Safeguard
Topic

Vulnerability Analysis

In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.

568 articles

Vulnerability Analysis

CVE-2024-0057: Certificate validation bypass in .NET X.50...

CVE-2024-0057 lets attackers forge X.509 certificates that bypass .NET's chain validation, risking spoofing in TLS and code-signing flows.

Sep 17, 20258 min read
Vulnerability Analysis

CVE-2018-1285: XXE in Apache log4net

CVE-2018-1285: Apache log4net before 2.0.10 fails to disable external XML entities, enabling XXE attacks via config files. Impact, fix, and detection.

Sep 16, 20258 min read
Vulnerability Analysis

CVE-2020-29652: Denial of service in golang.org/x/crypto/...

A pre-auth nil pointer dereference in golang.org/x/crypto/ssh let a single crafted request crash Go SSH servers. Here's the impact, fix, and remediation path.

Sep 16, 20258 min read
Vulnerability Analysis

CVE-2021-43565: Denial of service in golang.org/x/crypto/...

A crafted SSH packet could crash Go services using golang.org/x/crypto/ssh before the December 2021 fix. What's affected, the severity context, and how to remediate.

Sep 16, 20257 min read
Vulnerability Analysis

How the Snyk Vulnerability Database sources and verifies ...

A look at how Snyk's Vulnerability Database sources, verifies, and scores new disclosures, from GHSA feeds and silent fixes to CVSS overrides and embargo timing.

Aug 28, 20257 min read
Vulnerability Analysis

Why Vulnerability Disclosure Timelines Still Vary Wildly ...

Google gives vendors 90 days, ZDI gives 120, the EU wants 24 hours, and Linux had no CVE process until 2024. Here's why disclosure timelines diverge so sharply across ecosystems.

Aug 10, 20257 min read
Vulnerability Analysis

The XZ Utils Backdoor: A Timeline and Technical Post-Mortem

A technical post-mortem of CVE-2024-3094, the XZ Utils backdoor: how a trusted maintainer identity was used to plant a supply chain backdoor in sshd.

Jul 13, 20258 min read
Vulnerability Analysis

CVE-2025-5777 (Citrix Bleed 2): NetScaler Memory Disclosure Deep Dive

A second Citrix Bleed leaks session tokens from NetScaler ADC and Gateway memory. We dissect the buffer over-read and the IR playbook.

Jun 25, 20255 min read
Vulnerability Analysis

CVE-2025-32756 in FortiVoice: HTTP Stack Overflow to Root RCE

A stack-based buffer overflow in FortiVoice and FortiMail web portals lets unauthenticated attackers execute root commands over HTTPS.

May 14, 20255 min read
Vulnerability Analysis

CVE-2025-20188 in Cisco IOS XE WLC: Hardcoded JWT to Root RCE

A hardcoded JSON Web Token in Cisco's Wireless LAN Controller gives unauthenticated attackers a path to root via arbitrary file upload.

May 12, 20256 min read
Vulnerability Analysis

Commvault CVE-2025-34028: SSRF to RCE in Enterprise Backup Software

A critical SSRF vulnerability in Commvault Command Center allowed unauthenticated attackers to achieve remote code execution on backup infrastructure. CISA added it to the KEV catalog.

May 1, 20255 min read
Vulnerability Analysis

SAP NetWeaver CVE-2025-31324: Unrestricted File Upload Zero-Day

A critical file upload vulnerability in SAP NetWeaver Visual Composer was exploited to deploy web shells on enterprise SAP systems. The flaw required no authentication and scored 10.0 on CVSS.

Apr 24, 20255 min read
Vulnerability Analysis (Page 41) — Supply Chain Security Blog | Safeguard