-8】(Uva 246)10-20-30==模拟
Gartner:关于零信任网络访问最佳实践的五个建议
Market trend report, technological innovation and market forecast of pneumonia drugs obtained by Chinese hospitals
Indonesian medical sensor Industry Research Report - market status analysis and development prospect forecast
0-1 knapsack problem (I)
Determine the Photo Position
对iptables进行常规操作
渗透测试 ( 7 ) --- 漏洞扫描工具 Nessus
Research Report on surgical fluid treatment industry - market status analysis and development prospect prediction
Accounting regulations and professional ethics [1]
Accounting regulations and professional ethics [5]
最全编程语言在线 API 文档
Research Report on medical anesthesia machine industry - market status analysis and development prospect prediction
Opencv learning log 15 count the number of solder joints and output