References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-1458 CWE
Directory Indexing
Web Application Security Consortium · 2009
1 citation(s)
REF-1459 CWE
Directory indexing attacks
IBM · 2021
1 citation(s)
REF-1460 CWE
NT Web Technology Vulnerabilities
rain.forest.puppy · 1998
1 citation(s)
REF-1461 CWE
What's the Difference Between HTTP and HTTPS?
Amazon
1 citation(s)
REF-1462 CWE
Why is HTTP not secure? | HTTP vs. HTTPS
Cloudflare
1 citation(s)
REF-1463 CWE
Every Pipe, Every Byte: The Case for Universal Encryption
Bob Lord · 2024
1 citation(s)
REF-1464 CWE
Encrypting the Web
Electronic Frontier Foundation
1 citation(s)
REF-1465 CWE
Application Security Verification Standard 4.0.3 - Final
OWASP
1 citation(s)
REF-1466 CWE
Fixing mixed content
· 2019
1 citation(s)
REF-1467 CWE
Mixed content
Mozilla · 2025
1 citation(s)
REF-1468 CWE
OpenTitan issue: [rv_core_ibex] Bus errors on integrity check failure
GregAC · 2022
1 citation(s)
REF-1469 CWE
OpenTitan issue: [otp_ctrl] Prevent broadcast of scrambler's input/intermediate values #13043
Andres Meza · 2022
1 citation(s)
REF-1470 CWE
Security Verification of the OpenTitan Hardware Root of Trust
Andres Meza, Francesco Restuccia, Jason Oberg, Dominic Rizzo, Ryan Kastner · 2023
1 citation(s)
REF-1471 CWE
Security Verification of an Open Source Hardware Root of Trust
Jason Oberg · 2022
1 citation(s)
REF-1472 CWE
Complete reverse-engineering of AES-like block ciphers by SCARE and FIRE attacks
Christophe Clavier, Quentin Isorez, Damien Marion, Antoine Wurcker · 2014
1 citation(s)
REF-1473 CWE
Practical Reverse Engineering of Secret Sboxes by Side-Channel Analysis
Dirmanto Jap, Shivam Bhasin · 2020
1 citation(s)
REF-1474 CWE
Practical Reverse Engineering of Secret Sboxes by Side-Channel Analysis
Shivam Bhasin · 2020
REF-1475 CWE
uninitialized variable vulnerability - Problem with boolean variables that are forcibly initialized to false by the Java compiler
windshock · 2022
1 citation(s)
REF-1476 CWE
The Java Language Specification, Java SE 7 Edition
James Gosling, Bill Joy, Guy Steele, Gilad Bracha, Alex Buckley · 2013
1 citation(s)
REF-1477 CWE
Secure by Design Alert: Eliminating Buffer Overflow Vulnerabilities
Cybersecurity and Infrastructure Security Agency · 2025
4 citation(s)
REF-1478 CWE
Drive-by download
Wikipedia · 2025
1 citation(s)
REF-1479 CWE
State-of-the-Art Resources (SOAR) for Software Vulnerability Detection, Test, and Evaluation
Gregory Larsen, E. Kenneth Hong Fong, David A. Wheeler, Rama S. Moorthy · 2014
45 citation(s)
REF-1480 CWE
2025 CWE Most Important Hardware Weaknesses
MITRE · 2025
REF-1481 CWE
D3FEND: Application Layer Firewall
D3FEND
11 citation(s)
REF-1482 CWE
D3FEND: D3-TL Trusted Library
D3FEND
11 citation(s)
REF-1483 CWE
2025 CWE MIHW Suggested Use Cases
MITRE · 2025
REF-1484 CWE
D3FEND: D3-NPC Null Pointer Checking
D3FEND
2 citation(s)
REF-1485 CWE
D3FEND: D3-VI Variable Initialization
D3FEND
2 citation(s)
REF-1486 CWE
Content Security Policy Cheat Sheet
OWASP
1 citation(s)
REF-1487 CWE
We Have a Package for You! A Comprehensive Analysis of Package Hallucinations by Code Generating LLMs
Joseph Spracklen, Raveen Wijewickrama, A H M Nazmus Sakib, Anindya Maiti, Bimal Viswanath, Murtuza Jadliwala · 2025
1 citation(s)
REF-1488 CWE
Digital Identity Guidelines (SP 800-63B-4)
NIST · 2025
3 citation(s)
REF-1489 CWE
Password Guidance: Simplifying Your Approach
National Cyber Security Centre · 2015
2 citation(s)
REF-1490 CWE
Securing Cookies: Why You Should Always Set HttpOnly
Ajay Monga · 2025
1 citation(s)
REF-1491 CWE
Clickjacking
Wikipedia · 2025
1 citation(s)
REF-1492 CWE
Translucent Databases
Peter Wayner · 2002
1 citation(s)
REF-1493 CWE
Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure By Design Software
US Cybersecurity and Infrastructure Security Agency, US National Security Agency, US FBI, Australian Signals Directorate, Canadian Centre for Cyber Security, National Cyber Security Centre, OAS, NISC, CSA Singapore, CERT NZ, Norwegian Cyber Security Centre, Korea Internet & Security Agency, JPCERT/CC · 2023
2 citation(s)
REF-1494 CWE
Null Byte Attacks Explained
Cyber T · 2025
1 citation(s)
REF-1495 CWE
What Is Null Byte Injection? How It Works & Examples
Twingate · 2024
1 citation(s)
REF-1496 CWE
Insecure Direct Object Reference Prevention Cheat Sheet
OWASP · 2025
1 citation(s)
REF-1497 CWE
Insecure Direct Object Reference (IDOR)
MDN · 2025
1 citation(s)
REF-1498 CWE
Insecure Direct Object Reference
Imperva
1 citation(s)
REF-1499 CWE
2025 CWE Top 25 Most Dangerous Software Weaknesses
· 2025
REF-1500 CWE
OWASP Top 10:2025 RC1
· 2025
REF-1501 CWE
A01:2025 - Broken Access Control
OWASP · 2025
REF-1502 CWE
A02:2025 Security Misconfiguration
OWASP · 2025
REF-1503 CWE
A03:2025 - Software Supply Chain Failures
OWASP · 2025
REF-1504 CWE
A04:2025 - Cryptographic Failures
OWASP · 2025
REF-1505 CWE
A05:2025 - Injection
OWASP · 2025
REF-1506 CWE
A06:2025 - Insecure Design
OWASP · 2025
REF-1507 CWE
A07:2025 - Authentication Failures
OWASP · 2025
« 20 / 21 »