Safeguard
Tag

buffer-overflow

Safeguard articles tagged "buffer-overflow" — guides, analysis, and best practices for software supply chain and application security.

13 articles

Vulnerability Management

Inside the OpenSSL punycode bug: why CVE-2022-3602 wasn't Heartbleed

OpenSSL pre-announced a 'critical' flaw in October 2022. It shipped as HIGH severity. Here's the buffer overflow, the downgrade, and the safe patch path.

Jul 12, 20265 min read
Application Security

A hands-on stack buffer overflow in C++: root cause and mitigations

The Morris Worm hit ~6,000 machines in 1988 via one unsafe gets() call. We build and hijack a stack overflow in C++ to teach why canaries and ASLR exist.

Jul 11, 20267 min read
Application Security

The most common C++ vulnerability classes, and the tooling that catches them

Memory-safety bugs account for roughly 70% of high-severity CVEs in large C/C++ codebases at Microsoft and Google. Here's why, and what actually stops them.

Jul 11, 20267 min read
Vulnerability Guides

Buffer Overflow Vulnerabilities: A Practical Guide

Buffer overflows write past the end of a memory buffer, corrupting adjacent data and often reaching code execution. Here is how they work and how to prevent them.

Jul 8, 20266 min read
Vulnerability Analysis

OpenSSL Punycode Overflow (CVE-2022-3602) Explained

CVE-2022-3602 was pre-announced as OpenSSL's next critical bug, then downgraded to high. Here is what the X.509 punycode buffer overflow actually does, why the panic cooled, and how to patch.

Jul 7, 20266 min read
Application Security

An introduction to C and C++ memory-safety vulnerabilities

Microsoft has reported that roughly 70% of the CVEs it patches each year trace back to memory-safety bugs — here's what buffer overflows, use-after-free, and double-free actually look like.

Jul 7, 20268 min read
Container Security

CVE-2026-42945: A Buffer Overflow in NGINX's Rewrite Module Reaches Into Your Kubernetes Clusters (May 2026)

Disclosed May 17, 2026 with public PoC and in-the-wild activity, CVE-2026-42945 is a buffer overflow in NGINX's ngx_http_rewrite_module. It affects core NGINX and the ingress controllers that wrap it, putting cluster ingress in scope.

May 18, 202612 min read
Vulnerability Analysis

What is a Buffer Overflow

Buffer overflows have powered exploits from the 1988 Morris Worm to WannaCry. Here's how they work, why they persist, and how to stop them.

Mar 29, 20266 min read
Vulnerability Analysis

Buffer overflow vulnerabilities explained

Buffer overflows still make MITRE's CWE Top 25 every year. Here's how they corrupt memory, real CVEs like EternalBlue and Baron Samedit, and how to stop them.

Dec 11, 20256 min read
Vulnerability Analysis

Integer overflow vulnerabilities explained

What integer overflow vulnerabilities are, how CWE-190 causes real breaches like Bitcoin's 2010 overflow bug, and how to detect and prevent them.

Dec 11, 20256 min read
Application Security

Improper Restriction of Operations Within Memory Bounds

CWE-119 has topped MITRE's vulnerability rankings for years, from Heartbleed to WannaCry to the 2023 libwebp zero-day. Here's why it persists and how to catch it early.

Nov 11, 20257 min read
Application Security

CVE-2021-25287: Buffer overflow in Pillow SGI decoder

A heap buffer overflow in Pillow's SGI image decoder (CVE-2021-25287) let crafted images corrupt memory. Here's the impact, fix, and remediation guidance.

Oct 5, 20258 min read
buffer-overflow — Safeguard Blog