CSURFACE
THREAT SENSOR
Home
Analytics
News
About
Tools
Constellation
Libraries
CWE
CAPEC
MITRE ATT&CK
MITRE D3FEND
OWASP Top 10
Ransomware Groups
References
Support
EN
|
PT
References
Bibliographic references cited across the CWE and CAPEC catalogs
All
CWE
CAPEC
REF-65
CWE
19 Deadly Sins of Software Security
M. Howard, D. LeBlanc, J. Viega · 2005
2 citation(s)
REF-66
CWE
ASP.NET Misconfiguration: Missing Custom Error Handling
OWASP, Fortify Software
1 citation(s)
REF-74
CWE
Top 25 Series - Rank 3 - Classic Buffer Overflow
Jason Lam · 2010
1 citation(s)
REF-76
CWE
Least Privilege
Sean Barnum, Michael Gegick · 2005
17 citation(s)
REF-90
CWE
Buffer UNDERFLOWS: What do you know about it?
· 2004
2 citation(s)
REF-96
CWE
Top 25 Series - Rank 14 - Improper Validation of Array Index
Jason Lam · 2010
1 citation(s)
REF-103
CWE
How To: Encrypt Configuration Sections in ASP.NET 2.0 Using DPAPI
Microsoft Corporation
1 citation(s)
REF-104
CWE
How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA
Microsoft Corporation
1 citation(s)
REF-105
CWE
.NET Framework Developer's Guide - Securing Connection Strings
Microsoft Corporation
1 citation(s)
REF-106
CWE
SafeInt
David LeBlanc, Niels Dekker
3 citation(s)
REF-107
CWE
Top 25 Series - Rank 18 - Incorrect Calculation of Buffer Size
Jason Lam · 2010
1 citation(s)
REF-116
CWE
Format String Vulnerabilities in Perl Programs
Steve Christey
1 citation(s)
REF-117
CWE
Programming Language Format String Vulnerabilities
Hal Burch, Robert C. Seacord
1 citation(s)
REF-118
CWE
Format String Attacks
Tim Newsham · 2000
1 citation(s)
REF-124
CWE
When scrubbing secrets in memory doesn't work
Michael Howard · 2002
1 citation(s)
REF-125
CWE
Some Bad News and Some Good News
Michael Howard · 2002
1 citation(s)
REF-126
CWE
GNU GCC: Optimizer Removes Code Necessary for Security
Joseph Wagner · 2002
1 citation(s)
REF-140
CWE
Exploiting Software: How to Break Code
Greg Hoglund, Gary McGraw · 2004
4 citation(s)
REF-141
CWE
Blacklist defenses as a breeding ground for vulnerability variants
Steve Christey · 2006
1 citation(s)
REF-145
CWE
An overview of common programming security vulnerabilities and possible solutions
Yves Younan · 2003
1 citation(s)
REF-146
CWE
Basic Integer Overflows
blexim · 2002
1 citation(s)
REF-150
CWE
Top 25 Series - Rank 17 - Integer Overflow Or Wraparound
Johannes Ullrich · 2010
1 citation(s)
REF-155
CWE
Third Generation Exploits
Halvar Flake
1 citation(s)
REF-156
CWE
Off-by-one errors: a brief explanation
Steve Christey · 2004
1 citation(s)
REF-157
CWE
The Frame Pointer Overwrite
klog · 1999
1 citation(s)
REF-161
CWE
C Language Issues for Application Security
John McDonald, Mark Dowd, Justin Schuh · 2008
1 citation(s)
REF-162
CWE
Integral Security
Robert Seacord · 2006
1 citation(s)
REF-166
CWE
Input Validation with ESAPI - Very Important
Jim Manico · 2008
1 citation(s)
REF-168
CWE
Hacking Exposed Web Applications, Second Edition
Joel Scambray, Mike Shema, Caleb Sima · 2006
1 citation(s)
REF-170
CWE
The importance of input validation
Kevin Beaver · 2006
1 citation(s)
REF-172
CWE
Mobile App Top 10 List
Chris Wysopal · 2010
6 citation(s)
REF-174
CWE
Information Leakage
Web Application Security Consortium
1 citation(s)
REF-175
CWE
Secure Programming with Static Analysis
Brian Chess, Jacob West · 2007
1 citation(s)
REF-176
CWE
Writing Secure Code
Michael Howard, David LeBlanc · 2001
2 citation(s)
REF-179
CWE
Top 25 Series - Rank 16 - Information Exposure Through an Error Message
Johannes Ullrich · 2010
1 citation(s)
REF-185
CWE
Testing for Path Traversal (OWASP-AZ-001)
OWASP
2 citation(s)
REF-186
CWE
Top 25 Series - Rank 7 - Path Traversal
Johannes Ullrich · 2010
1 citation(s)
REF-192
CWE
OWASP Attack listing
OWASP
1 citation(s)
REF-194
CWE
Herb Schildt's C++ Programming Cookbook
Herbert Schildt · 2008
1 citation(s)
REF-196
CWE
The Protection of Information in Computer Systems
Jerome H. Saltzer, Michael D. Schroeder · 1975
9 citation(s)
REF-199
CWE
United States Government Configuration Baseline (USGCB)
NIST
2 citation(s)
REF-207
CWE
Building Secure Software: How to Avoid Security Problems the Right Way
John Viega, Gary McGraw · 2002
8 citation(s)
REF-229
CWE
Role Based Access Control and Role Based Security
NIST
3 citation(s)
REF-231
CWE
Top 25 Series - Rank 5 - Improper Access Control (Authorization)
Frank Kim · 2010
3 citation(s)
REF-233
CWE
Authentication using JAAS
Rahul Bhattacharjee
3 citation(s)
REF-236
CWE
Weak Password Brings 'Happiness' to Twitter Hacker
Kim Zetter · 2009
2 citation(s)
REF-237
CWE
Top 10 2007-Broken Authentication and Session Management
OWASP · 2007
1 citation(s)
REF-238
CWE
Guide to Authentication
OWASP
1 citation(s)
REF-239
CWE
Authentication
Microsoft
1 citation(s)
REF-243
CWE
Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security
Sascha Fahl, Marian Harbach, Thomas Muders, Matthew Smith, Lars Baumgärtner, Bernd Freisleben · 2012
2 citation(s)
«
2 / 21
»