Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The vulnerability branding trend is stupid, but I'm not sure it's worse for communicating what you're talking about than "CVE-2023-129038, 109239, and 120993" or "Those 5G vulnerabilities from uh I think 2022 or 2023? No not those, the other ones." Is there a better method?


I don't think it's stupid because I can't, off the top of my head, tell you the CVE number for Heartbleed, despite being very involved with it for a couple of weeks.

Heartbleed I remember, along with Spectre/Meltdown, but I couldn't name the weak exploits that turn out to be nothing burgers. Log4j could have used a brand though, imo.


How often do you need CVE numbers while simultaneously being unable to google for the CVE number?


Because everyone called it heartbleed.

I still remember some of the big ones like MS03-026/031, MS08-067, CVE-2005-1042.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: