Home / 2022 Advisories Archive

2022 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
High	27 Jun 2022	27 Jun 2022	CPAI-2022-0257		CVE-2022-20759	Cisco Adaptive Security Appliance Privilege Escalation (CVE-2022-20759)
High	26 Jun 2022	26 Jun 2022	CPAI-2019-2544		CVE-2019-7484 CVE-2019-7485	SonicWall SMA100 Multiple Vulnerabilities (CVE-2019-7484; CVE-2019-7485)
Critical	23 Jun 2022	23 Jun 2022	CPAI-2022-0329			TVT CCTV Hardcoded Credentials
Critical	23 Jun 2022	23 Jun 2022	CPAI-2022-0328			TVT CCTV Authentication Bypass
Critical	23 Jun 2022	23 Jun 2022	CPAI-2022-0327			TVT CCTV Stack Overflow
Critical	7 Jun 2022	23 Jun 2022	CPAI-2018-1805		CVE-2018-19949	QNAP QTS Command Injection (CVE-2018-19949)
Critical	21 Jun 2022	21 Jun 2022	CPAI-2022-0305		CVE-2022-26133	Atlassian Bitbucket Data Center Insecure Deserialization (CVE-2022-26133)
Medium	20 Jun 2022	20 Jun 2022	CPAI-2019-2546		CVE-2019-5825	Google Chrome Out-of-Bounds Write (CVE-2019-5825)
High	20 Jun 2022	20 Jun 2022	CPAI-2021-1197		CVE-2021-38163	SAP NetWeaver Unrestricted File Upload (CVE-2021-38163)
Critical	20 Jun 2022	20 Jun 2022	CPAI-2016-1184		CVE-2016-2386	SAP NetWeaver J2EE Engine SQL Injection (CVE-2016-2386)
Critical	20 Jun 2022	20 Jun 2022	CPAI-2017-1279		CVE-2017-6862	Netgear Routers Buffer Overflow (CVE-2017-6862)
Critical	19 Jun 2022	19 Jun 2022	CPAI-2019-2545		CVE-2019-11708	Mozilla Thunderbird Remote Code Execution (CVE-2019-11708)
High	16 Jun 2022	16 Jun 2022	CPAI-2018-1830		CVE-2018-17480	Google Chrome Out-of-Bounds Write (CVE-2018-17480)
Critical	16 Jun 2022	16 Jun 2022	CPAI-2022-0284			Cisco HyperFlex HX Command Injection (CVE-2021-1497)
High	15 Jun 2022	15 Jun 2022	CPAI-2022-0259		CVE-2022-23676	Aruba ArubaOS Memory Corruption (CVE-2022-23676)
High	15 Jun 2022	15 Jun 2022	CPAI-2022-0252		CVE-2022-23677	Aruba ArubaOS Heap Overflow (CVE-2022-23677)
High	14 Jun 2022	14 Jun 2022	CPAI-2022-0291	Microsoft CVE-2022-30147	CVE-2022-30147	Microsoft Windows Installer Elevation of Privilege (CVE-2022-30147)
High	14 Jun 2022	14 Jun 2022	CPAI-2022-0293	Microsoft CVE-2022-30160	CVE-2022-30160	Microsoft Advanced Local Procedure Call Elevation of Privilege (CVE-2022-30160)
High	13 Jun 2022	13 Jun 2022	CPAI-2022-0315			Null Byte HTTP Encodings
Medium	13 Jun 2022	13 Jun 2022	CPAI-2021-1196		CVE-2021-28113	Okta Access Gateway Command Injection (CVE-2021-28113)
Critical	13 Jun 2022	13 Jun 2022	CPAI-2022-0295		CVE-2022-29303	SolarView Compact Command Injection (CVE-2022-29303)
High	13 Jun 2022	13 Jun 2022	CPAI-2019-2541		CVE-2019-18426	WhatsApp Desktop Cross Site Scripting (CVE-2019-18426)
Critical	13 Jun 2022	13 Jun 2022	CPAI-2022-0279		CVE-2022-24706	Apache CouchDB Remote Code Execution (CVE-2022-24706)
Critical	13 Jun 2022	13 Jun 2022	CPAI-2021-1117		CVE-2021-45420	Emerson Dixell Arbitrary File Write (CVE-2021-45420)
