cve
Safeguard articles tagged "cve" — guides, analysis, and best practices for software supply chain and application security.
136 articles
ScreenConnect CVE-2024-57727 Path Traversal Detailed
CVE-2024-57727 is a path traversal in ConnectWise ScreenConnect enabling arbitrary file read on self-hosted instances. Chain, detection, and patching.
CVE-2025-15467 in OpenSSL CMS: Patch Posture & SBOM Response
OpenSSL CMS pre-auth stack buffer overflow scored CVSS 9.8. Mail servers, web servers, and anything that processes S/MIME need the fix. Defender playbook below.
Windows LDAP LSASS CVE-2024-49113 (LDAPNightmare)
CVE-2024-49113 crashes LSASS over LDAP referrals and pairs with CVE-2024-49112 for RCE. Exploit chain, detection, and domain controller hardening.
Anthropic mcp-server-git: Three CVEs That Chain to RCE via Prompt Injection
Three flaws in Anthropic's official Git MCP server let prompt injection in a README compromise the developer's machine. The chain shows how MCP servers leak authority.
Veeam Backup CVE-2024-40711 Unauth RCE Walkthrough
CVE-2024-40711 is a critical unauth RCE in Veeam Backup & Replication. Deserialization flaw, exploit chain, and ransomware operator abuse.
What is a Vulnerability Database
CVE, NVD, OSV, GHSA, KEV — vulnerability databases power every scanner's severity score. Here's how they're built, enriched, and where they fall short.
WinRAR CVE-2025-0411 Mark-of-the-Web Bypass
CVE-2025-0411 lets WinRAR archives bypass Windows Mark-of-the-Web when extracted. Here is the flaw, the observed campaigns, and the patching path.
Apache OFBiz CVE-2024-38856 Pre-Auth RCE Analysis
CVE-2024-38856 is an unauthenticated RCE in Apache OFBiz that bypasses authentication via screen rendering. Exploit chain, detection, and patching.
Windows MSHTML Spoofing CVE-2024-43573 Explained
CVE-2024-43573 is a zero-day MSHTML spoofing flaw patched by Microsoft in October 2024. Here is the chain, detection, and why MSHTML keeps biting.
Apache Struts CVE-2024-53677: The Path Traversal RCE
CVE-2024-53677 lets attackers abuse Struts file upload parameter pollution to plant webshells. Here is the chain, detection logic, and patch guidance.
Privilege escalation vulnerabilities explained
Privilege escalation vulnerabilities turn a low-privilege foothold into root or admin access. Learn how they work, key CVEs, and how to detect them.
HTTP request smuggling explained
HTTP request smuggling exploits parser mismatches between proxies and origin servers. Learn CL.TE/TE.CL mechanics, real CVEs, and how to detect it.