24 matches found
Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak
Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses torch-2.8.0-cp310-none-macosx_11_0_arm64.whl which is vulnerable to CVE-2026-24747
Summary IBM Maximo Application Suite - Visual Inspection component uses torch-2.8.0-cp310-none-macosx110arm64.whl which is vulnerable to CVE-2026-24747, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24747 DESCRIPTION:...
CVE-2026-24747
creationtimestamp| type| source ---|---|--- 2026-01-27 23:02:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdguifixce25 2026-01-27 23:02:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdgujasel22x...
ac-solver (=0.1.0), adversarial-insight-ml (=0.1.0) +538 more potentially affected by CVE-2026-24747 via torch (>=2.0.0 <=2.0.1)
torch PYPI version =2.0.0, =0.0.2, =1.2.3, =0.2.2, =0.0.2, =0.0.0, =1.9.0, =0.0.3, =0.8.0, =0.1.0, =0.0.1, =1.9.0, =1.17.1 - aisee =0.1.0 and more Source cves: CVE-2026-24747 Source advisory: SNYK:PYTHON-TORCH-15123585...
CVE-2026-24747 PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files
PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...
aistructdynsolve (>=1.0.0 <=1.2.0), anoseg (=0.0.2) +82 more potentially affected by CVE-2026-24747 via pytorch (=1.0.2)
pytorch PYPI version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on pytorch and may be impacted: - aistructdynsolve =1.0.0, =0.3.0.1, =1.1.0, =1.1.1 and more Source cves: CVE-2026-24747 Source advisory: OSV:GHSA-63CW-57P8-FM3P...
CVE-2025-24747
Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through = 3.4.0...
CVE-2021-24747
The SEO Booster WordPress plugin before 3.8 allows for authenticated SQL injection via the "fnmyajaxifieddataloaderajax" AJAX request as the $REQUEST'order'0'dir' parameter is not properly escaped leading to blind and error-based SQL injections...
CVE-2025-24747 WordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through = 3.4.0...
CVE-2025-24747 WordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through = 3.4.0...
MinIO Privilege Escalation
Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Date: 2024-04-11 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required...
MinIO < 2024-01-31T20-20-33Z - Privilege Escalation Exploit
Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required before execution:...
MinIO < 2024-01-31T20-20-33Z - Privilege Escalation
Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Date: 2024-04-11 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required...
CVE-2024-24747
CVE-2024-24747 (MinIO) : MinIO allows new access keys to inherit the parent’s permissions, including admin:*, enabling potential privilege escalation by overriding their own s3 permissions. The issue is mitigated in the release RELEASE.2024-01-31T20-20-33Z. Connected docs also describe related ad...
CVE-2024-24747
creationtimestamp| type| source ---|---|--- 2024-01-31 20:50:44+00:00| published-proof-of-concept| https://github.com/minio/minio/security/advisories/GHSA-xx8w-mq23-29g4 2024-01-31 23:26:24+00:00| seen| https://t.me/ctinow/177177 2024-02-09 19:17:11+00:00| seen| https://t.me/ctinow/182201...
CVE-2023-24747
creationtimestamp| type| source ---|---|--- 2023-04-06 00:26:30+00:00| seen| https://t.me/cibsecurity/61506 2025-02-14 10:09:23+00:00| seen| Telegram/rlp4oH2dAmK1Ctszi73ILHLOTKyDAKQYWcMFVMUEHRyjpIZ-...
CVE-2023-24747
Jfinal CMS v5.1 was discovered to contain a cross-site scripting XSS vulnerability via the component /system/dict/list...
CVE-2023-24747
CVE-2023-24747 affects Jfinal CMS v5.1, with a cross-site scripting (XSS) vulnerability exposed via the /system/dict/list endpoint. Public sources in the connected data confirm the issue is an XSS bug in that API component; no exploitation status is provided in the documents. The CVSSv3.1 base sc...
CVE-2022-24747
CVE-2022-24747 affects Shopware: older releases fail to set sensitive HTTP headers as non-cacheable, allowing header leakage when an HTTP cache is present between server and client. The issue can expose cached headers to unauthorized entities; description notes that this has been resolved in vers...
CVE-2022-24747 HTTP caching is marking private HTTP headers as public
Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. Affected versions of shopware do no properly set sensitive HTTP headers to be non-cacheable. If there is an HTTP cache between the server and client then headers may be exposed via HTTP...