"Flaws in Web applications boosted the bug counts for 2006 by more than a third over the previous year, according to data obtained by SecurityFocus from the four major vulnerability databases. On Monday, the Computer Emergency Response Team (CERT) Coordination Center released its final tally of the number of flaws the organization processed in 2006."

...

"Many people are doing 'grep and gripe' research. They are doing a regular expression search, looking for patterns. If they get a match they will report it to the public, but sometimes what ends up happening is they are reporting false positives. "
- Steven Christey, editor, the Common Vulnerabilities and Exposures (CVE) Project

Article Link: http://www.securityfocus.com/news/11436