Thinking about scope of coverage.
CVE traditionally covers:
I mean it's literally in the name.
For the GSD I'm thinking we should also cover:
not exhaustively of course, but it drives me nuts that there's no good naming for high profile ones/big events
e.g. where there's smoke there's usually fire
e.g. we may have a piece of malicious code, we're not sure of the exact exploit/mechanism but we know it does something bad
something bad happened, possibly using a new vuln/weakness/etc
backdoor / honeypot / deceptive software
I need a better name for this, maybe it's one category, maybe it's not)