Safeguard
Tag

vulnerability-analysis

Safeguard articles tagged "vulnerability-analysis" — guides, analysis, and best practices for software supply chain and application security.

360 articles

Vulnerability Analysis

Spring4Shell (CVE-2022-22965): root cause and remote code...

Spring4Shell (CVE-2022-22965) let attackers manipulate Java class loaders via Spring data binding to achieve RCE on Tomcat-deployed apps. Root cause, timeline, and fixes.

Jan 22, 20269 min read
Vulnerability Analysis

Veeam Backup CVE-2024-40711 Unauth RCE Walkthrough

CVE-2024-40711 is a critical unauth RCE in Veeam Backup & Replication. Deserialization flaw, exploit chain, and ransomware operator abuse.

Jan 21, 20267 min read
Vulnerability Analysis

What is a Vulnerability Database

CVE, NVD, OSV, GHSA, KEV — vulnerability databases power every scanner's severity score. Here's how they're built, enriched, and where they fall short.

Jan 20, 20266 min read
Vulnerability Analysis

Log4Shell RCE in Apache Log4j (CVE-2021-44228)

A deep dive into CVE-2021-44228 (Log4Shell): the critical Log4j RCE vulnerability, its timeline, affected versions, and concrete remediation steps.

Jan 19, 20267 min read
Vulnerability Analysis

Apache Struts2 RCE behind the Equifax breach (CVE-2017-5638)

CVE-2017-5638, the Apache Struts2 RCE behind the Equifax breach, exposed 147.9M records. Here's the flaw, timeline, and how to remediate it.

Jan 19, 20267 min read
Vulnerability Analysis

Heartbleed OpenSSL memory disclosure (CVE-2014-0160)

Heartbleed (CVE-2014-0160) let attackers silently read server memory over TLS. Here's the impact, timeline, remediation, and how to detect lingering exposure today.

Jan 19, 20268 min read
Vulnerability Analysis

Sudo Baron Samedit heap overflow (CVE-2021-3156)

A decade-old sudo heap overflow, CVE-2021-3156 (Baron Samedit), let any local user gain root. Here's what's affected and how to fix it.

Jan 18, 20267 min read
Vulnerability Analysis

Spring4Shell RCE in Spring Framework (CVE-2022-22965)

A deep dive into CVE-2022-22965 (Spring4Shell): the critical Spring Framework RCE, its exploitation chain, timeline, and how to remediate it fast.

Jan 18, 20267 min read
Vulnerability Analysis

Log4j second RCE bypass (CVE-2021-45046)

The Log4j 2.15.0 patch for Log4Shell was incomplete. CVE-2021-45046 shows how attackers bypassed it to achieve remote code execution.

Jan 18, 20267 min read
Vulnerability Analysis

Struts2 OGNL injection RCE (CVE-2018-11776)

CVE-2018-11776 lets remote attackers achieve full RCE in Apache Struts2 via OGNL injection in URL namespaces. Impact, timeline, and fixes inside.

Jan 18, 20267 min read
Vulnerability Analysis

PHP-FPM/Nginx path disclosure RCE (CVE-2019-11043)

CVE-2019-11043 let attackers gain unauthenticated RCE on PHP-FPM/Nginx stacks via a PATH_INFO underflow. Here's the impact, timeline, and fixes.

Jan 17, 20267 min read
Vulnerability Analysis

Ghostcat Apache Tomcat AJP file read/RCE (CVE-2020-1938)

CVE-2020-1938 'Ghostcat' exposes Apache Tomcat's AJP connector to file read and RCE. Here's the ghostcat tomcat AJP vulnerability impact and how to fix it.

Jan 17, 20267 min read
vulnerability-analysis (Page 10) — Safeguard Blog