Home / 2023 Advisories Archive

2023 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
High	3 Oct 2023	3 Oct 2023	CPAI-2023-0812		CVE-2023-34133	SonicWall SQL Injection (CVE-2023-34133)
High	21 Mar 2023	3 Oct 2023	CPAI-2023-0134			Emotet UPS Phishing Email Campaign
Critical	3 Oct 2023	3 Oct 2023	CPAI-2021-2027		CVE-2021-44228	Apache Log4j Remote Code Execution over Non-Standard Ports (CVE-2021-44228)
Critical	2 Oct 2023	2 Oct 2023	CPAI-2018-2604		CVE-2018-14364	GitLab Arbitrary File Write (CVE-2018-14364)
Critical	13 Jun 2023	2 Oct 2023	CPAI-2023-0419	Microsoft CVE-2023-29357	CVE-2023-29357	Microsoft SharePoint Server Authentication Bypass (CVE-2023-29357)
Medium	1 Oct 2023	1 Oct 2023	CPAI-2023-0875		CVE-2023-2164	GitLab Cross-Site Scripting (CVE-2023-2164)
High	1 Oct 2023	1 Oct 2023	CPAI-2022-1895		CVE-2022-44574	Ivanti Avalanche Authentication Bypass (CVE-2022-44574)
High	1 Oct 2023	1 Oct 2023	CPAI-2023-0824		CVE-2023-32150	D-Link DIR-2640 HNAP PrefixLen Command Injection (CVE-2023-32150)
Critical	1 Oct 2023	1 Oct 2023	CPAI-2022-1865		CVE-2022-26887	Delta DIAEnergie SQL Injection (CVE-2022-26887)
Critical	1 Oct 2023	1 Oct 2023	CPAI-2022-1861		CVE-2022-31061	GLPI SQL Injection (CVE-2022-31061)
Critical	1 Oct 2023	1 Oct 2023	CPAI-2022-1859		CVE-2022-1905	WordPress E-Dynamics Events Made Easy Plugin SQL Injection (CVE-2022-1905)
Critical	1 Oct 2023	1 Oct 2023	CPAI-2022-1823		CVE-2022-34265	Django SQL Injection (CVE-2022-34265)
High	1 Oct 2023	1 Oct 2023	CPAI-2021-1996		CVE-2021-41843	OpenEMR Calendar Search SQL Injection (CVE-2021-41843)
Medium	1 Oct 2023	1 Oct 2023	CPAI-2022-1762		CVE-2022-1476	WordPress ServMask All-in-One WP Migration Plugin Directory Traversal (CVE-2022-1476)
High	1 Oct 2023	1 Oct 2023	CPAI-2012-1394		CVE-2012-1185	ImageMagick Memory Corruption (CVE-2012-1185)
High	1 Oct 2023	1 Oct 2023	CPAI-2023-0798		CVE-2023-27404	Siemens Tecnomatix Plant Simulation Remote Code Execution (CVE-2023-27404)
High	4 Jun 2023	1 Oct 2023	CPAI-2023-0386		CVE-2023-34362 CVE-2023-35036	Progress MOVEit Transfer Multiple Vulnerabilities (CVE-2023-34362; CVE-2023-35036)
High	1 Oct 2023	1 Oct 2023	CPAI-2022-1596		CVE-2022-36980	Ivanti Avalanche Authentication Bypass (CVE-2022-36980)
Medium	1 Oct 2023	1 Oct 2023	CPAI-2021-1777		CVE-2021-25080	WordPress crmperks Contact Form Entries Plugin Cross-Site Scripting (CVE-2021-25080)
Critical	28 Sep 2023	28 Sep 2023	CPAI-2022-1894		CVE-2022-39986	RaspAP Command Injection (CVE-2022-39986)
Critical	27 Sep 2023	27 Sep 2023	CPAI-2019-3109		CVE-2019-5620	Hitachi Energy MicroSCADA Remote Code Execution (CVE-2019-5620)
High	27 Sep 2023	27 Sep 2023	CPAI-2017-1698		CVE-2017-1000479	Netgate pfSense Cross-Site Request Forgery (CVE-2017-1000479)
High	27 Sep 2023	27 Sep 2023	CPAI-2015-1537		CVE-2015-5453	WatchGuard XCS Command Injection (CVE-2015-5453)
Critical	27 Sep 2023	27 Sep 2023	CPAI-2019-2951		CVE-2019-11577	dhcpcd Buffer Overflow (CVE-2019-11577)
High	26 Sep 2023	26 Sep 2023	CPAI-2018-2559		CVE-2018-3606	Trend Micro Control Manager SQL Injection (CVE-2018-3606)
