Safeguard
Tag

rce

Safeguard articles tagged "rce" — guides, analysis, and best practices for software supply chain and application security.

80 articles

Vulnerability Analysis

Jenkins CLI Arbitrary File Read (CVE-2024-23897) Explained

CVE-2024-23897 turned a convenience feature in Jenkins' CLI argument parser into an arbitrary file read that can escalate to full RCE. Here's the mechanism and the fix.

Jul 6, 20265 min read
Vulnerability Analysis

VMware vCenter (CVE-2021-21985) Explained: The vSAN Plugin RCE

CVE-2021-21985 is a CVSS 9.8 unauthenticated RCE in VMware vCenter Server's vSAN Health plugin, enabled by default on every install. Here is how it works and the patched builds to run.

Jul 6, 20266 min read
Vulnerability Analysis

Confluence OGNL Injection (CVE-2022-26134) Explained

CVE-2022-26134 is a CVSS 9.8 unauthenticated OGNL injection in Atlassian Confluence, exploited as a zero-day before the patch. Here is how the flaw works and which versions fixed it.

Jul 5, 20266 min read
Vulnerability Analysis

Confluence CVE-2021-26084 Explained: The Webwork OGNL Injection RCE

CVE-2021-26084 is an unauthenticated OGNL injection in Confluence Server and Data Center that allows remote code execution, rated CVSS 9.8. Here is the timeline, root cause, detection, and patched versions.

Jul 5, 20265 min read
Vulnerability Analysis

Shellshock (CVE-2014-6271) Explained: RCE Hiding in Bash Environment Variables

CVE-2014-6271, Shellshock, let attackers run commands by smuggling code into environment variables that Bash parsed as function definitions. Reachable over HTTP, DHCP, and SSH. Here is how.

Jul 5, 20265 min read
Vulnerability Analysis

Fastjson AutoType Bypass RCE (CVE-2022-25845) Explained

CVE-2022-25845 defeated Fastjson's autoType protection and reopened a deserialization RCE path. Here's how the bypass worked and how to lock the library down.

Jul 4, 20265 min read
Vulnerability Analysis

Follina (CVE-2022-30190) Explained: Code Execution From a Word Document With Macros Off

CVE-2022-30190, Follina, abused the Windows MSDT protocol handler so a Word document could run PowerShell — no macros, no enable-content click. Here is the ms-msdt mechanism.

Jul 4, 20265 min read
Security Guides

Pillow (PIL) Security Guide (2026)

Pillow is the default image library for Python — and because it parses untrusted image bytes and once shipped an eval-based ImageMath, it has a long, real CVE history spanning arbitrary code execution and native buffer overflows.

Jul 4, 20266 min read
Vulnerability Analysis

Drupalgeddon2 (CVE-2018-7600) Explained: Drupal's Form API RCE

CVE-2018-7600, known as Drupalgeddon2, is a CVSS 9.8 unauthenticated remote code execution flaw in Drupal core's Form API. Here is how the renderable-array bug works and which versions to run.

Jul 3, 20266 min read
Vulnerability Analysis

Jackson-databind Polymorphic Deserialization Gadget (CVE-2019-12384) Explained

CVE-2019-12384 chained a logback gadget with H2's RUNSCRIPT to turn default typing into code execution. Here's the mechanism, the classpath caveat, and how to fix it for good.

Jul 3, 20265 min read
Vulnerability Analysis

PrintNightmare (CVE-2021-34527) Explained: When the Windows Print Spooler Ran Code as SYSTEM

CVE-2021-34527, PrintNightmare, let an authenticated attacker load a malicious printer driver through the Windows Print Spooler and execute code as SYSTEM — locally or across a domain.

Jul 3, 20265 min read
Vulnerability Guides

YAML Injection: How It Happens and How to Prevent It

YAML looks like a harmless config format, but the wrong parser call turns a config file into a code-execution engine. Here's how YAML deserialization attacks work and how to parse safely.

Jul 2, 20265 min read
rce (Page 2) — Safeguard Blog