Guys from High-Tech Bridge did a good job creating glossary that explains CWE classification of different vulnerabilities in software.
https://www.htbridge.com/vulnerability/
Currently there are 25 articles for different CWE entries with exploitation examples and mitigation techniques.
For vulnerabilities in web applications there are rules for mod_security to avoid successful exploitation before the vendor can issue a patch.
Enjoy reading & have a nice day!
Valery Marchuk
Microsoft MVP in Enterprise Security
