Yes. E.g. did you find a whiteboard facing an open window? Did leave a confidential document sitting on their desk? Did someone forget to close the filing cabinet to sensitive documents? Has anyone ever been able to access confidential information at your company without permission?
Of course we can pick and choose analogies (hint: we'll never get it right, but that's what happens when comparisons are asked for). But if we're asking for disclosures for security holes that could lead (or have lead) to unauthorized access, I expect to see a seemingly interminable list.
No, they don't: they're all more severe than what happened at G+ with this vulnerability. Vulnerabilities of the kind we're discussing are utterly routine, and would probably merit a sev:low in an external assessment.
Of course we can pick and choose analogies (hint: we'll never get it right, but that's what happens when comparisons are asked for). But if we're asking for disclosures for security holes that could lead (or have lead) to unauthorized access, I expect to see a seemingly interminable list.