While some folks believe that a vulnerability is a vulnerability, there are actually a number of distinctions that are commonly made in the security academic world. These distinctions are useful when determining the nature and extent of a problem and deciding on a proper course of protective action. Here are some classics:

A Taxonomy of Security Faults in the Unix Operating System (1995) by Aslam

A Taxonomy of UNIX System and Network Vulnerabilities (1995) by Bishop

A Taxonomy of Computer Program Security Flaws, with Examples, by Landwehr

A Critical Analysis of Vulnerability Taxonomies (1996) by Bishop and Bailey

Enjoy!