CSURFACE
THREAT SENSOR
Home
Analytics
News
About
Tools
Constellation
Libraries
CWE
CAPEC
MITRE ATT&CK
MITRE D3FEND
OWASP Top 10
Ransomware Groups
References
Support
EN
|
PT
References
Bibliographic references cited across the CWE and CAPEC catalogs
All
CWE
CAPEC
REF-480
CWE
Valgrind
5 citation(s)
REF-482
CWE
Hold Your Sessions: An Attack on Java Session-id Generation
Zvi Gutterman · 2005
1 citation(s)
REF-483
CWE
Exploitable Redirects on the Web: Identification, Prevalence, and Defense
Craig A. Shue, Andrew J. Kalafut, Minaxi Gupta
1 citation(s)
REF-484
CWE
Open redirect vulnerabilities: definition and prevention
Russ McRee · 2008
1 citation(s)
REF-485
CWE
Top 25 Series - Rank 23 - Open Redirect
Jason Lam · 2010
1 citation(s)
REF-490
CWE
The "Double-Checked Locking is Broken" Declaration
David Bacon et al
1 citation(s)
REF-491
CWE
JSR 133 (Java Memory Model) FAQ
Jeremy Manson and Brian Goetz
1 citation(s)
REF-493
CWE
Second-Order Symlink Vulnerabilities
Steve Christey · 2005
1 citation(s)
REF-494
CWE
Crafting Symlinks for Fun and Profit
Shaun Colley · 2004
1 citation(s)
REF-496
CWE
XML External Entity (XXE) Processing
OWASP
1 citation(s)
REF-497
CWE
XML External Entity Attacks (XXE)
Sascha Herzog · 2010
1 citation(s)
REF-498
CWE
XXE (Xml eXternal Entity) Attack
Gregory Steuck
1 citation(s)
REF-499
CWE
XML External Entities (XXE) Attack
WASC
1 citation(s)
REF-500
CWE
XML Denial of Service Attacks and Defenses
Bryan Sullivan · 2009
2 citation(s)
REF-501
CWE
Preventing XXE in PHP
Chris Cornutt
1 citation(s)
REF-502
CWE
A Study in Scarlet - section 5, "File Upload"
Shaun Clowes
1 citation(s)
REF-503
CWE
Developing Secure ActiveX Controls
Microsoft · 2005
3 citation(s)
REF-505
CWE
The Oracle Hacker's Handbook
David Litchfield
1 citation(s)
REF-506
CWE
Cursor Injection
David Litchfield
1 citation(s)
REF-510
CWE
How to stop an ActiveX control from running in Internet Explorer
Microsoft
2 citation(s)
REF-514
CWE
Perl CGI problems
Rain Forest Puppy · 1999
2 citation(s)
REF-515
CWE
0x00 vs ASP file upload scripts
Brett Moore
1 citation(s)
REF-516
CWE
ShAnKaR: multiple PHP application poison NULL byte vulnerability
ShAnKaR
2 citation(s)
REF-517
CWE
Dynamic Evaluation Vulnerabilities in PHP applications
Steve Christey · 2006
1 citation(s)
REF-518
CWE
A Study In Scarlet: Exploiting Common Vulnerabilities in PHP Applications
Shaun Clowes
1 citation(s)
REF-522
CWE
Failing Securely
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-524
CWE
Economy of Mechanism
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-526
CWE
Complete Mediation
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-528
CWE
Top 10 2007-Insecure Direct Object Reference
OWASP · 2007
1 citation(s)
REF-529
CWE
HMAC
· 2011
2 citation(s)
REF-531
CWE
XPath Injection
Web Application Security Consortium
1 citation(s)
REF-535
CWE
Separation of Privilege
Sean Barnum, Michael Gegick · 2005
2 citation(s)
REF-539
CWE
Psychological Acceptability
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-540
CWE
Usability of Security: A Case Study
J. D. Tygar, Alma Whitten · 1998
1 citation(s)
REF-542
CWE
RFC: 793, TRANSMISSION CONTROL PROTOCOL
Jon Postel, Editor · 1981
2 citation(s)
REF-544
CWE
Never Assuming that Your Secrets Are Safe
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-546
CWE
Design Principles
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-547
CWE
Java Concurrency API
SUN
1 citation(s)
REF-548
CWE
Use reentrant functions for safer signal handling
Dipak Jha, Software Engineer, IBM
1 citation(s)
REF-554
CWE
Security Development Lifecycle (SDL) Banned Function Calls
Michael Howard · 2011
3 citation(s)
REF-562
CWE
Windows NTFS Alternate Data Streams
Don Parker · 2005
1 citation(s)
REF-565
CWE
Fear the EAR: Discovering and Mitigating Execution After Redirect Vulnerabilities
Adam Doupé, Bryce Boe, Christopher Kruegel, Giovanni Vigna
1 citation(s)
REF-567
CWE
A Taxonomy of Security Faults in the UNIX Operating System
Taimur Aslam · 1995
1 citation(s)
REF-568
CWE
Use of A Taxonomy of Security Faults
Taimur Aslam, Ivan Krsul, Eugene H. Spafford · 1995
2 citation(s)
REF-570
CWE
Top 10 2004
· 2004
REF-571
CWE
About the PCI Data Security Standard (PCI DSS)
PCI Security Standards Council
REF-572
CWE
Top 10 2007-Cross Site Scripting
OWASP · 2007
REF-574
CWE
Top 10 2007-Cross Site Request Forgery
OWASP · 2007
REF-575
CWE
Top 10 2007-Information Leakage and Improper Error Handling
OWASP · 2007
REF-577
CWE
Top 10 2007-Insecure Cryptographic Storage
OWASP · 2007
«
5 / 21
»