Table 1 Commonly used techniques for vulnerability detection.

Cross-site scripting XSS attacks

1. Cross-site scripting attack XSS detection using a modified CNN model⁷¹

2. Automated server-side XSS attack detection using boundary injection⁷²

3. Taint tracking-based analysis of DOM cross-site scripting named as TT-XSS⁷³

4. Support Vector Machine is used to detect blind cross-site scripting vulnerability⁷⁴

5. Reducing attack surfaces for cross-site scripting attacks using secure SDLC⁷⁵

6. Detecting cross-site scripting vulnerability using LSTM and recurrent neural networks (RNN) named DeepXSS⁷⁶

7. Using genetic algorithms and reinforcement learning for XSS attack detection⁷⁷

8. Using ML with hybrid features for XSS attack detection⁷⁸

9. Using Fuzzy inference for dynamic detection of XSS cross-site scripting attacks⁷⁹

Buffer overflow attacks

1. Analyzing network intrusion for buffer overflow attacks⁸⁰

2. Implementing string library function to detect integer overflow-to-buffer overflow attacks⁸¹

3. Performed static buffer overflow detection and suggested automatic detection⁸²

4. Static buffer overflow detection and repair using the Bovlnspector tool⁸³

SQL injection attacks

1. SQL injection attacks detection using a decision tree⁸⁴

2. Using behavior and response analysis for SQL injection attacks⁸⁵

3. SQL injection attack detection in web applications using heuristic-based analysis⁸⁶

4. Applying neuro-fuzzy techniques to prevent and detect SQL injection attacks⁸⁷

5. Algorithm designed for black box testing to mitigate SQL injection vulnerability⁸⁸

6. A traffic-based technique called DIAVA to detect data leakages and SQL injection attacks⁸⁹

7. A hybrid method consists of augmenting database tables with symbols, then using an algorithm for queries and another algorithm designed for string matching to prevent and detect SQL injection attacks⁹⁰

8. Using intrusion set randomization to detect SQL injection attacks⁹¹

9. A tool is developed to detect SQL injection attacks and display suggestions to fix them⁹²

Missing authorization

1. The tool is developed to detect missing authorization in distributed cloud systems using inferring variable definition, user-owned data, and critical system state⁹³

2. The proposed role cast SE-based technique consists of the context of security-sensitive events that are control-dependent on roles⁹⁴

3. The Vanguard is an approach consisting of static analysis for sensitive operations, analyzing sustainability using taint analysis, and the existence of risk degree of missing authorization⁹⁵

4. VRust is proposed to analyze vulnerability, including missing authorization for Solana, by assigning validation rules for vulnerable input accounts⁹⁶

5. The CRIX system consists of interprocedural, semantic, and context-aware systems⁹⁷

6. MACE is based on checking the authorization state consistency⁹⁸