Safeguard
Tag

remote-code-execution

Safeguard articles tagged "remote-code-execution" — guides, analysis, and best practices for software supply chain and application security.

55 articles

Vulnerability Analysis

CVE-2023-29331: Remote code execution in .NET via crafted...

CVE-2023-29331 lets a crafted .NET assembly trigger remote code execution during loading. Here's what's affected, the severity context, and how to remediate it.

Sep 18, 20258 min read
Vulnerability Analysis

CUPS Vulnerability Chain: Remote Code Execution via Linux Printing

A chain of vulnerabilities in the CUPS printing system allows unauthenticated attackers to achieve remote code execution on Linux systems by exploiting how printers are discovered and configured.

Sep 26, 20247 min read
Vulnerability Analysis

regreSSHion: CVE-2024-6387 OpenSSH Remote Code Execution

A regression in OpenSSH's signal handler reintroduced a vulnerability from 2006, enabling unauthenticated remote code execution on glibc-based Linux systems. Here's what you need to know.

Jul 1, 20246 min read
Vulnerabilities

The SnakeYAML Deserialization Vulnerability, Explained

SnakeYAML's default Constructor could instantiate arbitrary Java classes from YAML input — CVE-2022-1471 turned a config-parsing library into a remote code execution path.

Jun 19, 20245 min read
Code Security

Insecure Deserialization: Why Untrusted Data Should Never Become Objects

Deserialization vulnerabilities turn data into code execution. Here is how they work, which languages are most affected, and how to defend against them.

Oct 12, 20236 min read
Vulnerability Analysis

Citrix NetScaler Zero-Day CVE-2023-3519: Mass Exploitation in the Wild

CVE-2023-3519 allowed unauthenticated remote code execution on Citrix NetScaler ADC and Gateway devices, leading to widespread exploitation and CISA emergency directives.

Jul 18, 20235 min read
Incident Analysis

Shellshock, Five Years On: The Lessons That Stuck

Five years after CVE-2014-6271, Shellshock remains the clearest case study in how one interpreter bug becomes thousands of downstream holes.

Sep 24, 20196 min read
remote-code-execution (Page 5) — Safeguard Blog