2 matches found
CVE-2025-13709
CVE-2025-13709 concerns Tencent TFace’s restore_checkpoint function. The issue is deserialization of untrusted data due to insufficient validation, enabling remote code execution with root privileges. Exploitation requires user interaction (visiting a malicious page or opening a malicious file). ...
CVE-2025-13711
CVE-2025-13711 affects Tencent TFace, specifically the eval endpoint. The root cause is improper validation that enables deserialization of untrusted data, leading to remote code execution. Exploitation requires user interaction (visiting a malicious page or opening a malicious file); successful ...