How severe is CVE-2024-1432?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5 out of 10.

What type of vulnerability is CVE-2024-1432?

This is classified as CWE-502, which is a common weakness in software security.

CVE-2024-1432

MEDIUM Year: 2024

CVSS v3 Score

5.0

Medium

CVSS v2 Score

5.1

Medium

Weakness Type

CWE-502

View all →

Vulnerability Description

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22 and classified as problematic. This issue affects the function apply_xseg of the file main.py. The manipulation leads to deserialization. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-253391. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2017-15703

MEDIUM

CVSS:5.0(Medium)

Any authenticated user (valid client certificate but without ACL permissions) could upload a template which contained malicious code and caused a denial of service via Java deserialization attack. The...

CWE-5022017

CVE-2022-20195

MEDIUM

CVSS:5.0(Medium)

In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. This could lead to local denial of service with User execution privileges needed. Us...

CWE-5022022

CVE-2024-28859

MEDIUM

CVSS:5.0(Medium)

Symfony1 is a community fork of symfony 1.4 with DIC, form enhancements, latest Swiftmailer, better performance, composer compatible and PHP 8 support. Symfony 1 has a gadget chain due to vulnerable S...

CWE-5022024

CVE-2024-9917

MEDIUM

CVSS:4.9(Medium)

A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects an unknown part of the file app/modules/ut-template/admin/template_creat.php. The manipulation of the ar...

CWE-5022024

CVE-2024-9953

MEDIUM

CVSS:4.9(Medium)

A potential denial-of-service (DoS) vulnerability exists in CERT VINCE software versions prior to 3.0.8. An authenticated administrative user can inject an arbitrary pickle object into a user’s profil...

CWE-5022024

CVE-2024-5998

MEDIUM

CVSS:5.2(Medium)

A vulnerability in the FAISS.deserialize_from_bytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the...

CWE-5022024

CVE-2024-1432

Vulnerability Description

Related Vulnerabilities

CVE-2017-15703

CVE-2022-20195

CVE-2024-28859

CVE-2024-9917

CVE-2024-9953

CVE-2024-5998