How severe is CVE-2024-9917?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2024-9917?

This is classified as CWE-502, which is a common weakness in software security.

CVE-2024-9917

MEDIUM Year: 2024

CVSS v3 Score

4.9

Medium

CVSS v2 Score

6.5

Medium

Weakness Type

CWE-502

View all →

Vulnerability Description

A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. This affects an unknown part of the file app/modules/ut-template/admin/template_creat.php. The manipulation of the argument content leads to deserialization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-9953

MEDIUM

CVSS:4.9(Medium)

A potential denial-of-service (DoS) vulnerability exists in CERT VINCE software versions prior to 3.0.8. An authenticated administrative user can inject an arbitrary pickle object into a user’s profil...

CWE-5022024

CVE-2017-15703

MEDIUM

CVSS:5.0(Medium)

Any authenticated user (valid client certificate but without ACL permissions) could upload a template which contained malicious code and caused a denial of service via Java deserialization attack. The...

CWE-5022017

CVE-2022-20195

MEDIUM

CVSS:5.0(Medium)

In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. This could lead to local denial of service with User execution privileges needed. Us...

CWE-5022022

CVE-2024-1432

MEDIUM

CVSS:5.0(Medium)

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22 and classified as problematic. This issue affects the function apply_xseg of the file main...

CWE-5022024

CVE-2024-28859

MEDIUM

CVSS:5.0(Medium)

Symfony1 is a community fork of symfony 1.4 with DIC, form enhancements, latest Swiftmailer, better performance, composer compatible and PHP 8 support. Symfony 1 has a gadget chain due to vulnerable S...

CWE-5022024

CVE-2024-3431

MEDIUM

CVSS:4.7(Medium)

A vulnerability was found in EyouCMS 1.6.5. It has been declared as critical. This vulnerability affects unknown code of the file /login.php?m=admin&c=Field&a=channel_edit of the component Backend. Th...

CWE-5022024

CVE-2024-9917

Vulnerability Description

Related Vulnerabilities

CVE-2024-9953

CVE-2017-15703

CVE-2022-20195

CVE-2024-1432

CVE-2024-28859

CVE-2024-3431