★且听安全★-点关注,不迷路!★漏洞空间站★-优质漏洞资源和小伙伴聚集地!漏洞信息iSpy 是一款开源的视频监控软件,使用 C# 开发,该软件近期披露了 CVE-2022-29774 目录穿越和 CV...
《OWASP Top 10 2021》个人浅说
点击上方关注我们!OWASP Top 10 2021 是全新的,具有新的图形设计和一页有用的信息图。本文主要以对比2017的变化,以及2021主要内容两个方面来分析一下owasp2021的内容,以及未...
领域知识驱动的缺陷报告预测
原文标题:Domain knowledge-based security bug reports prediction原文作者:Wei Zheng, JingYuan Cheng, Xiaoxue W...
OWASP Top 10 2021
OWASP Top 10 已经更新A01:2021-Broken Access Control从第五位上升;94% 的应用程序都经过了某种形式的破坏访问控制的测试。映射到 Broken Access ...
工控系统高危漏洞TOP10
技术就像一把双刃剑,使用不慎就会伤到自己。——爱因斯坦零、前言由于工业控制系统设备及通信规约的专有性以及系统的相对封闭性,使得一般的互联网黑客或黑客组织很难获得相应的工业控制系统攻防研究环境以及相关系...
View-884: CWE Cross-section
View-884: CWE Cross-section ID: 884 Type: Explicit Status: Incomplete Objective This view contains a...
View-800: Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
View-800: Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors ID: 800 Type: Gra...
View-750: Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors
View-750: Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors ID: 750 Type: Gra...
View-709: Named Chains
View-709: Named Chains ID: 709 Type: Implicit Status: Incomplete Objective This view displays Named ...
View-702: Weaknesses Introduced During Implementation
View-702: Weaknesses Introduced During Implementation ID: 702 Type: Implicit Status: Incomplete Obje...
View-701: Weaknesses Introduced During Design
View-701: Weaknesses Introduced During Design ID: 701 Type: Implicit Status: Incomplete Objective Th...
View-700: Seven Pernicious Kingdoms
View-700: Seven Pernicious Kingdoms ID: 700 Type: Graph Status: Incomplete Objective This view (grap...
77