Safeguard
Tag

memory-safety

Safeguard articles tagged "memory-safety" — guides, analysis, and best practices for software supply chain and application security.

37 articles

Application Security

Memory safety in C/C++: the vulnerability classes that won't go away

Microsoft found ~70% of its patched CVEs trace to memory-safety bugs. Here's how buffer overflows, use-after-free, and double-free still happen — and what actually catches them.

Jul 14, 20267 min read
Application Security

Integrating C/C++ security scanning into CI pipelines

Roughly 70% of CVEs Microsoft assigns each year are memory-safety bugs. Here's how to catch them in C/C++ CI pipelines before they ship.

Jul 13, 20267 min read
Application Security

A hands-on stack buffer overflow in C++: root cause and mitigations

The Morris Worm hit ~6,000 machines in 1988 via one unsafe gets() call. We build and hijack a stack overflow in C++ to teach why canaries and ASLR exist.

Jul 11, 20267 min read
Application Security

Modern C++ security: smart pointers, bounds checking, and static analysis

Microsoft has said for years that ~70% of the CVEs it patches trace to memory-safety bugs — here's how modern C++ actually closes that gap.

Jul 11, 20266 min read
Application Security

The most common C++ vulnerability classes, and the tooling that catches them

Memory-safety bugs account for roughly 70% of high-severity CVEs in large C/C++ codebases at Microsoft and Google. Here's why, and what actually stops them.

Jul 11, 20267 min read
Vulnerability Guides

Buffer Overflow Vulnerabilities: A Practical Guide

Buffer overflows write past the end of a memory buffer, corrupting adjacent data and often reaching code execution. Here is how they work and how to prevent them.

Jul 8, 20266 min read
Application Security

Memory-Safety Vulnerabilities in C/C++: What Static and Dynamic Analysis Actually Catch

Roughly 70% of the CVEs Microsoft and Google's Chrome team assign each year trace to memory-unsafe C/C++ code — how static analysis, sanitizers, and fuzzers each catch a different slice of it.

Jul 8, 20267 min read
Application Security

C/C++ security in automotive software-defined vehicles

MISRA C:2025 now spans roughly 225 guidelines and explicitly covers AI-generated code — but memory-safety bugs still drive roughly 70% of the vulnerabilities patched in major C/C++ codebases.

Jul 8, 20267 min read
Application Security

Identifying memory safety bugs with Valgrind

Valgrind's Memcheck catches use-after-free, leaks, and buffer overruns in unmodified C binaries — at the cost of running your program 10-50x slower.

Jul 8, 20266 min read
Application Security

When Node.js sandboxing stops at the C++ boundary

Node's permission model can block a native addon from loading at all — but once it's in, a single buffer overflow in C++ can corrupt the whole process.

Jul 8, 20267 min read
Vulnerability Management

What PHP's use-after-free bugs teach us about dynamic-runtime memory safety

Check Point disclosed three PHP 7 unserialize zero-days in 2016 alone. A decade of PHP use-after-free CVEs shows memory-safety risk doesn't end at the C/C++ boundary.

Jul 8, 20266 min read
Application Security

An introduction to C and C++ memory-safety vulnerabilities

Microsoft has reported that roughly 70% of the CVEs it patches each year trace back to memory-safety bugs — here's what buffer overflows, use-after-free, and double-free actually look like.

Jul 7, 20268 min read
memory-safety — Safeguard Blog