References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-1401 CWE
Hardware Security Leak Detection by Symbolic Simulation
Neta Bar Kama, Roope Kaivola · 2021
2 citation(s)
REF-1402 CWE
aes0_wrapper.sv
· 2021
1 citation(s)
REF-1403 CWE
Fix for aes0_wrapper
· 2023
1 citation(s)
REF-1404 CWE
Page Table Isolation (PTI)
The kernel development community · 2023
1 citation(s)
REF-1405 CWE
RIDL: Rogue In-Flight Data Load
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Giorgi Maisuradze, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida · 2019
1 citation(s)
REF-1406 CWE
Downfall: Exploiting Speculative Data Gathering
Daniel Moghimi · 2023
1 citation(s)
REF-1408 CWE
Meltdown: Reading Kernel Memory from User Space
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, Mike Hamburg · 2020
1 citation(s)
REF-1409 CWE
Microarchitectural Data Sampling
Intel Corporation · 2021
1 citation(s)
REF-1410 CWE
Cache Speculation Side-channels
ARM · 2018
1 citation(s)
REF-1411 CWE
Rogue System Register Read/CVE-2018-3640/INTEL-SA-00115
Intel Corporation · 2018
1 citation(s)
REF-1414 CWE
Retpoline: A Branch Target Injection Mitigation
Intel Corporation · 2022
2 citation(s)
REF-1415 CWE
Spectre Attacks: Exploiting Speculative Execution
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom · 2019
2 citation(s)
REF-1416 CWE
Flush+Reload: A High Resolution, Low Noise, L3 Cache Side-Channel Attack
Yuval Yarom, Katrina Falkner · 2014
1 citation(s)
REF-1417 CWE
InvisiSpec: making speculative execution invisible in the cache hierarchy.
Mengjia Yan, Jiho Choi, Dimitrios Skarlatos, Adam Morrison, Christopher W. Fletcher, Josep Torrella · 2019
2 citation(s)
REF-1418 CWE
Port Contention for Fun and Profit
Alejandro Cabrera Aldaya, Billy Bob Brumley, Sohaib ul Hassan, Cesar Pereida García, Nicola Tuveri · 2019
2 citation(s)
REF-1419 CWE
Speculative Interference Attacks: Breaking Invisible Speculation Schemes
Mohammad Behnia, Prateek Sahu, Riccardo Paccagnella, Jiyong Yu, Zirui Zhao, Xiang Zou, Thomas Unterluggauer, Josep Torrellas, Carlos Rozas, Adam Morrison, Frank Mckeen, Fangfei Liu, Ron Gabor, Christopher W. Fletcher, Abhishek Basak, Alaa Alameldeen · 2021
2 citation(s)
REF-1420 CWE
Spectre is here to stay: An analysis of side-channels and speculative execution
Ross Mcilroy, Jaroslav Sevcik, Tobias Tebbi, Ben L. Titzer, Toon Verwaest · 2019
2 citation(s)
REF-1421 CWE
Managed Runtime Speculative Execution Side Channel Mitigations
Intel Corporation · 2018
1 citation(s)
REF-1425 CWE
Speculative Load Hardening
Chandler Carruth
1 citation(s)
REF-1427 CWE
Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks
Hany Ragab, Enrico Barberis, Herbert Bos, Cristiano Giuffrida · 2021
1 citation(s)
REF-1428 CWE
Hide and Seek with Spectres: Efficient discovery of speculative information leaks with random testing
Oleksii Oleksenko, Marco Guarnieri, Boris Köpf, Mark Silberstein · 2023
1 citation(s)
REF-1429 CWE
SpecFuzz: Bringing Spectre-type vulnerabilities to the surface
Oleksii Oleksenko, Bohdan Trach, Mark Silberstein, Christof Fetzer · 2020
1 citation(s)
REF-1430 CWE
Medusa: Microarchitectural: Data Leakage via Automated Attack Synthesis
Daniel Moghimi, Moritz Lipp, Berk Sunar, Michael Schwarz · 2020
1 citation(s)
REF-1431 CWE
A Taxonomy of Computer Program Security Flaws, with Examples
Carl E. Landwehr, Alan R. Bull, John P. McDermott, William S. Choi · 1993
9 citation(s)
REF-1432 CWE
reglk_wrapper.sv
· 2021
1 citation(s)
REF-1433 CWE
Bad Code reglk_wrapper.sv
· 2021
1 citation(s)
REF-1434 CWE
Good Code reglk_wrapper.sv
· 2021
1 citation(s)
REF-1435 CWE
Bad Code aes1_wrapper.sv
· 2021
1 citation(s)
REF-1436 CWE
Good Code aes1_wrapper.sv
· 2021
1 citation(s)
REF-1437 CWE
acct_wrapper.sv
· 2021
2 citation(s)
REF-1438 CWE
Bad Code acct_wrapper.sv
· 2021
2 citation(s)
REF-1439 CWE
Good Code acct_wrapper.sv
· 2021
2 citation(s)
REF-1440 CWE
Integer overflow
· 2024
1 citation(s)
REF-1441 CWE
LLM02: Insecure Output Handling
OWASP · 2024
1 citation(s)
REF-1442 CWE
Validating Outputs
Cohere, Guardrails AI · 2023
1 citation(s)
REF-1443 CWE
NeMo Guardrails: A Toolkit for Controllable and Safe LLM Applications with Programmable Rails
Traian Rebedea, Razvan Dinu, Makesh Sreedhar, Christopher Parisien, Jonathan Cohen · 2023
1 citation(s)
REF-1444 CWE
Insecure output handling in LLMs
Snyk
1 citation(s)
REF-1445 CWE
Building Guardrails for Large Language Models
Yi Dong, Ronghui Mu, Gaojie Jin, Yi Qi, Jinwei Hu, Xingyu Zhao, Jie Meng, Wenjie Ruan, Xiaowei Huang · 2024
1 citation(s)
REF-1446 CWE
Secure by Design Alert: How Manufacturers Can Protect Customers by Eliminating Default Passwords
Cybersecurity and Infrastructure Security Agency · 2023
1 citation(s)
REF-1447 CWE
Secure by Design Alert: Eliminating SQL Injection Vulnerabilities in Software
Cybersecurity and Infrastructure Security Agency · 2024
1 citation(s)
REF-1448 CWE
Secure by Design Alert: Eliminating Directory Traversal Vulnerabilities in Software
Cybersecurity and Infrastructure Security Agency · 2024
3 citation(s)
REF-1449 CWE
Secure by Design Alert: Eliminating OS Command Injection Vulnerabilities
Cybersecurity and Infrastructure Security Agency · 2024
1 citation(s)
REF-1450 CWE
OWASP Top 10 for Large Language Model Applications - LLM01
OWASP · 2023
1 citation(s)
REF-1451 CWE
IBM - What is a prompt injection attack?
Matthew Kosinski, Amber Forrest · 2024
1 citation(s)
REF-1452 CWE
Not what you've signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection
Kai Greshake, Sahar Abdelnabi, Shailesh Mishra, Christoph Endres, Thorsten Holz, Mario Fritz · 2023
1 citation(s)
REF-1453 CWE
2024 CWE Top 25 Most Dangerous Software Weaknesses
· 2024
REF-1454 CWE
NoSQL injection
PortSwigger
1 citation(s)
REF-1455 CWE
A Pentester's Guide to NoSQL Injection
The SecOps Group · 2023
1 citation(s)
REF-1456 CWE
CRLF Injection
Imperva
1 citation(s)
REF-1457 CWE
CRLF injection
R00tendo · 2024
1 citation(s)
« 19 / 21 »