CSURFACE
THREAT SENSOR
Home
Analytics
News
About
Tools
Constellation
Libraries
CWE
CAPEC
MITRE ATT&CK
MITRE D3FEND
OWASP Top 10
Ransomware Groups
References
Support
EN
|
PT
References
Bibliographic references cited across the CWE and CAPEC catalogs
All
CWE
CAPEC
REF-1248
CWE
Categories of Security Vulnerabilities in ICS
Securing Energy Infrastructure Executive Task Force (SEI ETF) · 2022
2 citation(s)
REF-1249
CWE
PHPMailer < 5.2.18 Remote Code Execution [CVE-2016-10033]
Dawid Golunski · 2016
1 citation(s)
REF-1250
CWE
Pwning PHP mail() function For Fun And RCE
Dawid Golunski · 2017
1 citation(s)
REF-1251
CWE
WebSockets not Bound by SOP and CORS? Does this mean...
Drew Branch · 2018
1 citation(s)
REF-1252
CWE
How to secure your WebSocket connections
Mehul Mohan · 2018
1 citation(s)
REF-1253
CWE
Testing for WebSockets security vulnerabilities
PortSwigger
1 citation(s)
REF-1254
CWE
Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions Draft Guidance for Industry and Food and Drug Administration Staff (DRAFT GUIDANCE)
FDA · 2022
1 citation(s)
REF-1255
CWE
Semi-invasive attacks - A new approach to hardware security analysis
Sergei P. Skorobogatov · 2005
1 citation(s)
REF-1256
CWE
Cross-Site WebSocket Hijacking (CSWSH)
Vickie Li · 2019
1 citation(s)
REF-1257
CWE
Cross-Site WebSocket Hijacking (CSWSH)
Christian Schneider · 2013
1 citation(s)
REF-1258
CWE
Random early detection
Wikipedia
REF-1259
CWE
Transport Layer Security
Wikipedia
REF-1260
CWE
The Great DNS Vulnerability of 2008 by Dan Kaminsky
Thu T. Pham · 2016
REF-1261
CWE
A Software Flaw Taxonomy: Aiming Tools At Security
Sam Weber, Paul A. Karger, Amit Paradkar · 2005
REF-1262
CWE
Follow the Link: Exploiting Symbolic Links with Ease
Eran Shimony · 2019
1 citation(s)
REF-1263
CWE
A Link to the Past - Abusing Symbolic Links on Windows
James Forshaw
REF-1264
CWE
Windows 10^H^H Symbolic Link Mitigations
James Forshaw · 2015
1 citation(s)
REF-1265
CWE
Symbolic testing tools
1 citation(s)
REF-1266
CWE
Understanding and Exploiting Symbolic links in Windows - Symlink Attack EOP
Shubham Dubey · 2020
1 citation(s)
REF-1267
CWE
Abusing Arbitrary File Deletes to Escalate Privilege and Other Great Tricks
Simon Zuckerbraun · 2022
1 citation(s)
REF-1268
CWE
2022 CWE Top 25 Most Dangerous Software Weaknesses
· 2022
REF-1271
CWE
Abusing privileged file operations
Clément Lavoillotte · 2019
1 citation(s)
REF-1272
CWE
HTTP Request Splitting
Robert Auger · 2011
1 citation(s)
REF-1273
CWE
HTTP Response Smuggling
Robert Auger · 2011
1 citation(s)
REF-1274
CWE
HTTP Request Smuggling: Complete Guide to Attack Types and Prevention
Dzevad Alibegovic · 2021
1 citation(s)
REF-1275
CWE
A Pentester's Guide to HTTP Request Smuggling
Busra Demir · 2020
1 citation(s)
REF-1276
CWE
HTTP Desync Attacks in the Wild and How to Defend Against Them
Edi Kogan, Daniel Kerman · 2019
1 citation(s)
REF-1277
CWE
HTTP Desync Attacks: Request Smuggling Reborn
James Kettle · 2019
1 citation(s)
REF-1278
CWE
HTTP request smuggling
PortSwigger
1 citation(s)
REF-1279
CWE
Neutralizing Your Inputs: A Log4Shell Weakness Story
CWE/CAPEC
1 citation(s)
REF-1280
CWE
Expression Language Injection
OWASP
1 citation(s)
REF-1281
CWE
The sinking of the Sleipner A offshore platform
Douglas N. Arnold
REF-1282
CWE
Zip Slip Vulnerability
Snyk · 2018
2 citation(s)
REF-1283
CWE
OT:ICEFALL: The legacy of "insecure by design" and its implications for certifications and risk management
Forescout Vedere Labs · 2022
20 citation(s)
REF-1284
CWE
Universal "netmask" npm package, used by 270,000+ projects, vulnerable to octal input data
Sick Codes · 2021
1 citation(s)
REF-1285
CWE
Physical Security Attacks Against Silicon Devices
Texas Instruments · 2022
4 citation(s)
REF-1286
CWE
On The Susceptibility of Texas Instruments SimpleLink Platform Microcontrollers to Non-Invasive Physical Attacks
Lennert Wouters, Benedikt Gierlichs, Bart Preneel · 2022
4 citation(s)
REF-1287
CWE
Supplemental Details - 2022 CWE Top 25
MITRE · 2022
7 citation(s)
REF-1288
CWE
Ethical hacking of a Smart Automatic Feed Dispenser
Julia Lokrantz · 2021
2 citation(s)
REF-1289
CWE
Time for Password Expiration to Die
Lance Spitzner · 2021
2 citation(s)
REF-1290
CWE
Time to rethink mandatory password changes
Lorrie Cranor · 2016
2 citation(s)
REF-1291
CWE
Security Myths and Passwords
Eugene Spafford · 2006
2 citation(s)
REF-1292
CWE
Password administration for system owners
National Cyber Security Centre · 2018
2 citation(s)
REF-1293
CWE
Digital Identity Guidelines: Authentication and Lifecycle Management(SP 800-63B)
NIST · 2017
2 citation(s)
REF-1294
CWE
Let them paste passwords
National Cyber Security Centre · 2017
2 citation(s)
REF-1295
CWE
Over 80 US Municipalities' Sensitive Information, Including Resident's Personal Data, Left Vulnerable in Massive Data Breach
WizCase · 2021
2 citation(s)
REF-1296
CWE
1,000 GB of local government data exposed by Massachusetts software company
Jonathan Greig · 2021
2 citation(s)
REF-1297
CWE
AWS Foundational Security Best Practices controls
Amazon · 2022
2 citation(s)
REF-1298
CWE
Authentication and authorization in Azure App Service and Azure Functions
Microsoft · 2021
1 citation(s)
REF-1299
CWE
Azure encryption overview
Microsoft · 2022
1 citation(s)
«
16 / 21
»