Safeguard
Tag

vulnerability-analysis

Safeguard articles tagged "vulnerability-analysis" — guides, analysis, and best practices for software supply chain and application security.

360 articles

Vulnerability Analysis

What Are Security Logging and Monitoring Failures

Equifax went undetected for 76 days, Marriott for four years. Here's what security logging and monitoring failures are, why they happen, and how to close the gap.

Mar 22, 20267 min read
Vulnerability Analysis

Use of Components with Known Vulnerabilities

Equifax lost 147M records to one unpatched library. Here's what "components with known vulnerabilities" means and how reachability analysis fixes the triage problem.

Mar 22, 20266 min read
Vulnerability Analysis

CVE-2024-4367 PDF.js Arbitrary Code Execution

CVE-2024-4367 is a PDF.js code-execution flaw via font handling that affects Firefox, Thunderbird, and every embedder. Root cause and remediation.

Mar 14, 20268 min read
Vulnerability Analysis

CVE-2025-24071 Windows Explorer NTLM Hash Leak

A .library-ms file extracted from a zip archive can leak NTLM hashes without the user opening anything. Breakdown of CVE-2025-24071 and the defensive response.

Mar 12, 20268 min read
Vulnerability Analysis

CVE-2024-29849 Veeam Auth Bypass Analysis

CVE-2024-29849 is a CVSS 9.8 auth bypass in Veeam Backup Enterprise Manager. Root cause, exploitation, detection, and patching guidance.

Mar 10, 20268 min read
Vulnerability Analysis

CVE-2025-1974 Ingress NGINX Controller RCE

IngressNightmare - CVE-2025-1974 in Kubernetes ingress-nginx - gave unauthenticated attackers cluster-wide RCE. Here is how it worked and what to harden now.

Mar 7, 20268 min read
Vulnerability Analysis

CVE-2024-32002 Git RCE on Clone: Walkthrough

CVE-2024-32002 is a Git submodule RCE triggered by a recursive clone on case-insensitive filesystems. Root cause, exploit, and remediation.

Mar 6, 20269 min read
Vulnerability Analysis

CVE-2024-21413 Outlook Moniker Link Analysis

CVE-2024-21413 is a critical Outlook Moniker Link RCE that bypasses Protected View via a crafted file URL. Root cause, exploitation, and detection.

Mar 2, 20268 min read
Vulnerability Analysis

CVE-2024-55956 Cleo Harmony/VLTrader RCE

Cleo's Harmony, VLTrader, and LexiCom carried an unauthenticated RCE that Clop abused for mass data theft. Here is the technical breakdown and the defender's takeaway.

Mar 2, 20267 min read
Vulnerability Analysis

CVE-2024-23897 Jenkins CLI File Read Deep Dive

CVE-2024-23897 is a Jenkins CLI arbitrary file-read flaw that leaks secrets and enables RCE chains. Root cause, exploitation, and patch guidance.

Feb 27, 20269 min read
Vulnerability Analysis

CVE-2024-45519 Zimbra Unauth RCE Breakdown

A technical breakdown of CVE-2024-45519, the unauthenticated RCE in Zimbra's postjournal service, how it was exploited in the wild, and what defenders should take away.

Feb 25, 20267 min read
Vulnerability Analysis

CVE-2024-4577 PHP CGI Argument Injection Explained

CVE-2024-4577 is a CVSS 9.8 argument injection in PHP-CGI on Windows that bypasses CVE-2012-1823's fix. Root cause, exploitation, and remediation.

Feb 23, 20268 min read
vulnerability-analysis (Page 7) — Safeguard Blog