Safeguard
Tag

vulnerability-management

Safeguard articles tagged "vulnerability-management" — guides, analysis, and best practices for software supply chain and application security.

635 articles

Vulnerability Analysis

Path traversal vulnerabilities explained with real-world examples

Path traversal (CWE-22) has powered CVEs from Apache to Citrix to F5. Here's how it works, real breaches, and how to stop it.

Dec 14, 20256 min read
Vulnerability Analysis

Privilege escalation vulnerabilities explained

Privilege escalation vulnerabilities turn a low-privilege foothold into root or admin access. Learn how they work, key CVEs, and how to detect them.

Dec 9, 20256 min read
Open Source Security

RubyGems Escape Sequence Injection via Gem Name Output (C...

A look at CVE-2019-8321, the RubyGems escape sequence injection flaw in gem CLI output: affected versions, severity, and how to remediate it.

Dec 4, 20258 min read
Vulnerability Management

The ROI of Vulnerability Remediation Automation: Numbers That Justify the Investment

Manual vulnerability remediation costs more than most organizations realize. Breaking down the real costs, time savings, and risk reduction that automation delivers.

Dec 1, 20257 min read
Open Source Security

Node.js runtime CVE roundup

A roundup of Node.js runtime CVEs since 2024 — command injection, HTTP smuggling, permission bypasses, and why runtime flaws evade typical dependency scanners.

Nov 28, 20257 min read
DevSecOps

Jenkins Stapler Unauthenticated RCE Mass-Exploited for Cr...

CVE-2018-1000861 let attackers hit Jenkins Stapler unauthenticated, planting cryptomining malware on exposed CI/CD build servers across the internet.

Nov 26, 20257 min read
DevSecOps

Jenkins CLI Java Deserialization Remote Code Execution (C...

CVE-2017-1000353 let attackers gain unauthenticated RCE on Jenkins via CLI Java deserialization. Here's the impact, timeline, and how to remediate it.

Nov 26, 20258 min read
DevSecOps

Jenkins CLI Deserialization RCE via Commons-Collections G...

CVE-2015-8103: unauthenticated RCE in Jenkins CLI via a Commons-Collections deserialization gadget chain. Impact, timeline, and remediation.

Nov 26, 20259 min read
Vulnerability Analysis

Helm 2 Tiller's Default Unauthenticated gRPC Endpoint (CV...

CVE-2019-18658 shows how Helm 2's Tiller ran an unauthenticated gRPC endpoint by default, letting network-adjacent attackers seize cluster-admin control.

Nov 24, 20257 min read
Open Source Security

Most vulnerable Go packages report

Safeguard's 2026 analysis ranks the most vulnerable Go packages by exposure-weighted risk, revealing why a handful of core modules drive most CVE impact.

Nov 20, 20257 min read
Open Source Security

Go standard library CVE trend report

A trend analysis of Go standard library CVEs from HTTP/2 Rapid Reset to crypto/x509 parsing bugs — and why "it's stdlib" is not a safe-harbor assumption.

Nov 19, 20257 min read
Container Security

Container image supply chain attack trends

Container images have become the software supply chain's most contested attack surface. A look at the xz-utils backdoor, registry-borne malware campaigns, and the detection gaps behind them.

Nov 17, 20258 min read
vulnerability-management (Page 35) — Safeguard Blog