References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-282 CWE
Avoiding bogus encryption products: Snake Oil FAQ
C Matthew Curtin · 1998
1 citation(s)
REF-284 CWE
Microsoft Scraps Old Encryption in New Code
Paul F. Roberts · 2005
1 citation(s)
REF-287 CWE
Top 25 Series - Rank 24 - Use of a Broken or Risky Cryptographic Algorithm
Johannes Ullrich · 2010
1 citation(s)
REF-289 CWE
MD5 considered harmful today
Alexander Sotirov et al.
1 citation(s)
REF-291 CWE
bcrypt
Johnny Shelley
4 citation(s)
REF-292 CWE
Tarsnap - The scrypt key derivation function and encryption utility
Colin Percival
4 citation(s)
REF-293 CWE
RFC2898 - PKCS #5: Password-Based Cryptography Specification Version 2.0
B. Kaliski · 2000
4 citation(s)
REF-294 CWE
How To Safely Store A Password
Coda Hale · 2010
4 citation(s)
REF-295 CWE
How Companies Can Beef Up Password Security (interview with Thomas H. Ptacek)
Brian Krebs · 2012
4 citation(s)
REF-296 CWE
Password security: past, present, future
Solar Designer · 2012
4 citation(s)
REF-297 CWE
Our password hashing has no clothes
Troy Hunt · 2012
4 citation(s)
REF-298 CWE
Should we really use bcrypt/scrypt?
Joshbw · 2012
4 citation(s)
REF-320 CWE
Strange Attractors and TCP/IP Sequence Number Analysis
Michal Zalewski · 2001
1 citation(s)
REF-324 CWE
A Taxonomy of Security Faults in the UNIX Operating System
Taimur Aslam · 1995
2 citation(s)
REF-329 CWE
Cross-Site Request Forgeries (Re: The Dangers of Allowing Users to Post Images)
Peter W
1 citation(s)
REF-330 CWE
Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet
OWASP
1 citation(s)
REF-331 CWE
Cross-Site Request Forgeries: Exploitation and Prevention
Edward W. Felten, William Zeller · 2008
1 citation(s)
REF-332 CWE
CSRF - The Cross-Site Request Forgery (CSRF/XSRF) FAQ
Robert Auger
1 citation(s)
REF-333 CWE
Cross-site request forgery
· 2008
1 citation(s)
REF-334 CWE
Top 25 Series - Rank 4 - Cross Site Request Forgery
Jason Lam · 2010
1 citation(s)
REF-335 CWE
Preventing CSRF and XSRF Attacks
Jeff Atwood · 2008
1 citation(s)
REF-338 CWE
AOL man pleads guilty to selling 92m email addies
J. Oates · 2005
1 citation(s)
REF-339 CWE
Guide to Protecting the Confidentiality of Personally Identifiable Information (SP 800-122)
NIST · 2010
1 citation(s)
REF-340 CWE
Safe Harbor Privacy Framework
U.S. Department of Commerce
1 citation(s)
REF-341 CWE
Financial Privacy: The Gramm-Leach Bliley Act (GLBA)
Federal Trade Commission
1 citation(s)
REF-342 CWE
Health Insurance Portability and Accountability Act (HIPAA)
U.S. Department of Human Services
1 citation(s)
REF-343 CWE
California SB-1386
Government of the State of California · 2002
1 citation(s)
REF-349 CWE
volatile - Multithreaded Programmer's Best Friend
Andrei Alexandrescu · 2008
1 citation(s)
REF-350 CWE
Thread-safe webapps using Spring
Steven Devijver
1 citation(s)
REF-351 CWE
Prevent race conditions
David Wheeler · 2007
1 citation(s)
REF-352 CWE
Race Conditions, Files, and Security Flaws; or the Tortoise and the Hare Redux
Matt Bishop · 1995
1 citation(s)
REF-353 CWE
Secure Programming for Linux and Unix HOWTO
David Wheeler · 2003
1 citation(s)
REF-354 CWE
Discovering and Exploiting Named Pipe Security Flaws for Fun and Profit
Blake Watts · 2002
2 citation(s)
REF-355 CWE
On Race Vulnerabilities in Web Applications
Roberto Paleari, Davide Marrone, Danilo Bruschi, Mattia Monga
1 citation(s)
REF-356 CWE
Avoiding Race Conditions and Insecure File Operations
1 citation(s)
REF-357 CWE
Top 25 Series - Rank 25 - Race Conditions
Johannes Ullrich · 2010
1 citation(s)
REF-360 CWE
Delivering Signals for Fun and Profit
Michal Zalewski
3 citation(s)
REF-361 CWE
Race Condition: Signal Handling
3 citation(s)
REF-367 CWE
Portably Solving File TOCTTOU Races with Hardness Amplification
Dan Tsafrir, Tomer Hertz, David Wagner, Dilma Da Silva · 2008
1 citation(s)
REF-371 CWE
Handling Errors Exceptionally Well in C++
Alex Allain
1 citation(s)
REF-372 CWE
Exceptions and Exception Handling (C# Programming Guide)
Microsoft
1 citation(s)
REF-374 CWE
Does Java pass by reference or pass by value?
Tony Sintes · 2000
1 citation(s)
REF-375 CWE
Java: The Complete Reference, J2SE 5th Edition
Herbert Schildt
1 citation(s)
REF-386 CWE
Detection and Prediction of Resource-Exhaustion Vulnerabilities
Joao Antunes, Nuno Ferreira Neves, Paulo Verissimo · 2008
2 citation(s)
REF-387 CWE
Resource exhaustion
D.J. Bernstein
2 citation(s)
REF-388 CWE
Resource exhaustion
Pascal Meunier · 2004
2 citation(s)
REF-390 CWE
How to Break Software Security
J. Whittaker, H. Thompson · 2003
1 citation(s)
REF-391 CWE
Transitioning to ARC Release Notes
iOS Developer Library · 2013
2 citation(s)
REF-392 CWE
File descriptors and setuid applications
Paul Roberts · 2007
1 citation(s)
REF-393 CWE
Introduction to Secure Coding Guide
Apple
1 citation(s)
« 12 / 30 »