References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-11 CWE
Spectre Attacks: Exploiting Speculative Execution
Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom · 2018
1 citation(s)
REF-12 CWE
Meltdown
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg · 2018
1 citation(s)
REF-13 CWE
CommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition
Xuejing Yuan, Yuxuan Chen, Yue Zhao, Yunhui Long, Xiaokang Liu, Kai Chen, Shengzhi Zhang, Heqing Huang, Xiaofeng Wang, Carl A. Gunter · 2018
1 citation(s)
REF-14 CWE
Audio Adversarial Examples: Targeted Attacks on Speech-to-Text
Nicholas Carlini, David Wagner · 2018
1 citation(s)
REF-15 CWE
Magic AI: These are the Optical Illusions that Trick, Fool, and Flummox Computers
James Vincent · 2017
1 citation(s)
REF-16 CWE
Intriguing properties of neural networks
Christian Szegedy, Wojciech Zaremba, Ilya Sutskever, Joan Bruna, Dumitru Erhan, Ian Goodfellow, Rob Fergus · 2014
1 citation(s)
REF-17 CWE
Attacking Machine Learning with Adversarial Examples
OpenAI · 2017
1 citation(s)
REF-18 CWE
The CLASP Application Security Process
Secure Software, Inc. · 2005
84 citation(s)
REF-19 CWE
System Assurance
Nikolai Mansourov, Djenana Campara · 2010
REF-20 CWE
Task Order 0006: Vulnerability Path Analysis and Demonstration (VPAD). Volume 2 - White Box Definitions of Software Fault Patterns
Ben Calloni, Nikolai Mansourov, Djenana Campara · 2011
REF-21 CWE
CSV Injection
OWASP · 2020
1 citation(s)
REF-22 CWE
Data Extraction to Command Execution CSV Injection
Jamie Rougvie · 2019
1 citation(s)
REF-23 CWE
The Absurdly Underestimated Dangers of CSV Injection
George Mauer · 2017
1 citation(s)
REF-24 CWE
Comma Separated Vulnerabilities
James Kettle · 2014
1 citation(s)
REF-35 CWE
Clickjacking For Shells
Andrew Horton
1 citation(s)
REF-36 CWE
Clickjacking - OWASP
OWASP
1 citation(s)
REF-37 CWE
SecTheory
Internet Security
1 citation(s)
REF-38 CWE
Content Security Policy Level 3
W3C
1 citation(s)
REF-39 CWE
Target="_blank" - the most underestimated vulnerability ever
Alex Yumashev · 2016
1 citation(s)
REF-40 CWE
The target="_blank" vulnerability by example
Ben Halpern · 2016
1 citation(s)
REF-41 CWE
Fortify Descriptions
Fortify Software
1 citation(s)
REF-42 CWE
The Java(TM) Tutorial: The Java Native Interface
Beth Stearns · 2005
1 citation(s)
REF-43 CWE
OWASP TOP 10
OWASP · 2007
2 citation(s)
REF-44 CWE
24 Deadly Sins of Software Security
Michael Howard, David LeBlanc, John Viega · 2010
87 citation(s)
REF-45 CWE
OWASP Enterprise Security API (ESAPI) Project
OWASP
16 citation(s)
REF-46 CWE
Output Sanitization
Joshbw · 2008
1 citation(s)
REF-47 CWE
Sanitizing user data: How and where to do it
Niyaz PK · 2008
1 citation(s)
REF-48 CWE
Input validation or output filtering, which is better?
Jeremiah Grossman · 2007
2 citation(s)
REF-49 CWE
Input Validation - Not That Important
Jim Manico · 2008
1 citation(s)
REF-50 CWE
Preventing XSS with Correct Output Encoding
Michael Eddington
1 citation(s)
REF-52 CWE
Exploiting Software: How to Break Code
Greg Hoglund, Gary McGraw · 2004
1 citation(s)
REF-53 CWE
The night the log was forged
Alec Muffet
1 citation(s)
REF-56 CWE
Using the Strsafe.h Functions
Microsoft
5 citation(s)
REF-57 CWE
Safe C String Library v1.0.3
Matt Messier, John Viega
5 citation(s)
REF-58 CWE
Address Space Layout Randomization in Windows Vista
Michael Howard
9 citation(s)
REF-59 CWE
Limiting buffer overflows with ExecShield
Arjan van de Ven
4 citation(s)
REF-60 CWE
PaX
9 citation(s)
REF-61 CWE
Understanding DEP as a mitigation technology part 1
Microsoft
7 citation(s)
REF-62 CWE
The Art of Software Security Assessment
Mark Dowd, John McDonald, Justin Schuh · 2006
120 citation(s)
REF-64 CWE
Position Independent Executables (PIE)
Grant Murphy · 2012
9 citation(s)
REF-65 CWE
19 Deadly Sins of Software Security
M. Howard, D. LeBlanc, J. Viega · 2005
2 citation(s)
REF-66 CWE
ASP.NET Misconfiguration: Missing Custom Error Handling
OWASP, Fortify Software
1 citation(s)
REF-74 CWE
Top 25 Series - Rank 3 - Classic Buffer Overflow
Jason Lam · 2010
1 citation(s)
REF-76 CWE
Least Privilege
Sean Barnum, Michael Gegick · 2005
17 citation(s)
REF-90 CWE
Buffer UNDERFLOWS: What do you know about it?
· 2004
2 citation(s)
REF-96 CWE
Top 25 Series - Rank 14 - Improper Validation of Array Index
Jason Lam · 2010
1 citation(s)
REF-103 CWE
How To: Encrypt Configuration Sections in ASP.NET 2.0 Using DPAPI
Microsoft Corporation
1 citation(s)
REF-104 CWE
How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA
Microsoft Corporation
1 citation(s)
REF-105 CWE
.NET Framework Developer's Guide - Securing Connection Strings
Microsoft Corporation
1 citation(s)
REF-106 CWE
SafeInt
David LeBlanc, Niels Dekker
3 citation(s)
« 10 / 30 »