References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-1248 CWE
Categories of Security Vulnerabilities in ICS
Securing Energy Infrastructure Executive Task Force (SEI ETF) · 2022
2 citation(s)
REF-1249 CWE
PHPMailer < 5.2.18 Remote Code Execution [CVE-2016-10033]
Dawid Golunski · 2016
1 citation(s)
REF-1250 CWE
Pwning PHP mail() function For Fun And RCE
Dawid Golunski · 2017
1 citation(s)
REF-1251 CWE
WebSockets not Bound by SOP and CORS? Does this mean...
Drew Branch · 2018
1 citation(s)
REF-1252 CWE
How to secure your WebSocket connections
Mehul Mohan · 2018
1 citation(s)
REF-1253 CWE
Testing for WebSockets security vulnerabilities
PortSwigger
1 citation(s)
REF-1254 CWE
Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions Draft Guidance for Industry and Food and Drug Administration Staff (DRAFT GUIDANCE)
FDA · 2022
1 citation(s)
REF-1255 CWE
Semi-invasive attacks - A new approach to hardware security analysis
Sergei P. Skorobogatov · 2005
1 citation(s)
REF-1256 CWE
Cross-Site WebSocket Hijacking (CSWSH)
Vickie Li · 2019
1 citation(s)
REF-1257 CWE
Cross-Site WebSocket Hijacking (CSWSH)
Christian Schneider · 2013
1 citation(s)
REF-1258 CWE
Random early detection
Wikipedia
REF-1259 CWE
Transport Layer Security
Wikipedia
REF-1260 CWE
The Great DNS Vulnerability of 2008 by Dan Kaminsky
Thu T. Pham · 2016
REF-1261 CWE
A Software Flaw Taxonomy: Aiming Tools At Security
Sam Weber, Paul A. Karger, Amit Paradkar · 2005
REF-1262 CWE
Follow the Link: Exploiting Symbolic Links with Ease
Eran Shimony · 2019
1 citation(s)
REF-1263 CWE
A Link to the Past - Abusing Symbolic Links on Windows
James Forshaw
REF-1264 CWE
Windows 10^H^H Symbolic Link Mitigations
James Forshaw · 2015
1 citation(s)
REF-1265 CWE
Symbolic testing tools
1 citation(s)
REF-1266 CWE
Understanding and Exploiting Symbolic links in Windows - Symlink Attack EOP
Shubham Dubey · 2020
1 citation(s)
REF-1267 CWE
Abusing Arbitrary File Deletes to Escalate Privilege and Other Great Tricks
Simon Zuckerbraun · 2022
1 citation(s)
REF-1268 CWE
2022 CWE Top 25 Most Dangerous Software Weaknesses
· 2022
REF-1271 CWE
Abusing privileged file operations
Clément Lavoillotte · 2019
1 citation(s)
REF-1272 CWE
HTTP Request Splitting
Robert Auger · 2011
1 citation(s)
REF-1273 CWE
HTTP Response Smuggling
Robert Auger · 2011
1 citation(s)
REF-1274 CWE
HTTP Request Smuggling: Complete Guide to Attack Types and Prevention
Dzevad Alibegovic · 2021
1 citation(s)
REF-1275 CWE
A Pentester's Guide to HTTP Request Smuggling
Busra Demir · 2020
1 citation(s)
REF-1276 CWE
HTTP Desync Attacks in the Wild and How to Defend Against Them
Edi Kogan, Daniel Kerman · 2019
1 citation(s)
REF-1277 CWE
HTTP Desync Attacks: Request Smuggling Reborn
James Kettle · 2019
1 citation(s)
REF-1278 CWE
HTTP request smuggling
PortSwigger
1 citation(s)
REF-1279 CWE
Neutralizing Your Inputs: A Log4Shell Weakness Story
CWE/CAPEC
1 citation(s)
REF-1280 CWE
Expression Language Injection
OWASP
1 citation(s)
REF-1281 CWE
The sinking of the Sleipner A offshore platform
Douglas N. Arnold
REF-1282 CWE
Zip Slip Vulnerability
Snyk · 2018
2 citation(s)
REF-1283 CWE
OT:ICEFALL: The legacy of "insecure by design" and its implications for certifications and risk management
Forescout Vedere Labs · 2022
20 citation(s)
REF-1284 CWE
Universal "netmask" npm package, used by 270,000+ projects, vulnerable to octal input data
Sick Codes · 2021
1 citation(s)
REF-1285 CWE
Physical Security Attacks Against Silicon Devices
Texas Instruments · 2022
4 citation(s)
REF-1286 CWE
On The Susceptibility of Texas Instruments SimpleLink Platform Microcontrollers to Non-Invasive Physical Attacks
Lennert Wouters, Benedikt Gierlichs, Bart Preneel · 2022
4 citation(s)
REF-1287 CWE
Supplemental Details - 2022 CWE Top 25
MITRE · 2022
7 citation(s)
REF-1288 CWE
Ethical hacking of a Smart Automatic Feed Dispenser
Julia Lokrantz · 2021
2 citation(s)
REF-1289 CWE
Time for Password Expiration to Die
Lance Spitzner · 2021
2 citation(s)
REF-1290 CWE
Time to rethink mandatory password changes
Lorrie Cranor · 2016
2 citation(s)
REF-1291 CWE
Security Myths and Passwords
Eugene Spafford · 2006
2 citation(s)
REF-1292 CWE
Password administration for system owners
National Cyber Security Centre · 2018
2 citation(s)
REF-1293 CWE
Digital Identity Guidelines: Authentication and Lifecycle Management(SP 800-63B)
NIST · 2017
2 citation(s)
REF-1294 CWE
Let them paste passwords
National Cyber Security Centre · 2017
2 citation(s)
REF-1295 CWE
Over 80 US Municipalities' Sensitive Information, Including Resident's Personal Data, Left Vulnerable in Massive Data Breach
WizCase · 2021
2 citation(s)
REF-1296 CWE
1,000 GB of local government data exposed by Massachusetts software company
Jonathan Greig · 2021
2 citation(s)
REF-1297 CWE
AWS Foundational Security Best Practices controls
Amazon · 2022
2 citation(s)
REF-1298 CWE
Authentication and authorization in Azure App Service and Azure Functions
Microsoft · 2021
1 citation(s)
REF-1299 CWE
Azure encryption overview
Microsoft · 2022
1 citation(s)
« 16 / 21 »