Critical
|
6 Feb 2025 |
6 Feb 2025 |
CPAI-2025-0012
|
|
CVE-2025-22904 CVE-2025-22907 CVE-2025-22913 CVE-2025-22916
|
EDIMAX RE11S Stack Overflow (CVE-2025-22904; CVE-2025-22907; CVE-2025-22913; CVE-2025-22916)
|
High
|
6 Feb 2025 |
6 Feb 2025 |
CPAI-2024-1358
|
|
CVE-2024-48766
|
NetAlertX Directory Traversal (CVE-2024-48766)
|
High
|
6 Feb 2025 |
6 Feb 2025 |
CPAI-2024-1327
|
|
CVE-2024-28726
|
D-Link DWR-2000M Command Injection (CVE-2024-28726)
|
Critical
|
6 Feb 2025 |
6 Feb 2025 |
CPAI-2018-2892
|
|
CVE-2018-19410
|
Paessler PRTG Network Monitor Authentication Bypass (CVE-2018-19410)
|
Critical
|
6 Feb 2025 |
6 Feb 2025 |
CPAI-2024-1321
|
|
CVE-2024-48914
|
Vendure Asset Server Plugin Directory Traversal (CVE-2024-48914)
|
High
|
6 Feb 2025 |
6 Feb 2025 |
CPAI-2024-1323
|
|
CVE-2024-45802
|
Squid Denial of Service (CVE-2024-45802)
|
Medium
|
4 Feb 2025 |
4 Feb 2025 |
CPAI-2025-0015
|
|
|
Nagios Enterprises Nagios XI Command Injection
|
High
|
4 Feb 2025 |
4 Feb 2025 |
CPAI-2021-2292
|
|
CVE-2021-41805
|
HashiCorp Consul Improper Access Control (CVE-2021-41805)
|
Critical
|
3 Feb 2025 |
3 Feb 2025 |
CPAI-2024-1325
|
|
CVE-2024-11972
|
WordPress Hunk Companion Plugin Authentication Bypass (CVE-2024-11972)
|
Critical
|
3 Feb 2025 |
3 Feb 2025 |
CPAI-2024-1293
|
|
CVE-2024-55591
|
Fortinet Multiple Products Authentication Bypass (CVE-2024-55591)
|
Critical
|
2 Feb 2025 |
2 Feb 2025 |
CPAI-2024-1351
|
|
CVE-2024-53704
|
SonicWall SonicOS Authentication Bypass (CVE-2024-53704)
|
Critical
|
2 Feb 2025 |
2 Feb 2025 |
CPAI-2024-1333
|
|
CVE-2024-45507
|
Apache OFBiz Server-Side Request Forgery (CVE-2024-45507)
|
Critical
|
2 Feb 2025 |
2 Feb 2025 |
CPAI-2024-1341
|
|
CVE-2024-36258
|
Wavlink AC3000 Authentication Bypass (CVE-2024-36258)
|
Critical
|
2 Feb 2025 |
2 Feb 2025 |
CPAI-2024-1339
|
|
CVE-2024-34166
|
Wavlink AC3000 Command Injection (CVE-2024-34166)
|
Critical
|
2 Feb 2025 |
2 Feb 2025 |
CPAI-2019-3255
|
|
CVE-2019-16891
|
Liferay Portal Insecure Deserialization (CVE-2019-16891)
|
High
|
30 Jan 2025 |
30 Jan 2025 |
CPAI-2025-0020
|
|
CVE-2025-0105
|
Palo Alto Networks Expedition Arbitrary File Deletion (CVE-2025-0105)
|
High
|
30 Jan 2025 |
30 Jan 2025 |
CPAI-2024-1345
|
|
CVE-2024-41710
|
Mitel Multiple Products Command Injection (CVE-2024-41710)
|
Medium
|
29 Jan 2025 |
29 Jan 2025 |
CPAI-2024-1324
|
|
CVE-2024-45826
|
Rockwell Automation ThinManager Directory Traversal (CVE-2024-45826)
|
Medium
|
29 Jan 2025 |
29 Jan 2025 |
CPAI-2024-1322
|
|
CVE-2024-9234
|
WordPress Popularis Extra Plugin Arbitrary File Upload (CVE-2024-9932; CVE-2024-9234)
|
Critical
|
29 Jan 2025 |
29 Jan 2025 |
CPAI-2024-1317
|
|
CVE-2024-4320
|
LoLLMs WebUI Path Traversal (CVE-2024-4320)
|
Critical
|
29 Jan 2025 |
29 Jan 2025 |
CPAI-2024-1312
|
|
CVE-2024-57684
|
D-Link DIR-816 Authentication Bypass (CVE-2024-57684)
|
Critical
|
29 Jan 2025 |
29 Jan 2025 |
CPAI-2024-1291
|
|
CVE-2024-11773
|
Ivanti Cloud Services Appliance SQL Injection (CVE-2024-11773)
|
High
|
20 Jan 2025 |
28 Jan 2025 |
CPAI-2024-1230
|
|
CVE-2024-47007 CVE-2024-50317 CVE-2024-50318 CVE-2024-50319 CVE-2024-50321
|
Ivanti Avalanche Denial of Service (CVE-2024-47007; CVE-2024-50317; CVE-2024-50318; CVE-2024-50319; CVE-2024-50321)
|
High
|
27 Jan 2025 |
27 Jan 2025 |
CPAI-2024-1316
|
|
CVE-2024-50326
|
Ivanti Endpoint Manager SQL Injection (CVE-2024-50326)
|
Critical
|
27 Jan 2025 |
27 Jan 2025 |
CPAI-2024-1292
|
|
CVE-2024-46909
|
Progress WhatsUp Gold Remote Code Execution (CVE-2024-46909)
|
