CSURFACE
THREAT SENSOR
Home
Analytics
News
About
Tools
Constellation
Libraries
CWE
CAPEC
MITRE ATT&CK
MITRE D3FEND
OWASP Top 10
Ransomware Groups
References
Support
EN
|
PT
References
Bibliographic references cited across the CWE and CAPEC catalogs
All
CWE
CAPEC
REF-1258
CWE
Random early detection
Wikipedia
REF-1259
CWE
Transport Layer Security
Wikipedia
REF-1260
CWE
The Great DNS Vulnerability of 2008 by Dan Kaminsky
Thu T. Pham · 2016
REF-1261
CWE
A Software Flaw Taxonomy: Aiming Tools At Security
Sam Weber, Paul A. Karger, Amit Paradkar · 2005
REF-1262
CWE
Follow the Link: Exploiting Symbolic Links with Ease
Eran Shimony · 2019
1 citation(s)
REF-1263
CWE
A Link to the Past - Abusing Symbolic Links on Windows
James Forshaw
REF-1264
CWE
Windows 10^H^H Symbolic Link Mitigations
James Forshaw · 2015
1 citation(s)
REF-1265
CWE
Symbolic testing tools
1 citation(s)
REF-1266
CWE
Understanding and Exploiting Symbolic links in Windows - Symlink Attack EOP
Shubham Dubey · 2020
1 citation(s)
REF-1267
CWE
Abusing Arbitrary File Deletes to Escalate Privilege and Other Great Tricks
Simon Zuckerbraun · 2022
1 citation(s)
REF-1268
CWE
2022 CWE Top 25 Most Dangerous Software Weaknesses
· 2022
REF-1271
CWE
Abusing privileged file operations
Clément Lavoillotte · 2019
1 citation(s)
REF-1272
CWE
HTTP Request Splitting
Robert Auger · 2011
1 citation(s)
REF-1273
CWE
HTTP Response Smuggling
Robert Auger · 2011
1 citation(s)
REF-1274
CWE
HTTP Request Smuggling: Complete Guide to Attack Types and Prevention
Dzevad Alibegovic · 2021
1 citation(s)
REF-1275
CWE
A Pentester's Guide to HTTP Request Smuggling
Busra Demir · 2020
1 citation(s)
REF-1276
CWE
HTTP Desync Attacks in the Wild and How to Defend Against Them
Edi Kogan, Daniel Kerman · 2019
1 citation(s)
REF-1277
CWE
HTTP Desync Attacks: Request Smuggling Reborn
James Kettle · 2019
1 citation(s)
REF-1278
CWE
HTTP request smuggling
PortSwigger
1 citation(s)
REF-1279
CWE
Neutralizing Your Inputs: A Log4Shell Weakness Story
CWE/CAPEC
1 citation(s)
REF-1280
CWE
Expression Language Injection
OWASP
1 citation(s)
REF-1281
CWE
The sinking of the Sleipner A offshore platform
Douglas N. Arnold
REF-1282
CWE
Zip Slip Vulnerability
Snyk · 2018
2 citation(s)
REF-1283
CWE
OT:ICEFALL: The legacy of "insecure by design" and its implications for certifications and risk management
Forescout Vedere Labs · 2022
20 citation(s)
REF-1284
CWE
Universal "netmask" npm package, used by 270,000+ projects, vulnerable to octal input data
Sick Codes · 2021
1 citation(s)
REF-1285
CWE
Physical Security Attacks Against Silicon Devices
Texas Instruments · 2022
4 citation(s)
REF-1286
CWE
On The Susceptibility of Texas Instruments SimpleLink Platform Microcontrollers to Non-Invasive Physical Attacks
Lennert Wouters, Benedikt Gierlichs, Bart Preneel · 2022
4 citation(s)
REF-1287
CWE
Supplemental Details - 2022 CWE Top 25
MITRE · 2022
7 citation(s)
REF-1288
CWE
Ethical hacking of a Smart Automatic Feed Dispenser
Julia Lokrantz · 2021
2 citation(s)
REF-1289
CWE
Time for Password Expiration to Die
Lance Spitzner · 2021
2 citation(s)
REF-1290
CWE
Time to rethink mandatory password changes
Lorrie Cranor · 2016
2 citation(s)
REF-1291
CWE
Security Myths and Passwords
Eugene Spafford · 2006
2 citation(s)
REF-1292
CWE
Password administration for system owners
National Cyber Security Centre · 2018
2 citation(s)
REF-1293
CWE
Digital Identity Guidelines: Authentication and Lifecycle Management(SP 800-63B)
NIST · 2017
2 citation(s)
REF-1294
CWE
Let them paste passwords
National Cyber Security Centre · 2017
2 citation(s)
REF-1295
CWE
Over 80 US Municipalities' Sensitive Information, Including Resident's Personal Data, Left Vulnerable in Massive Data Breach
WizCase · 2021
2 citation(s)
REF-1296
CWE
1,000 GB of local government data exposed by Massachusetts software company
Jonathan Greig · 2021
2 citation(s)
REF-1297
CWE
AWS Foundational Security Best Practices controls
Amazon · 2022
2 citation(s)
REF-1298
CWE
Authentication and authorization in Azure App Service and Azure Functions
Microsoft · 2021
1 citation(s)
REF-1299
CWE
Azure encryption overview
Microsoft · 2022
1 citation(s)
1300
CWE
The Developer's Guide to Azure
Microsoft · 2021
REF-1301
CWE
Default encryption at rest
Google Cloud · 2022
1 citation(s)
REF-1302
CWE
Authentication and authorization use cases
Google Cloud · 2022
1 citation(s)
REF-1303
CWE
Researchers Out Default Passwords Packaged With ICS/SCADA Wares
Kelly Jackson Higgins · 2016
2 citation(s)
REF-1304
CWE
ICS Alert (ICS-ALERT-13-164-01): Medical Devices Hard-Coded Passwords
ICS-CERT · 2013
3 citation(s)
REF-1305
CWE
Discussion Thread: Time to retire CWE-262 and CWE-263
Kurt Seifried and other members of the CWE-Research mailing list · 2021
2 citation(s)
REF-1306
CWE
Remediate anonymous public read access to blob data (Azure Resource Manager deployments)
Microsoft · 2022
REF-1307
CWE
CIS Microsoft Azure Foundations Benchmark version 1.5.0
Center for Internet Security · 2022
5 citation(s)
REF-1308
CWE
Enable and manage Azure Storage Analytics logs (classic)
Microsoft · 2023
1 citation(s)
REF-1309
CWE
Require secure transfer to ensure secure connections
Microsoft · 2022
1 citation(s)
«
25 / 30
»