Lucene search
K

24 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 1:47 p.m.13 views

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...

8.8CVSS6AI score0.00695EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/28 7:11 a.m.5 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses torch-2.8.0-cp310-none-macosx_11_0_arm64.whl which is vulnerable to CVE-2026-24747

Summary IBM Maximo Application Suite - Visual Inspection component uses torch-2.8.0-cp310-none-macosx110arm64.whl which is vulnerable to CVE-2026-24747, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24747 DESCRIPTION:...

8.8CVSS5.8AI score0.00695EPSS
Exploits1Affected Software1
Circl
Circl
added 2026/01/27 11:2 p.m.8 views

CVE-2026-24747

creationtimestamp| type| source ---|---|--- 2026-01-27 23:02:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdguifixce25 2026-01-27 23:02:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdgujasel22x...

8.8CVSS5.8AI score0.00695EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2026/01/27 9:49 p.m.6 views

ac-solver (=0.1.0), adversarial-insight-ml (=0.1.0) +538 more potentially affected by CVE-2026-24747 via torch (>=2.0.0 <=2.0.1)

torch PYPI version =2.0.0, =0.0.2, =1.2.3, =0.2.2, =0.0.2, =0.0.0, =1.9.0, =0.0.3, =0.8.0, =0.1.0, =0.0.1, =1.9.0, =1.17.1 - aisee =0.1.0 and more Source cves: CVE-2026-24747 Source advisory: SNYK:PYTHON-TORCH-15123585...

8.8CVSS6.7AI score0.00695EPSS
Exploits1
OSV
OSV
added 2026/01/27 9:13 p.m.4 views

CVE-2026-24747 PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

8.8CVSS6.1AI score0.00695EPSS
Exploits1References6
vulnersOsv
vulnersOsv
added 2026/01/27 8:10 p.m.8 views

aistructdynsolve (>=1.0.0 <=1.2.0), anoseg (=0.0.2) +82 more potentially affected by CVE-2026-24747 via pytorch (=1.0.2)

pytorch PYPI version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on pytorch and may be impacted: - aistructdynsolve =1.0.0, =0.3.0.1, =1.1.0, =1.1.1 and more Source cves: CVE-2026-24747 Source advisory: OSV:GHSA-63CW-57P8-FM3P...

8.8CVSS6AI score0.00695EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 11:40 a.m.6 views

CVE-2025-24747

Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through = 3.4.0...

5.3CVSS7.2AI score0.00258EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:24 p.m.6 views

CVE-2021-24747

The SEO Booster WordPress plugin before 3.8 allows for authenticated SQL injection via the "fnmyajaxifieddataloaderajax" AJAX request as the $REQUEST'order'0'dir' parameter is not properly escaped leading to blind and error-based SQL injections...

7.2CVSS7.6AI score0.01497EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/01/27 2:22 p.m.5 views

CVE-2025-24747 WordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through = 3.4.0...

5.3CVSS8.6AI score0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/27 2:22 p.m.17 views

CVE-2025-24747 WordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in favethemes Houzez houzez.This issue affects Houzez: from n/a through = 3.4.0...

5.3CVSS0.00258EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/04/12 12:0 a.m.408 views

MinIO Privilege Escalation

Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Date: 2024-04-11 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required...

8.8CVSS7.4AI score0.34086EPSS
Exploits4
0day.today
0day.today
added 2024/04/12 12:0 a.m.203 views

MinIO < 2024-01-31T20-20-33Z - Privilege Escalation Exploit

Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required before execution:...

8.8CVSS8.7AI score0.34086EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.266 views

MinIO &lt; 2024-01-31T20-20-33Z - Privilege Escalation

Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Date: 2024-04-11 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required...

8.8CVSS8.7AI score0.34086EPSS
Exploits4
CVE
CVE
added 2024/01/31 10:10 p.m.169 views

CVE-2024-24747

CVE-2024-24747 (MinIO) : MinIO allows new access keys to inherit the parent’s permissions, including admin:*, enabling potential privilege escalation by overriding their own s3 permissions. The issue is mitigated in the release RELEASE.2024-01-31T20-20-33Z. Connected docs also describe related ad...

8.8CVSS8.2AI score0.34086EPSS
Exploits4References3Affected Software1
Circl
Circl
added 2024/01/31 8:50 p.m.6 views

CVE-2024-24747

creationtimestamp| type| source ---|---|--- 2024-01-31 20:50:44+00:00| published-proof-of-concept| https://github.com/minio/minio/security/advisories/GHSA-xx8w-mq23-29g4 2024-01-31 23:26:24+00:00| seen| https://t.me/ctinow/177177 2024-02-09 19:17:11+00:00| seen| https://t.me/ctinow/182201...

8.8CVSS7.3AI score0.34086EPSS
Exploits4References5
Circl
Circl
added 2023/04/06 12:26 a.m.5 views

CVE-2023-24747

creationtimestamp| type| source ---|---|--- 2023-04-06 00:26:30+00:00| seen| https://t.me/cibsecurity/61506 2025-02-14 10:09:23+00:00| seen| Telegram/rlp4oH2dAmK1Ctszi73ILHLOTKyDAKQYWcMFVMUEHRyjpIZ-...

5.4CVSS5.5AI score0.00373EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/05 12:0 a.m.9 views

CVE-2023-24747

Jfinal CMS v5.1 was discovered to contain a cross-site scripting XSS vulnerability via the component /system/dict/list...

6.3AI score0.00373EPSS
Exploits0References1
CVE
CVE
added 2023/04/05 12:0 a.m.53 views

CVE-2023-24747

CVE-2023-24747 affects Jfinal CMS v5.1, with a cross-site scripting (XSS) vulnerability exposed via the /system/dict/list endpoint. Public sources in the connected data confirm the issue is an XSS bug in that API component; no exploitation status is provided in the documents. The CVSSv3.1 base sc...

5.4CVSS5.3AI score0.00373EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/03/09 10:25 p.m.108 views

CVE-2022-24747

CVE-2022-24747 affects Shopware: older releases fail to set sensitive HTTP headers as non-cacheable, allowing header leakage when an HTTP cache is present between server and client. The issue can expose cached headers to unauthorized entities; description notes that this has been resolved in vers...

6.3CVSS5.3AI score0.01055EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/03/09 10:25 p.m.34 views

CVE-2022-24747 HTTP caching is marking private HTTP headers as public

Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. Affected versions of shopware do no properly set sensitive HTTP headers to be non-cacheable. If there is an HTTP cache between the server and client then headers may be exposed via HTTP...

6.3CVSS6.5AI score0.01055EPSS
Exploits0References3
Rows per page
Query Builder