Safeguard
Topic

Vulnerability Analysis

In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.

568 articles

Vulnerability Analysis

XML External Entity (XXE) injection explained

XXE injection lets attackers abuse XML parsers to read files, hit cloud metadata via SSRF, or crash servers — here's how it works and how to stop it.

Dec 13, 20257 min read
Vulnerability Analysis

Cross-site request forgery (CSRF) explained

CSRF forges authenticated requests using a victim's own session cookies. Learn how real attacks against Netflix and uTorrent worked, and how to stop them.

Dec 13, 20257 min read
Vulnerability Analysis

Open redirect vulnerabilities explained

Open redirect flaws (CWE-601) score as medium severity alone, but they power real phishing campaigns against Google, Amex, and Microsoft. Here's how they work and how to stop them.

Dec 12, 20257 min read
Vulnerability Analysis

Arbitrary file upload vulnerabilities explained

Arbitrary file upload flaws (CWE-434) have caused breaches from Equifax to GitLab. Here's how they work, the CVEs that prove it, and how to stop them.

Dec 12, 20257 min read
Vulnerability Analysis

Directory listing exposure risks explained

Directory listing vulnerabilities expose raw file trees via one misconfigured Apache, Nginx, or IIS directive. Here's how they happen and how to fix them.

Dec 12, 20257 min read
Vulnerability Analysis

Time-of-check to time-of-use (TOCTOU) race condition vulnerabilities

TOCTOU race conditions let attackers swap a resource between a security check and its use. Real CVEs, exploit mechanics, and prevention patterns explained.

Dec 12, 20257 min read
Vulnerability Analysis

CVE-2025-59718 in FortiOS: FortiCloud SSO SAML Bypass

An unauthenticated SAML message manipulation lets attackers log in as admin on FortiGate, FortiWeb, and FortiProxy. We unpack the bug and the IR steps.

Dec 11, 20256 min read
Vulnerability Analysis

Buffer overflow vulnerabilities explained

Buffer overflows still make MITRE's CWE Top 25 every year. Here's how they corrupt memory, real CVEs like EternalBlue and Baron Samedit, and how to stop them.

Dec 11, 20256 min read
Vulnerability Analysis

Use-after-free vulnerabilities explained

Use-after-free bugs (CWE-416) power some of the worst zero-day exploit chains in browsers and kernels. Here's how they work and what stops them.

Dec 11, 20257 min read
Vulnerability Analysis

Integer overflow vulnerabilities explained

What integer overflow vulnerabilities are, how CWE-190 causes real breaches like Bitcoin's 2010 overflow bug, and how to detect and prevent them.

Dec 11, 20256 min read
Vulnerability Analysis

Type confusion vulnerabilities explained

Type confusion bugs let attackers corrupt memory by exploiting mismatched type assumptions. See real CVEs, how JIT engines fail, and how to catch it early.

Dec 11, 20256 min read
Vulnerability Analysis

Format string vulnerabilities explained

Format string bugs let attackers turn a printf call into memory disclosure or arbitrary writes. Here's how CWE-134 works, real CVEs, and fixes.

Dec 10, 20256 min read
Vulnerability Analysis (Page 26) — Supply Chain Security Blog | Safeguard