Safeguard
Topic

Vulnerability Analysis

In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.

568 articles

Vulnerability Analysis

Shellshock Bash environment variable RCE (CVE-2014-6271)

A 2014 parsing flaw in Bash's function-export handling let attackers run arbitrary commands via environment variables — and it's still exploited today.

Jan 15, 20268 min read
Vulnerability Analysis

EternalBlue SMBv1 RCE (CVE-2017-0144)

EternalBlue (CVE-2017-0144) turned a Windows SMBv1 flaw into WannaCry and NotPetya. Here's the risk context, timeline, and fix.

Jan 15, 20267 min read
Vulnerability Analysis

BlueKeep RDP wormable RCE (CVE-2019-0708)

A deep dive into CVE-2019-0708 (BlueKeep), the wormable, pre-auth RDP RCE affecting legacy Windows — impact, timeline, and remediation steps.

Jan 14, 20267 min read
Vulnerability Analysis

CurveBall Windows CryptoAPI spoofing flaw (CVE-2020-0601)

CVE-2020-0601 (CurveBall) let attackers spoof trusted certificates via a Windows CryptoAPI flaw. Impact, timeline, and remediation steps inside.

Jan 14, 20268 min read
Vulnerability Analysis

Log4j JDBC Appender RCE (CVE-2021-44832)

CVE-2021-44832 lets attackers with logging-config write access achieve RCE via Log4j2's JDBC Appender — and Log4Shell fixes alone don't stop it.

Jan 14, 20267 min read
Vulnerability Analysis

Text4Shell Apache Commons Text RCE (CVE-2022-42889)

A deep dive into CVE-2022-42889 (Text4Shell): the Apache Commons Text RCE, its narrower real-world exploitability versus Log4Shell, and how to remediate it.

Jan 14, 20267 min read
Vulnerability Analysis

Trojan Source Unicode bidi-override attack (CVE-2021-42574)

CVE-2021-42574 (Trojan Source) lets Unicode bidi control characters hide malicious logic in plain sight during code review. Here's the full breakdown and fix.

Jan 13, 20267 min read
Vulnerability Analysis

OpenSSL punycode buffer overflow pair (CVE-2022-3602 / CVE-2022-3786)

A deep dive into CVE-2022-3602 and CVE-2022-3786, the OpenSSL punycode buffer overflow pair once dubbed "Heartbleed 2.0" — impact, timeline, and fixes.

Jan 13, 20265 min read
Vulnerability Analysis

Outlook NTLM hash leak zero-day (CVE-2023-23397)

A zero-click Outlook flaw let attackers steal NTLM hashes via crafted calendar reminders — exploited by APT28 for a year before patching. Here's what to do.

Jan 13, 20267 min read
Vulnerability Analysis

MOVEit Transfer SQL injection mass-exploitation (CVE-2023-34362)

CVE-2023-34362, the MOVEit Transfer SQL injection exploited by Cl0p, hit 2,600+ organizations. Impact, timeline, and remediation steps inside.

Jan 13, 20267 min read
Vulnerability Analysis

Apache OFBiz CVE-2024-38856 Pre-Auth RCE Analysis

CVE-2024-38856 is an unauthenticated RCE in Apache OFBiz that bypasses authentication via screen rendering. Exploit chain, detection, and patching.

Jan 13, 20266 min read
Vulnerability Analysis

systeminformation npm package command injection (CVE-2021-21315)

A critical command injection flaw in the systeminformation npm package (CVE-2021-21315) let attackers run OS commands via unsanitized shell calls. Here's the full breakdown.

Jan 12, 20268 min read
Vulnerability Analysis (Page 17) — Supply Chain Security Blog | Safeguard