CSURFACE
THREAT SENSOR
Home
Analytics
News
About
Tools
Constellation
Libraries
CWE
CAPEC
MITRE ATT&CK
MITRE D3FEND
OWASP Top 10
Ransomware Groups
References
Support
EN
|
PT
References
Bibliographic references cited across the CWE and CAPEC catalogs
All
CWE
CAPEC
REF-682
CWE
Preventing Entity Expansion Attacks in JAXB
Blaise Doughan · 2011
1 citation(s)
REF-685
CWE
Meta-Character Vulnerabilities
Pascal Meunier · 2008
1 citation(s)
REF-686
CWE
OS Commanding
Robert Auger · 2009
1 citation(s)
REF-687
CWE
The World Wide Web Security FAQ
Lincoln Stein, John Stewart · 2002
1 citation(s)
REF-688
CWE
Security Issues in Perl Scripts
Jordan Dimov, Cigital
1 citation(s)
REF-690
CWE
Top 25 Series - Rank 9 - OS Command Injection
Frank Kim · 2010
1 citation(s)
REF-694
CWE
RSA Problem
Ronald L. Rivest, Burt Kaliski · 2003
1 citation(s)
REF-695
CWE
Optimal Asymmetric Encryption Padding
· 2009
1 citation(s)
REF-696
CWE
Exploiting Common Flaws in Drivers
Ruben Santamarta · 2007
1 citation(s)
REF-697
CWE
Remote and Local Exploitation of Network Drivers
Yuriy Bulygin · 2007
1 citation(s)
REF-698
CWE
Windows driver vulnerabilities: the METHOD_NEITHER odyssey
Anibal Sacco · 2008
1 citation(s)
REF-699
CWE
Buffer Descriptions for I/O Control Codes
Microsoft
1 citation(s)
REF-700
CWE
Using Neither Buffered Nor Direct I/O
Microsoft
1 citation(s)
REF-701
CWE
Securing Device Objects
Microsoft
2 citation(s)
REF-702
CWE
Exploiting Windows Device Drivers
Piotr Bania
1 citation(s)
REF-704
CWE
EXP00-C. Use parentheses for precedence of operation
CERT
1 citation(s)
REF-706
CWE
Unforgivable Vulnerabilities
Steve Christey · 2007
1 citation(s)
REF-709
CWE
XSS Attacks
Jeremiah Grossman, Robert "RSnake" Hansen, Petko "pdp" D. Petkov, Anton Rager, Seth Fogie · 2007
2 citation(s)
REF-712
CWE
Cross-site scripting
· 2008
1 citation(s)
REF-714
CWE
XSS (Cross Site Scripting) Cheat Sheet
RSnake
2 citation(s)
REF-715
CWE
Mitigating Cross-site Scripting With HTTP-only Cookies
Microsoft
1 citation(s)
REF-716
CWE
Anti-XSS 3.0 Beta and CAT.NET Community Technology Preview now Live!
Mark Curphey, Microsoft
1 citation(s)
REF-718
CWE
XSS Defense HOWTO
Ivan Ristic
1 citation(s)
REF-719
CWE
Web Application Firewall
OWASP
1 citation(s)
REF-720
CWE
Web Application Firewall Evaluation Criteria
Web Application Security Consortium
1 citation(s)
REF-721
CWE
Firefox Implements httpOnly And is Vulnerable to XMLHTTPRequest
RSnake · 2007
1 citation(s)
REF-722
CWE
XMLHttpRequest allows reading HTTPOnly cookies
1 citation(s)
REF-723
CWE
Apache Wicket
1 citation(s)
REF-724
CWE
XSS (Cross Site Scripting) Prevention Cheat Sheet
OWASP
1 citation(s)
REF-725
CWE
DOM based XSS Prevention Cheat Sheet
OWASP
2 citation(s)
REF-726
CWE
Top 25 series - Rank 1 - Cross Site Scripting
Jason Lam · 2010
1 citation(s)
REF-729
CWE
Top 25 Series - Rank 11 - Hardcoded Credentials
Johannes Ullrich · 2010
1 citation(s)
REF-731
CWE
Insufficient Anti-automation
Web Application Security Consortium
2 citation(s)
REF-732
CWE
2010 CWE/SANS Top 25 Most Dangerous Software Errors
· 2010
REF-741
CWE
Top 25 Series - Rank 12 - Buffer Access with Incorrect Length Value
Jason Lam · 2010
1 citation(s)
REF-754
CWE
Top 25 Series - Rank 6 - Reliance on Untrusted Inputs in a Security Decision
Frank Kim · 2010
1 citation(s)
REF-756
CWE
Understanding ASP.NET View State
Scott Mitchell · 2004
1 citation(s)
REF-759
CWE
Top 10 2010
· 2010
REF-761
CWE
Top 10 2010-A1-Injection
OWASP
REF-762
CWE
Top 10 2010-A2-Cross-Site Scripting (XSS)
OWASP
REF-763
CWE
Top 10 2010-A3-Broken Authentication and Session Management
OWASP
REF-764
CWE
Top 10 2010-A4-Insecure Direct Object References
OWASP
REF-765
CWE
Top 10 2010-A5-Cross-Site Request Forgery (CSRF)
OWASP
REF-766
CWE
Top 10 2010-A6-Security Misconfiguration
OWASP
REF-767
CWE
Top 10 2010-A7-Insecure Cryptographic Storage
OWASP
REF-768
CWE
Top 10 2010-A8-Failure to Restrict URL Access
OWASP
REF-769
CWE
Top 10 2010-A9-Insufficient Transport Layer Protection
OWASP
REF-770
CWE
Top 10 2010-A10-Unvalidated Redirects and Forwards
OWASP
REF-773
CWE
Apache CXF Security Advisory (CVE-2010-2076)
Daniel Kulp · 2010
1 citation(s)
REF-778
CWE
Third-Party Web Widget Security FAQ
Jeremiah Grossman
1 citation(s)
«
7 / 21
»