Safeguard
Tag

vulnerability-analysis

Safeguard articles tagged "vulnerability-analysis" — guides, analysis, and best practices for software supply chain and application security.

360 articles

Vulnerability Analysis

What is an Exploit

An exploit is code that weaponizes a vulnerability. Learn how exploits differ from CVEs, how attackers acquire them, and how to prioritize real exploitation risk.

Apr 8, 20267 min read
Vulnerability Analysis

What is SQL Injection (SQLi)

SQL injection (CWE-89) lets attackers rewrite database queries via untrusted input — here's how SQLi works, its types, severity, and how to prevent it.

Apr 1, 20267 min read
Vulnerability Analysis

How Does SQL Injection Work

A technical walkthrough of how SQL injection works, the main attack variants, real breaches it caused, and how to detect and prevent it.

Mar 31, 20267 min read
Vulnerability Analysis

What is Cross-Site Request Forgery (CSRF)

CSRF forges an authenticated request using a victim's own session cookie. Learn how it works, real Gmail/YouTube cases, and how to detect and fix it.

Mar 31, 20267 min read
Vulnerability Analysis

What is Server-Side Request Forgery (SSRF)

SSRF turns a server's own trusted network position against it. Learn how the Capital One breach happened, real CVEs, and how to detect and prevent it.

Mar 31, 20266 min read
Vulnerability Analysis

What is Remote Code Execution (RCE)

RCE lets attackers run code on your systems remotely, often without login. Learn how it works, real CVE examples, and how to detect it before exploitation.

Mar 31, 20267 min read
Vulnerability Analysis

What is Command Injection

Command injection lets attackers run OS commands through unsanitized input. Learn how it works, real CVEs like Shellshock and PAN-OS, and how to prevent it.

Mar 30, 20267 min read
Vulnerability Analysis

What is Path Traversal

Path traversal (CWE-22) lets attackers escape a web root using ../ sequences to read or write arbitrary files. Here's how it works, real breaches, and fixes.

Mar 30, 20266 min read
Vulnerability Analysis

What is Directory Traversal

Directory traversal (CWE-22) lets attackers use ../ sequences to read or write files outside a web app's root directory. Here's how it works.

Mar 30, 20267 min read
Vulnerability Analysis

What is XML External Entity (XXE) Injection

XXE injection lets attackers abuse XML parsers to read files, trigger SSRF, or crash services. Here's how it works, real CVEs, and how to stop it.

Mar 30, 20266 min read
Vulnerability Analysis

What is Insecure Deserialization

Insecure deserialization (CWE-502) lets attackers turn untrusted object data into remote code execution. Here's how the attack works and how to stop it.

Mar 29, 20267 min read
Vulnerability Analysis

What is a Buffer Overflow

Buffer overflows have powered exploits from the 1988 Morris Worm to WannaCry. Here's how they work, why they persist, and how to stop them.

Mar 29, 20266 min read
vulnerability-analysis (Page 4) — Safeguard Blog