Safeguard
Tag

memory-safety

Safeguard articles tagged "memory-safety" — guides, analysis, and best practices for software supply chain and application security.

39 articles

Open Source Security

Native-extension vulnerabilities in Python packages

numpy, pandas, cryptography, and lxml all ship compiled C/C++ code — and a Python SCA scan that only checks package versions can miss memory-safety bugs buried in that native layer.

Jul 7, 20266 min read
Security Guides

C++ Security Best Practices: Memory Safety, Hardening Flags, and the C/C++ Supply Chain

Microsoft attributes roughly 70% of its CVEs to memory-safety bugs, and the xz backdoor proved the C/C++ supply chain is a live target. Here is the practical hardening path for code you can't rewrite.

Jul 4, 20266 min read
Application Security

Rust memory safety and its security advantages

Memory safety bugs cause ~70% of Microsoft's CVEs. Here's how Rust's ownership model eliminates them at compile time, with real CVE examples.

May 20, 20267 min read
Application Security

Type-safe languages and their security benefits

Type safety eliminates entire CVE classes, not one bug at a time. Here's what the Microsoft, Google, and CISA data actually shows about the security payoff.

May 20, 20267 min read
Application Security

Bringing developer-first application security to C/C++

C/C++ still powers critical infrastructure but lags in AppSec tooling. Safeguard brings SBOM, reachability, and auto-fix to native code security.

Apr 22, 20266 min read
Vulnerability Analysis

What is a Buffer Overflow

Buffer overflows have powered exploits from the 1988 Morris Worm to WannaCry. Here's how they work, why they persist, and how to stop them.

Mar 29, 20266 min read
Industry Analysis

Rust Security Explained

Rust kills most memory-safety bugs, but crates.io supply chain attacks and CVE-2024-24576 prove "written in Rust" isn't a security guarantee.

Feb 22, 20266 min read
Industry Analysis

C/C++ Security Explained

C/C++ still cause ~70% of critical CVEs. From Heartbleed to the xz backdoor, here's why memory bugs persist and how to find exploitable ones fast.

Feb 22, 20268 min read
Industry Analysis

Rust memory safety vulnerabilities despite the borrow che...

The borrow checker doesn't stop everything. Here's how rust unsafe code vulnerabilities slip past Rust's safety guarantees and reach production.

Feb 6, 20267 min read
Vulnerability Analysis

Buffer overflow vulnerabilities explained

Buffer overflows still make MITRE's CWE Top 25 every year. Here's how they corrupt memory, real CVEs like EternalBlue and Baron Samedit, and how to stop them.

Dec 11, 20256 min read
Vulnerability Analysis

Use-after-free vulnerabilities explained

Use-after-free bugs (CWE-416) power some of the worst zero-day exploit chains in browsers and kernels. Here's how they work and what stops them.

Dec 11, 20257 min read
Vulnerability Analysis

Integer overflow vulnerabilities explained

What integer overflow vulnerabilities are, how CWE-190 causes real breaches like Bitcoin's 2010 overflow bug, and how to detect and prevent them.

Dec 11, 20256 min read
memory-safety (Page 2) — Safeguard Blog