1. CSRF (Cross-Site Request Forgery)
- Description: An attack that exploits the trust a website has in a user’s browser by forcing the submission of authenticated requests to a third-party site. This can result in unauthorized actions being performed on behalf of the user without their consent.
2. Cross-Site Scripting (XSS)
- Description: An attack that involves injecting untrusted code into a trusted web application. This code is then executed by a user’s browser, potentially leading to the theft of cookies, session tokens, or other sensitive information.
3. Session Hijacking
- Description: An attack aimed at stealing or taking over an authenticated user’s session. Unlike CSRF, session hijacking does not involve tricking the user’s browser into submitting requests but rather intercepts or impersonates an active session.
4. SQL Injection
- Description: A vulnerability that allows an attacker to execute arbitrary SQL queries against a database through a web application’s input fields. This can lead to unauthorized access, data leakage, or data manipulation. For example, the injection string
CARROT'1=1;--
exploits input fields to bypass authentication.
5. Blue Screen of Death (BSOD)
- Description: A critical error screen displayed by the Windows operating system when it encounters a severe problem that causes the system to halt. This screen indicates a serious issue, often requiring a reboot and potentially leading to data loss.
6. Hotfix
- Description: A single, immediate patch applied to address a specific problem or vulnerability in an operating system or application. Hotfixes are typically released outside of the regular update cycle.
7. Update
- Description: General term for any changes made to software or systems to improve functionality, fix bugs, or address security vulnerabilities. Updates can include bug fixes, new features, or improvements.
8. Security Fix
- Description: A type of update specifically aimed at addressing security vulnerabilities. Security fixes are critical for protecting systems from potential exploits.
9. Service Pack
- Description: A comprehensive collection of updates, hotfixes, and patches bundled together and released periodically. Service packs often include a range of fixes and enhancements beyond individual updates.
10. Patch Management System
- Description: A system designed to manage the deployment and application of patches to operating systems and applications. It helps prevent outages and security breaches by ensuring systems are up-to-date. However, it does not provide new updates for newly discovered vulnerabilities; it only manages known patches.