Read the brief article about “SQL Injection loses #1 spot as most dangerous attack technique” at https://securityboulevard.com/2019/12/sql-injection-loses-1-spot-as-most-dangerous-attack-technique

The article mentions a new technique used to rank the most dangerous vulnerabilities. At the end it mentions the top 3 vulnerabilities. Research on the top vulnerability listed and provide any other articles you came across about it.

While SQL Injection was one of the most dangerous attack techniques, “Improper Restriction of Operations within the Bounds of a Memory Buffer” or CWE-119 has taken that position due to the Common Weakness Enumeration. CWE-199 is a vulnerability where there are little to no restrictions on devices that work on a memory buffer, and they can read and write code outside of the intended boundary. This allows for attacks like buffer overflow, where attackers can inject code into a device’s memory to cause different issues. This can include an out-of-bounds read, which gives access to sensitive information. There is also memory corruption, where malicious code injection manipulates the memory’s contents or leads to it crashing. However, there are mitigation strategies for this issue. Some of them are choosing languages with overflow protection, effectively implementing application memory, and using software and hardware with data execution protection.

https://cwe.mitre.org/data/definitions/119.html

https://www.immuniweb.com/vulnerability/buffer-errors.html#description