Safeguard
Tag

zero-day

Safeguard articles tagged "zero-day" — guides, analysis, and best practices for software supply chain and application security.

80 articles

AppSec

CVE-2023-4863: The libwebp Zero-Day That Hit Chrome and More

CVE-2023-4863 was a heap buffer overflow in libwebp's Huffman decoding that was exploited as a zero-day in the wild — and because libwebp sits inside Chrome, Firefox, and countless Electron apps, one library bug became an ecosystem-wide emergency patch.

Jan 22, 20256 min read
Vulnerability Analysis

SonicWall SMA 1000 Zero-Day: CVE-2025-23006 Pre-Auth RCE

SonicWall disclosed CVE-2025-23006, a critical deserialization vulnerability in its SMA 1000 series gateways that was actively exploited as a zero-day before patches were available.

Jan 22, 20255 min read
Vulnerability Analysis

Fortinet FortiGate Authentication Bypass: CVE-2024-55591 Explained

A critical authentication bypass in FortiOS and FortiProxy allowed attackers to gain super-admin privileges via crafted Node.js websocket requests. Here's what happened and how to protect your infrastructure.

Jan 14, 20255 min read
Vulnerability Analysis

Ivanti Connect Secure Zero-Day: CVE-2025-0282 Under Active Exploitation

A stack-based buffer overflow in Ivanti Connect Secure allowed unauthenticated remote code execution. Chinese threat actors exploited it before any patch existed.

Jan 8, 20255 min read
Threat Intelligence

Vulnerability Exploitation Trends in 2024: What the Data Shows

Analysis of 2024 vulnerability exploitation patterns reveals faster weaponization timelines, shifting target profiles, and the growing importance of edge device vulnerabilities.

Dec 15, 20246 min read
Best Practices

Coordinated Disclosure Zero-Day Playbook

A playbook for coordinated disclosure of zero-day vulnerabilities, covering timelines, stakeholder management, embargo discipline, and the judgement calls in between.

Dec 12, 20248 min read
Vulnerability Analysis

FortiJump: CVE-2024-47575 FortiManager Zero-Day Exploited at Scale

CVE-2024-47575, dubbed FortiJump, allowed unauthenticated attackers to execute commands on FortiManager devices. Mandiant confirmed exploitation by a new threat cluster targeting managed Fortinet infrastructure.

Oct 23, 20246 min read
Vulnerability Analysis

Ivanti Cloud Services Appliance CVE-2024-8963: Chained Exploitation

Ivanti's Cloud Services Appliance faced chained zero-day exploitation in September 2024, with attackers combining path traversal and command injection for unauthenticated RCE.

Sep 13, 20246 min read
Vulnerability Management

Cisco ASA Firepower Zero-Day Trends, 2024 Edition

Six zero-days against ASA and FTD in 2024, two tied to ArcaneDoor. We chart the trend, the CVSS distribution, and the patch-to-exploit gap.

Sep 5, 20245 min read
Vulnerability Analysis

Check Point VPN Zero-Day CVE-2024-24919: Information Disclosure Under Active Exploitation

A critical information disclosure vulnerability in Check Point VPN products allowed attackers to read sensitive files including password hashes, enabling lateral movement into enterprise networks.

May 28, 20245 min read
Vulnerability Management

Taint Analysis for Zero-Day Discovery: A Primer

A practitioner's walk-through of taint analysis as a zero-day discovery technique, from classic Livshits and Lam foundations to modern flow-sensitive engines.

Apr 22, 20247 min read
Vulnerability Management

Palo Alto GlobalProtect Zero-Day: Response Timeline

CVE-2024-3400 hit GlobalProtect with pre-auth RCE and ongoing exploitation. Here is the response timeline, the UPSTYLE tradecraft, and what worked.

Apr 18, 20245 min read
zero-day (Page 5) — Safeguard Blog