References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-578 CWE
NetSec Security Advisory: Multiple Vulnerabilities Resulting From Use Of Apple OSX HFS+
NetSec · 2005
1 citation(s)
REF-580 CWE
Top 10 2007-Failure to Restrict URL Access
OWASP · 2007
REF-581 CWE
A1 Unvalidated Input
OWASP · 2004
REF-582 CWE
A2 Broken Access Control
OWASP · 2004
REF-583 CWE
A3 Broken Authentication and Session Management
OWASP · 2004
REF-584 CWE
A4 Cross-Site Scripting (XSS) Flaws
OWASP · 2004
REF-585 CWE
A5 Buffer Overflows
OWASP · 2004
REF-586 CWE
A6 Injection Flaws
OWASP · 2004
REF-587 CWE
A7 Improper Error Handling
OWASP · 2004
REF-588 CWE
A8 Insecure Storage
OWASP · 2004
REF-590 CWE
A9 Denial of Service
OWASP · 2004
REF-591 CWE
A10 Insecure Configuration Management
OWASP · 2004
REF-594 CWE
Top 25 Series - Rank 21 - Incorrect Permission Assignment for Critical Response
Jason Lam · 2010
1 citation(s)
REF-597 CWE
The CERT C Secure Coding Standard
Robert C. Seacord · 2008
REF-598 CWE
SEI CERT C Coding Standard
The Software Engineering Institute
REF-599 CWE
SEI CERT C Coding Standard : Rule 01. Preprocessor (PRE)
The Software Engineering Institute
REF-600 CWE
SEI CERT C Coding Standard : Rule 02. Declarations and Initialization (DCL)
The Software Engineering Institute
REF-601 CWE
SEI CERT C Coding Standard : Rule 03. Expressions (EXP)
The Software Engineering Institute
REF-602 CWE
SEI CERT C Coding Standard : Rule 04. Integers (INT)
The Software Engineering Institute
REF-603 CWE
SEI CERT C Coding Standard : Rule 05. Floating Point (FLP)
The Software Engineering Institute
REF-604 CWE
SEI CERT C Coding Standard : Rule 06. Arrays (ARR)
The Software Engineering Institute
REF-605 CWE
SEI CERT C Coding Standard : Rule 07. Characters and Strings (STR)
The Software Engineering Institute
REF-606 CWE
SEI CERT C Coding Standard : Rule 08. Memory Management (MEM)
The Software Engineering Institute
REF-607 CWE
SEI CERT C Coding Standard : Rule 09. Input Output (FIO)
The Software Engineering Institute
REF-608 CWE
SEI CERT C Coding Standard : Rule 10. Environment (ENV)
The Software Engineering Institute
REF-609 CWE
SEI CERT C Coding Standard : Rule 11. Signals (SIG)
The Software Engineering Institute
REF-610 CWE
SEI CERT C Coding Standard : Rule 12. Error Handling (ERR)
The Software Engineering Institute
REF-611 CWE
SEI CERT C Coding Standard : Rule 13. Application Programming Interfaces (API)
The Software Engineering Institute
REF-612 CWE
SEI CERT C Coding Standard : Rule 14. Concurrency (CON)
The Software Engineering Institute
REF-613 CWE
SEI CERT C Coding Standard : Rule 48. Miscellaneous (MSC)
The Software Engineering Institute
REF-614 CWE
SEI CERT C Coding Standard : Rule 50. POSIX (POS)
The Software Engineering Institute
REF-615 CWE
2009 CWE/SANS Top 25 Most Dangerous Programming Errors
· 2009
REF-617 CWE
SEI CERT C Coding Standard : Rule 51. Microsoft Windows (WIN)
The Software Engineering Institute
REF-622 CWE
Top 25 Series - Rank 15 - Improper Check for Unusual or Exceptional Conditions
Frank Kim · 2010
1 citation(s)
REF-631 CWE
Password Storage Cheat Sheet
OWASP
3 citation(s)
REF-632 CWE
Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes
Thomas Ptacek · 2007
3 citation(s)
REF-633 CWE
The Importance of Being Canonical
Robert Graham · 2009
3 citation(s)
REF-634 CWE
Password Hashing
James McGlinn
2 citation(s)
REF-635 CWE
Rainbow Hash Cracking
Jeff Atwood · 2007
2 citation(s)
REF-636 CWE
Speed Hashing
Jeff Atwood · 2012
3 citation(s)
REF-637 CWE
Rainbow table
· 2009
3 citation(s)
REF-657 CWE
boost C++ Library Smart Pointers
3 citation(s)
REF-664 CWE
getrlimit(2) - Linux manual page
REF-667 CWE
Real-Life Example of a 'Business Logic Defect' (Screen Shots!)
Rafal Los · 2011
2 citation(s)
REF-672 CWE
Top 25 Series - Rank 22 - Allocation of Resources Without Limits or Throttling
Frank Kim · 2010
1 citation(s)
REF-676 CWE
Multiple vendors XML parser (and SOAP/WebServices server) Denial of Service attack using DTD
Amit Klein · 2002
1 citation(s)
REF-677 CWE
XML security: Preventing XML bombs
Rami Jaamour · 2006
1 citation(s)
REF-678 CWE
Dismantling an XML-Bomb
Didier Stevens · 2008
1 citation(s)
REF-679 CWE
XML Entity Expansion
Robert Auger
1 citation(s)
REF-680 CWE
Tip: Configure SAX parsers for secure processing
Elliotte Rusty Harold · 2005
1 citation(s)
« 6 / 21 »