PT-2025-22915 · Humansignal · Label-Studio-Ml-Backend

Name of the Vulnerable Software and Affected Versions: HumanSignal label-studio-ml-backend versions up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf Description: A vulnerability has been found in the function load of the file label-studio-ml-backend/label studio ml/examples/yolo/utils/neural nets.p...

CVE-2022-23940

SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users with access to the Scheduled Reports module can achieve this by leveraging PHP deserialization in the emailrecipients property. By using a crafted request, they can create a malicious report, containin...

PT-2020-12528 · Typo3 · Typo3/Cms

Name of the Vulnerable Software and Affected Versions: TYPO3 CMS versions 9.0.0 through 9.5.16 TYPO3 CMS versions 10.0.0 through 10.4.1 Description: The backend user settings in $BE USER-uc are vulnerable to insecure deserialization. This vulnerability can lead to remote code execution when...