CSURFACE
THREAT SENSOR
Home
Analytics
News
About
Tools
Constellation
Libraries
CWE
CAPEC
MITRE ATT&CK
MITRE D3FEND
OWASP Top 10
Ransomware Groups
References
Support
EN
|
PT
References
Bibliographic references cited across the CWE and CAPEC catalogs
All
CWE
CAPEC
REF-372
CWE
Exceptions and Exception Handling (C# Programming Guide)
Microsoft
1 citation(s)
REF-374
CWE
Does Java pass by reference or pass by value?
Tony Sintes · 2000
1 citation(s)
REF-375
CWE
Java: The Complete Reference, J2SE 5th Edition
Herbert Schildt
1 citation(s)
REF-386
CWE
Detection and Prediction of Resource-Exhaustion Vulnerabilities
Joao Antunes, Nuno Ferreira Neves, Paulo Verissimo · 2008
2 citation(s)
REF-387
CWE
Resource exhaustion
D.J. Bernstein
2 citation(s)
REF-388
CWE
Resource exhaustion
Pascal Meunier · 2004
2 citation(s)
REF-390
CWE
How to Break Software Security
J. Whittaker, H. Thompson · 2003
1 citation(s)
REF-391
CWE
Transitioning to ARC Release Notes
iOS Developer Library · 2013
2 citation(s)
REF-392
CWE
File descriptors and setuid applications
Paul Roberts · 2007
1 citation(s)
REF-393
CWE
Introduction to Secure Coding Guide
Apple
1 citation(s)
REF-395
CWE
Algorithmic Complexity Attacks
Scott A. Crosby, Dan S. Wallach · 2003
1 citation(s)
REF-402
CWE
Exploiting design flaws in the Win32 API for privilege escalation. Or... Shatter Attacks - How to break Windows
Paget · 2002
1 citation(s)
REF-409
CWE
Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases
Georgi Guninski · 2000
1 citation(s)
REF-410
CWE
ACROS Security: Remote Binary Planting in Apple iTunes for Windows (ASPR #2010-08-18-1)
Mitja Kolsek · 2010
1 citation(s)
REF-411
CWE
Automatic Detection of Vulnerable Dynamic Component Loadings
Taeho Kwon, Zhendong Su
1 citation(s)
REF-412
CWE
Dynamic-Link Library Search Order
· 2010
1 citation(s)
REF-413
CWE
Dynamic-Link Library Security
· 2010
1 citation(s)
REF-414
CWE
An update on the DLL-preloading remote attack vector
· 2010
1 citation(s)
REF-415
CWE
Insecure Library Loading Could Allow Remote Code Execution
· 2010
1 citation(s)
REF-416
CWE
Application DLL Load Hijacking
H D Moore · 2010
1 citation(s)
REF-417
CWE
DLL Hijacking: Facts and Fiction
Oliver Lavery · 2010
1 citation(s)
REF-422
CWE
Dynamic File Uploads, Security and You
Richard Stanway (r1CH)
1 citation(s)
REF-423
CWE
8 Basic Rules to Implement Secure File Uploads
Johannes Ullrich · 2009
1 citation(s)
REF-424
CWE
Top 25 Series - Rank 8 - Unrestricted Upload of Dangerous File Type
Johannes Ullrich · 2010
1 citation(s)
REF-427
CWE
On Interpretation Conflict Vulnerabilities
Steve Christey · 2005
1 citation(s)
REF-428
CWE
Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection
Thomas H. Ptacek, Timothy N. Newsham · 1998
2 citation(s)
REF-429
CWE
0x00 vs ASP file upload scripts
Brett Moore · 2004
1 citation(s)
REF-431
CWE
Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding
David F. Skoll · 2004
1 citation(s)
REF-432
CWE
The Confused Deputy (or why capabilities might have been invented)
Norm Hardy · 1988
1 citation(s)
REF-433
CWE
HTTP Request Smuggling
Chaim Linhart, Amit Klein, Ronen Heled, Steve Orrin
1 citation(s)
REF-434
CWE
Secure Programming for Linux and Unix HOWTO
David Wheeler · 2003
1 citation(s)
REF-436
CWE
Exploiting Uninitialized Data
mercy · 2006
3 citation(s)
REF-437
CWE
MS08-014 : The Case of the Uninitialized Stack Variable Vulnerability
Microsoft Security Vulnerability Research & Defense · 2008
2 citation(s)
REF-442
CWE
EXP01-A. Do not take the sizeof a pointer to determine the size of a type
Robert Seacord
1 citation(s)
REF-453
CWE
OWASP , Attack Category : Mobile code: object hijack
OWASP
1 citation(s)
REF-454
CWE
Introduction to Code Signing
Microsoft
1 citation(s)
REF-455
CWE
Authenticode
Microsoft
1 citation(s)
REF-456
CWE
Code Signing Guide
Apple · 2008
1 citation(s)
REF-457
CWE
Secure Software Updates: Disappointments and New Challenges
Anthony Bellissimo, John Burgess, Kevin Fu
1 citation(s)
REF-459
CWE
Top 25 Series - Rank 20 - Download of Code Without Integrity Check
Johannes Ullrich · 2010
1 citation(s)
REF-461
CWE
Exploiting Deserialization Vulnerabilities in Java
Matthias Kaiser · 2015
1 citation(s)
REF-462
CWE
PHP unserialization vulnerabilities: What are we missing?
Sam Thomas · 2015
1 citation(s)
REF-463
CWE
Marshalling Pickles: How deserializing objects can ruin your day
Gabriel Lawrence, Chris Frohoff · 2015
1 citation(s)
REF-464
CWE
Unserializing user-supplied data, a bad idea
Heine Deelstra · 2010
2 citation(s)
REF-465
CWE
Black Hat EU 2010 - Attacking Java Serialized Communication
Manish S. Saindane · 2010
1 citation(s)
REF-466
CWE
Why Python Pickle is Insecure
Nadia Alramli · 2009
2 citation(s)
REF-467
CWE
Exploiting misuse of Python's "pickle"
Nelson Elhage · 2011
1 citation(s)
REF-468
CWE
Deserialize My Shorts: Or How I Learned to Start Worrying and Hate Java Object Deserialization
Chris Frohoff · 2016
1 citation(s)
REF-474
CWE
Thread-Specifc Storage for C/C++
Douglas C. Schmidt, Timothy H. Harrison, Nat Pryce
1 citation(s)
REF-478
CWE
Intrinsic Locks and Synchronization (in Java)
1 citation(s)
«
4 / 21
»