vulnerability – Is there any academic classification of vulnerabilities?


Is there any academic classification of vulnerabilities ?

As we know, there are many vulnerabilities, such as:
SQL injection vulnerability, File upload vulnerability, File contains vulnerability, XSS, SSRF, XXE, database leak and so on.

but I did not find an academic classification of vulnerabilities.

who can give academic classification of them?
such as category about Operation System / Web application / Networking.