Tag
arbitrary-code-execution
Safeguard articles tagged "arbitrary-code-execution" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Regulatory Compliance
Analysis of pickle file deserialization vulnerabilities i...
CVE-2025-32434 shows PyTorch's "safe" weights_only loading could still be bypassed for code execution — a pickle deserialization vulnerability with real supply-chain consequences.
Dec 15, 20258 min read
Open Source Security
RubyGems Malicious Gem Arbitrary Code Execution via Missi...
CVE-2019-8324 let a malicious RubyGems package run arbitrary code at install time via a crafted multi-line gem name evaluated during the preinstall check.
Dec 4, 20257 min read
Vulnerability Analysis
CVE-2022-22817: Arbitrary code execution in Pillow via Im...
CVE-2022-22817 lets attackers achieve arbitrary code execution via Pillow's ImageMath.eval() when environment data is attacker-controlled. Patch to 9.0.1+.
Oct 6, 20258 min read