Microsoft SharePoint Remote Code Execution Vulnerability

SharePoint Server is a locally deployed enterprise collaboration platform from Microsoft that supports content sharing, knowledge management, and application integration, and works seamlessly with Microsoft 365 subscriptions to access the latest features. A remote code execution vulnerability...

The vulnerability of the Microsoft SharePoint software package, related to improper code generation management, allows a malicious actor to execute arbitrary code.

The vulnerability of the Microsoft SharePoint software package is related to improper code generation management. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

A Mixture of Linear Corrections Generates Secure Code

Large language models LLMs have become proficient at sophisticated code-generation tasks, yet remain ineffective at reliably detecting or avoiding code vulnerabilities. Does this deficiency stem from insufficient learning about code vulnerabilities, or is it merely a result of ineffective...

The vulnerability of the data collection tool for Azure Monitor Agents, which operates on virtual machines and physical servers, stems from improper code generation. This allows attackers to execute arbitrary code.

Vulnerability of the data collection tool for Azure Monitor Agent, which processes virtual machines and physical servers, due to improper code generation management. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

SUSE CVE-2025-38339

In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: fix JIT code size calculation of bpf trampoline archbpftrampolinesize provides JIT size of the BPF trampoline before the buffer for JIT'ing it is allocated. The total number of instructions emitted for BPF trampoline...

OpenText Directory Services 代码注入漏洞

OpenText Directory Services OTDS is an information management solution from OpenText Canada Inc. integrating OpenText products and solutions with the company's enterprise directory infrastructure. A code injection vulnerability exists in OpenText Directory Services version 23.4 that stems from...

The vulnerability of the RTS VLink Virtual Matrix software for intercom systems and the Telex Remote Dispatch Console software for IP dispatch systems arises from improper code generation. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the RTS VLink Virtual Matrix software for intercom systems and the Telex Remote Dispatch Console software for IP dispatcher systems is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the SAP S/4HANA resource planning system and the SAP SCM supply chain management software’s Characteristic Propagation mechanism lies in improper code generation management. This allows attackers to execute arbitrary code and gain unauthorized access to the system.

The vulnerability of the SAP S/4HANA resource planning system and the SAP SCM supply chain management software’s “Characteristic Propagation” function is related to improper code generation. Exploiting this vulnerability allows a malicious actor to generate arbitrary code and gain unauthorized...

The vulnerability of the FreeScout support service management system, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of the FreeScout support service management system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

WordPress plugin Alone 代码注入漏洞

WordPress Alone is a theme designed for nonprofit organizations, primarily for the WordPress platform. WordPress Alone suffers from a code injection vulnerability that stems from improper code generation controls, no details of the vulnerability are provided at this time...

The vulnerability of the OCAS Assistant dialog system, related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of the OCAS Assistant dialog system is related to improper handling of code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted POST request...

The vulnerability of the ssh_kdf() function in the libssh library, which allows a hacker to gain unauthorized access to protected information

The vulnerability of the sshkdf function in the libssh library is related to improper handling of code generation. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

RedCoder: Automated Multi-Turn Red Teaming for Code LLMs

Large Language Models LLMs for code generation i.e., Code LLMs have demonstrated impressive capabilities in AI-assisted software development and testing. However, recent studies have shown that these models are prone to generating vulnerable or even malicious code under adversarial settings...

ROS-20250625-09

A vulnerability in the Apache Commons Configuration library is related to mismanagement of code generation. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using specially crafted script, dns, and url requests. using specially crafted script, dn...

SafeGenBench: a Benchmark Framework for Security Vulnerability Detection in LLM-Generated Code

The code generation capabilities of large language modelsLLMs have emerged as a critical dimension in evaluating their overall performance. However, prior research has largely overlooked the security risks inherent in the generated code. In this work, we introduce SafeGenBench, a benchmark...

The vulnerability of the IDispatch interface on Windows operating systems allows a perpetrator to execute arbitrary code with SYSTEM level privileges.

The vulnerability of the IDispatch interface on Windows operating systems is related to incorrect code generation. Exploiting this vulnerability allows an attacker to execute arbitrary code with SYSTEM level privileges...

LLMs Caught in the Crossfire: Malware Requests and Jailbreak Challenges

The widespread adoption of Large Language Models LLMs has heightened concerns about their security, particularly their vulnerability to jailbreak attacks that leverage crafted prompts to generate malicious outputs. While prior research has been conducted on general security capabilities of LLMs,...

The vulnerability of the Craft CMS content management system, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of the Craft CMS content management system is related to improper handling of code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the System component of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the System component of the Android operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the System component of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the System component of the Android operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...