High
|
26 Jan 2025 |
26 Jan 2025 |
CPAI-2024-1313
|
|
CVE-2024-53457
|
LibreNMS Stored Cross-Site Scripting (CVE-2024-53457)
|
High
|
26 Jan 2025 |
26 Jan 2025 |
CPAI-2024-1311
|
|
CVE-2024-31817
|
TOTOLINK EX200 Information Disclosure (CVE-2024-31817)
|
Medium
|
26 Jan 2025 |
26 Jan 2025 |
CPAI-2020-4275
|
|
CVE-2020-13563
|
PhpGACL Project PhpGACL Cross-Site Scripting (CVE-2020-13563)
|
Medium
|
26 Jan 2025 |
26 Jan 2025 |
CPAI-2020-4274
|
|
CVE-2020-13564
|
PhpGACL Project PhpGACL Cross-Site Scripting (CVE-2020-13564)
|
High
|
23 Jan 2025 |
23 Jan 2025 |
CPAI-2024-1319
|
|
CVE-2024-49112
|
Microsoft Windows LDAP Remote Code Execution (CVE-2024-49112)
|
High
|
23 Jan 2025 |
23 Jan 2025 |
CPAI-2024-1310
|
|
CVE-2024-52875
|
GFI Kerio Control CRLF Injection (CVE-2024-52875)
|
High
|
23 Jan 2025 |
23 Jan 2025 |
CPAI-2024-1305
|
|
CVE-2024-53691
|
QNAP QTS Remote Code Execution (CVE-2024-53691)
|
High
|
23 Jan 2025 |
23 Jan 2025 |
CPAI-2024-1304
|
|
CVE-2024-51818
|
WordPress Fancy Product Designer Plugin SQL Injection (CVE-2024-51818)
|
High
|
17 Jan 2025 |
23 Jan 2025 |
CPAI-2024-1224
|
|
CVE-2024-49113
|
Microsoft Windows LDAP Denial of Service (CVE-2024-49113)
|
Critical
|
23 Jan 2025 |
23 Jan 2025 |
CPAI-2024-1146
|
|
CVE-2024-8877
|
Riello NetMan 204 Firmware SQL Injection (CVE-2024-8877)
|
High
|
23 Jan 2025 |
23 Jan 2025 |
CPAI-2024-1307
|
|
CVE-2024-27292
|
Docassemble Information Disclosure (CVE-2024-27292)
|
High
|
23 Jan 2025 |
23 Jan 2025 |
CPAI-2025-0009
|
|
CVE-2025-0107
|
Palo Alto Networks Expedition Command Injection (CVE-2025-0107)
|
High
|
23 Jan 2025 |
23 Jan 2025 |
CPAI-2024-1295
|
|
CVE-2024-43452
|
Microsoft Windows Privilege Escalation (CVE-2024-43452)
|
Medium
|
23 Jan 2025 |
23 Jan 2025 |
CPAI-2024-1290
|
|
CVE-2024-34787
|
Ivanti Endpoint Manager Directory Traversal (CVE-2024-34787)
|
High
|
23 Jan 2025 |
23 Jan 2025 |
CPAI-2024-1253
|
|
CVE-2024-11651 CVE-2024-11652 CVE-2024-11653 CVE-2024-11654 CVE-2024-11655 CVE-2024-11656 CVE-2024-11657 CVE-2024-11658 CVE-2024-11659
|
EnGenius Multiple Products Command Injection (CVE-2024-11651; CVE-2024-11652; CVE-2024-11653; CVE-2024-11654; CVE-2024-11655; CVE-2024-11656; CVE-2024-11657; CVE-2024-11658; CVE-2024-11659)
|
Critical
|
22 Jan 2025 |
22 Jan 2025 |
CPAI-2024-1294
|
|
CVE-2024-11320
|
Pandora FMS Command Injection (CVE-2024-11320)
|
Critical
|
21 Jan 2025 |
21 Jan 2025 |
CPAI-2023-1996
|
|
CVE-2023-37754
|
PowerJob Command Injection (CVE-2023-37754)
|
Critical
|
21 Jan 2025 |
21 Jan 2025 |
CPAI-2023-1994
|
|
CVE-2023-46347
|
Ndk Design SQL Injection (CVE-2023-46347)
|
Critical
|
21 Jan 2025 |
21 Jan 2025 |
CPAI-2023-1993
|
|
CVE-2023-3224
|
Nuxt Code Injection (CVE-2023-3224)
|
Critical
|
20 Jan 2025 |
20 Jan 2025 |
CPAI-2024-1246
|
|
CVE-2024-9932
|
WordPress Wux Blog Editor Plugin Arbitrary File Upload (CVE-2024-9932)
|
Critical
|
20 Jan 2025 |
20 Jan 2025 |
CPAI-2023-1985
|
|
CVE-2023-31446
|
Cassia Network Gateway Command Injection (CVE-2023-31446)
|
Critical
|
20 Jan 2025 |
20 Jan 2025 |
CPAI-2024-1239
|
|
CVE-2024-3552
|
WordPress SalePHPscripts Web Directory Free Plugin SQL Injection (CVE-2024-3552)
|
High
|
20 Jan 2025 |
20 Jan 2025 |
CPAI-2024-1238
|
|
CVE-2024-31621
|
Flowise Authentication Bypass (CVE-2024-31621)
|
Medium
|
20 Jan 2025 |
20 Jan 2025 |
CPAI-2024-1121
|
|
CVE-2024-24942
|
JetBrains TeamCity Directory Traversal (CVE-2024-24942)
|
High
|
20 Jan 2025 |
20 Jan 2025 |
CPAI-2007-0499
|
|
CVE-2007-3175
|
W2B Online Banking SQL Injection (CVE-2007-3175)
|