vulnerability-analysis
Safeguard articles tagged "vulnerability-analysis" — guides, analysis, and best practices for software supply chain and application security.
360 articles
ProxyLogon Microsoft Exchange RCE chain (CVE-2021-26855)
A deep dive into ProxyLogon (CVE-2021-26855 and chain): the unauthenticated Exchange RCE that enabled HAFNIUM and mass ransomware attacks.
PrintNightmare Windows Print Spooler RCE (CVE-2021-34527)
A critical Print Spooler flaw (CVE-2021-34527) enabled unauthenticated SYSTEM-level RCE on nearly every Windows host. Here's what happened and how to fix it.
WinRAR CVE-2025-0411 Mark-of-the-Web Bypass
CVE-2025-0411 lets WinRAR archives bypass Windows Mark-of-the-Web when extracted. Here is the flaw, the observed campaigns, and the patching path.
F5 BIG-IP iControl REST RCE (CVE-2022-1388)
A critical iControl REST auth bypass let attackers gain root RCE on BIG-IP within days of disclosure. Impact, KEV status, timeline, and fixes.
HTTP/2 Rapid Reset DDoS technique (CVE-2023-44487)
CVE-2023-44487 (HTTP/2 Rapid Reset) fueled record DDoS attacks by abusing stream resets. Here's the impact, timeline, and how to remediate it.
OpenSSH forwarded ssh-agent RCE (CVE-2023-38408)
CVE-2023-38408 lets a malicious SSH server hijack a forwarded ssh-agent to run code on the client. Impact, affected versions, and fixes.
OpenSSH agent forwarding RCE (CVE-2016-10009)
A malicious or compromised SSH server could abuse forwarded ssh-agent connections to load arbitrary PKCS#11 modules and run code on the client.
Shellshock Bash environment variable RCE (CVE-2014-6271)
A 2014 parsing flaw in Bash's function-export handling let attackers run arbitrary commands via environment variables — and it's still exploited today.
EternalBlue SMBv1 RCE (CVE-2017-0144)
EternalBlue (CVE-2017-0144) turned a Windows SMBv1 flaw into WannaCry and NotPetya. Here's the risk context, timeline, and fix.
BlueKeep RDP wormable RCE (CVE-2019-0708)
A deep dive into CVE-2019-0708 (BlueKeep), the wormable, pre-auth RDP RCE affecting legacy Windows — impact, timeline, and remediation steps.
CurveBall Windows CryptoAPI spoofing flaw (CVE-2020-0601)
CVE-2020-0601 (CurveBall) let attackers spoof trusted certificates via a Windows CryptoAPI flaw. Impact, timeline, and remediation steps inside.
Log4j JDBC Appender RCE (CVE-2021-44832)
CVE-2021-44832 lets attackers with logging-config write access achieve RCE via Log4j2's JDBC Appender — and Log4Shell fixes alone don't stop it.