The vulnerability of the System component of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the System component of the Android operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The Rise of ‘Vibe Hacking’ Is the Next AI Nightmare

In the very near future, victory will belong to the savvy blackhat hacker who uses AI to generate code at scale...

The vulnerability of the functional module of the RFC interface of the software tool for managing changes and migrations in SAP Landscape Transformation (SLT) allows a attacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the functional module of the RFC interface of the software tool for managing changes and migrations in SAP Landscape Transformation SLT is related to improper code generation. Exploiting this vulnerability can allow an attacker to influence the confidentiality, integrity, and...

The vulnerability of the SAP NetWeaver Application ABAP software integration platform’s server, related to improper code generation management, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the SAP NetWeaver Application ABAP software integration platform is related to incorrect code generation management. Exploiting this vulnerability allows an attacker to influence the confidentiality, integrity, and accessibility of protected information...

CVE-2025-25021

CVE-2025-25021 affects IBM QRadar Suite Software 1.10.12.0–1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0–1.10.11.0. The issue is a code injection vulnerability caused by improper generation/filtering of constructed code snippets in the case management script, enabling privileged code execution...

Mind the Gap: a Practical Attack on GGUF Quantization

With the increasing size of frontier LLMs, post-training quantization has become the standard for memory-efficient deployment. Recent work has shown that basic rounding-based quantization schemes pose security risks, as they can be exploited to inject malicious behaviors into quantized models tha...

CVE-2023-25054

Improper Control of Generation of Code 'Code Injection' vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a through 10.6.6...

The vulnerability of the software for centralized backup and disaster recovery management in Dell PowerProtect Data Manager arises from improper code generation. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the software for centralized backup and disaster recovery management in Dell PowerProtect Data Manager is related to improper code generation. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the application interface for managing the lifecycle of mobile devices and Ivanti Endpoint Manager Mobile (EPMM) (formerly MobileIron Core) allows a perpetrator to execute arbitrary code.

The vulnerability of the application interface for managing the lifecycle of mobile devices and Ivanti Endpoint Manager Mobile EPMM formerly MobileIron Core is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Broker VM platform’s security layer, Cortex XDR, arises from improper code generation management, allowing attackers to execute arbitrary code.

The vulnerability of the Broker VM platform’s security platform, Cortex XDR, is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Securing Generative AI: Navigating Risk and Building Resilience

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on CAASM & CDMB Inefficiencies! Generative AI has changed the way ...

Security Degradation in Iterative AI Code Generation -- a Systematic Analysis of the Paradox

The rapid adoption of Large Language ModelsLLMs for code generation has transformed software development, yet little attention has been given to how security vulnerabilities evolve through iterative LLM feedback. This paper analyzes security degradation in AI-generated code through a controlled...

WordPress plugin MapSVG Lite 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

The vulnerability of the IBM Verify Identity Access system (formerly IBM Security Verify Access) relates to improper code generation, allowing a perpetrator to execute arbitrary code.

The vulnerability of the IBM Verify Identity Access system formerly IBM Security Verify Access is related to improper code generation. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code...

WordPress plugin Ultimate Member 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...

PT-2025-24453

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The vulnerability resides within the System component of the Android operating system, stemming from improper code generation management. Remote attackers can potentially execute arbitrary...

CVE-2025-2421

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection.This issue affects SambaBox: before 5.1...

CVE-2025-2421

Improper Control of Generation of Code 'Code Injection' vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: before 5.1...

The vulnerability of the corporate version of the GitHub Enterprise Server, related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of the corporate version of the GitHub Enterprise Server is related to improper code generation management. Exploitation of this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the EQUELLA repository in the virtual learning environment Moodle, which allows a perpetrator to execute arbitrary code.

The vulnerability of the EQUELLA repository in the virtual learning environment Moodle is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...