Safeguard
Topic

Vulnerability Analysis

In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.

568 articles

Vulnerability Analysis

What is Cross-Site Request Forgery (CSRF)

CSRF forges an authenticated request using a victim's own session cookie. Learn how it works, real Gmail/YouTube cases, and how to detect and fix it.

Mar 31, 20267 min read
Vulnerability Analysis

What is Server-Side Request Forgery (SSRF)

SSRF turns a server's own trusted network position against it. Learn how the Capital One breach happened, real CVEs, and how to detect and prevent it.

Mar 31, 20266 min read
Vulnerability Analysis

What is Remote Code Execution (RCE)

RCE lets attackers run code on your systems remotely, often without login. Learn how it works, real CVE examples, and how to detect it before exploitation.

Mar 31, 20267 min read
Vulnerability Analysis

What is Command Injection

Command injection lets attackers run OS commands through unsanitized input. Learn how it works, real CVEs like Shellshock and PAN-OS, and how to prevent it.

Mar 30, 20267 min read
Vulnerability Analysis

What is Path Traversal

Path traversal (CWE-22) lets attackers escape a web root using ../ sequences to read or write arbitrary files. Here's how it works, real breaches, and fixes.

Mar 30, 20266 min read
Vulnerability Analysis

What is Directory Traversal

Directory traversal (CWE-22) lets attackers use ../ sequences to read or write files outside a web app's root directory. Here's how it works.

Mar 30, 20267 min read
Vulnerability Analysis

What is XML External Entity (XXE) Injection

XXE injection lets attackers abuse XML parsers to read files, trigger SSRF, or crash services. Here's how it works, real CVEs, and how to stop it.

Mar 30, 20266 min read
Vulnerability Analysis

Citrix Bleed 2 Implications: What CVE-2024-6235 Means for NetScaler Operators

CVE-2024-6235 was the followup to the original Citrix Bleed and exposed sensitive data from NetScaler ADC and Gateway appliances. The technical details and what changes.

Mar 29, 20265 min read
Vulnerability Analysis

What is Insecure Deserialization

Insecure deserialization (CWE-502) lets attackers turn untrusted object data into remote code execution. Here's how the attack works and how to stop it.

Mar 29, 20267 min read
Vulnerability Analysis

What is a Buffer Overflow

Buffer overflows have powered exploits from the 1988 Morris Worm to WannaCry. Here's how they work, why they persist, and how to stop them.

Mar 29, 20266 min read
Vulnerability Analysis

What is a Denial of Service (DoS) Attack

DoS attacks knock systems offline without stealing data. Learn how they work, real-world examples like Mirai and HTTP/2 Rapid Reset, and how to defend against them.

Mar 29, 20267 min read
Vulnerability Analysis

What is a DDoS Attack

A DDoS attack floods systems with botnet traffic until they collapse. See real Tbps records, the Rapid Reset CVE, and how to detect and mitigate one.

Mar 29, 20266 min read
Vulnerability Analysis (Page 9) — Supply Chain Security Blog | Safeguard