Critical	26 Sep 2023	26 Sep 2023	CPAI-2018-2518		CVE-2018-17243	ZohoCorp ManageEngine OpManager SQL Injection (CVE-2018-17243)
Critical	26 Sep 2023	26 Sep 2023	CPAI-2018-2514		CVE-2018-8734	Nagios XI SQL Injection (CVE-2018-8734)
High	26 Sep 2023	26 Sep 2023	CPAI-2018-2493		CVE-2018-10357	Trend Micro Endpoint Application Control Directory Traversal (CVE-2018-10357)
High	26 Sep 2023	26 Sep 2023	CPAI-2023-0786		CVE-2023-36933	Progress MOVEit Transfer Uncaught Exception (CVE-2023-36933)
High	15 Jun 2023	26 Sep 2023	CPAI-2023-0405			Java Server Files Information Disclosure
High	26 Sep 2023	26 Sep 2023	CPAI-2018-1526		CVE-2018-8414	Microsoft Windows Remote Code Execution (CVE-2018-8414)
High	21 Sep 2023	21 Sep 2023	CPAI-2023-0803		CVE-2023-39108 CVE-2023-39109	rConfig Server-Side Request Forgery (CVE-2023-39108; CVE-2023-39109)
Critical	21 Sep 2023	21 Sep 2023	CPAI-2020-3900		CVE-2020-10230	Control Webpanel SQL Injection (CVE-2020-10230)
Critical	21 Sep 2023	21 Sep 2023	CPAI-2023-0791		CVE-2023-35708	Progress MOVEit Transfer SQL Injection (CVE-2023-35708)
Critical	29 Aug 2023	21 Sep 2023	CPAI-2023-0686		CVE-2022-28491 CVE-2022-28495 CVE-2023-24154 CVE-2023-24159 CVE-2023-31856 CVE-2023-36457	Generic HTTP Command Injection (CVE-2022-28491; CVE-2022-28495; CVE-2023-24154; CVE-2023-24159; CVE-2023-31856; CVE-2023-36457)
High	24 Jul 2023	21 Sep 2023	CPAI-2013-3811		CVE-2013-6829	PineApp Mail-SeCure Command Injection (CVE-2013-6829)
High	11 Jul 2023	21 Sep 2023	CPAI-2023-0529	Adobe APSB23-40	CVE-2023-29298	Adobe ColdFusion Improper Access Control (CVE-2023-29298)
High	20 Jul 2023	21 Sep 2023	CPAI-2021-1797		CVE-2021-34833	Foxit PDF Reader Remote Code Execution (CVE-2021-34833)
Critical	6 Jun 2023	21 Sep 2023	CPAI-2023-0356		CVE-2023-28771	Zyxel ZyWALL Command Injection (CVE-2023-28771)
High	21 Sep 2023	21 Sep 2023	CPAI-2011-0658		CVE-2011-5010	Ctek SkyRouter Command Injection (CVE-2011-5010)
Critical	21 Sep 2023	21 Sep 2023	CPAI-2022-1744		CVE-2022-24816	GeoSolutionsGroup JAI-EXT Remote Code Execution (CVE-2022-24816)
High	21 Sep 2023	21 Sep 2023	CPAI-2020-3899		CVE-2020-1074	Microsoft Windows Remote Code Execution (CVE-2020-1074)
Medium	21 Sep 2023	21 Sep 2023	CPAI-2023-0782		CVE-2023-22249	Adobe Multiple Products Cross-Site Scripting (CVE-2023-22249)
High	6 Sep 2023	21 Sep 2023	CPAI-2023-0584			Metasploit Windows Reverse Shell Payloads
High	20 Jun 2023	21 Sep 2023	CPAI-2023-0329		CVE-2023-29509	XWiki Remote Code Execution (CVE-2023-29509)
Critical	8 May 2023	21 Sep 2023	CPAI-2022-1515		CVE-2022-41657	Delta Infrasuite Device Master Remote Code Execution (CVE-2022-41657)
Critical	22 Jan 2023	21 Sep 2023	CPAI-2022-1132		CVE-2022-2884	GitLab Command Injection (CVE-2022-2884)
High	20 Sep 2023	20 Sep 2023	CPAI-2023-0800		CVE-2023-0250	Deltaww DIAScreen Buffer Overflow (CVE-2023-0250)
Critical	20 Sep 2023	20 Sep 2023	CPAI-2023-0772		CVE-2023-36210	MotoCMS Server Side Template Injection (CVE-2023-36210)
High	20 Sep 2023	20 Sep 2023	CPAI-2016-1235		CVE-2016-0117	Microsoft Windows Remote Code Execution (CVE-2016-0117)