|
|
|
|
|
|
by karlgkk
354 days ago
|
|
|
> memory errors with no viable exploit path i dont appreciate putting "vulns" in scare quotes, if that was your intent swiss cheese theory. all it takes is someone changing a component that allows that vulnerability to be chained into an exploit, which has happened many times. these should be tracked, and in fact, it's very helpful to assign cves to them but yeah, raw numbers is less useful. in fact, cves as a "is it secure or not" metric are pretty rough. it makes it easier to convince vendors to keep their software up to date, though... |
|
|