Medium	10 Apr 2022	9 Jun 2022	CPAI-2022-0063		CVE-2022-24682	Zimbra Webmail Cross Site Scripting (CVE-2022-24682)
Medium	9 Jun 2022	9 Jun 2022	CPAI-2022-0276		CVE-2022-25106	D-Link DIR-859 Buffer Overflow (CVE-2022-25106)
Medium	9 Jun 2022	9 Jun 2022	CPAI-2022-0275		CVE-2022-28810	Zoho ManageEngine ADSelfService Plus Command Injection (CVE-2022-28810)
High	9 Jun 2022	9 Jun 2022	CPAI-2021-1187		CVE-2021-20039	SonicWall SMA 100 Command Injection (CVE-2021-20039)
Critical	5 Apr 2022	9 Jun 2022	CPAI-2022-0067		CVE-2022-24112	Apache APISIX Remote Code Execution (CVE-2022-24112)
Medium	7 Jun 2022	7 Jun 2022	CPAI-2018-1819		CVE-2018-19953	QNAP FileStation Cross Site Scripting (CVE-2018-19953)
Critical	7 Jun 2022	7 Jun 2022	CPAI-2017-1239		CVE-2017-18362	ConnectWise ManagedITSync SQL Injection (CVE-2017-18362)
Critical	7 Jun 2022	7 Jun 2022	CPAI-2021-1188		CVE-2021-43503	Laravel Remote Code Execution (CVE-2021-43503)
High	7 Jun 2022	7 Jun 2022	CPAI-2022-0258		CVE-2022-28108	Selenium Grid Cross-Site Request Forgery (CVE-2022-28108)
Medium	7 Jun 2022	7 Jun 2022	CPAI-2022-0230		CVE-2021-21983	VMware vRealize Operations Manager API Arbitrary File Write (CVE-2021-21983)
Critical	1 Jun 2022	1 Jun 2022	CPAI-2022-0283		CVE-2022-30190	Microsoft Support Diagnostic Tool Remote Code Execution (CVE-2022-30190)
High	31 May 2022	31 May 2022	CPAI-2022-0260			Oracle E-Business Information Disclosure
Critical	30 May 2022	30 May 2022	CPAI-2022-0256		CVE-2022-30453	ShopWind Remote Code Execution (CVE-2022-30453)
Critical	30 May 2022	30 May 2022	CPAI-2020-3467		CVE-2020-19213	Piwigo SQL Injection (CVE-2020-19213)
Critical	30 May 2022	30 May 2022	CPAI-2022-0248		CVE-2022-0773	WordPress Documentor Plugin SQL Injection (CVE-2022-0773)
High	30 May 2022	30 May 2022	CPAI-2022-0232			Multiple Websites Distributed Denial of Service
Medium	30 May 2022	30 May 2022	CPAI-2019-2530		CVE-2019-8451	Jira Server-Side Request Forgery (CVE-2019-8451)
High	30 May 2022	30 May 2022	CPAI-2021-1186		CVE-2021-25094	WordPress Tatsu Plugin Remote Code Execution (CVE-2021-25094)
High	30 May 2022	30 May 2022	CPAI-2013-3793		CVE-2013-4710	Google Android Denial Of Service (CVE-2013-4710)
Critical	29 May 2022	29 May 2022	CPAI-2022-0278		CVE-2022-22972	VMware Authentication Bypass (CVE-2022-22972)
Critical	29 May 2022	29 May 2022	CPAI-2022-0247		CVE-2022-20777	Cisco NFVIS Improper Access Control (CVE-2022-20777)
High	26 May 2022	26 May 2022	CPAI-2018-1803		CVE-2018-17553	Naviwebs Navigate CMS Directory Traversal (CVE-2018-17553)
High	24 May 2022	24 May 2022	CPAI-2022-0211		CVE-2022-27226	IRZ Mobile Router Remote Code Execution (CVE-2022-27226)
Critical	24 May 2022	24 May 2022	CPAI-2021-1183		CVE-2021-46441 CVE-2021-46442	D-Link DIR-825 OS Command Injection (CVE-2021-46441; CVE-2021-46442)
High	24 May 2022	24 May 2022	CPAI-2021-1175		CVE-2021-1789	Apple Multiple Products Type Confusion (CVE-2021-1789)
Critical	24 May 2022	24 May 2022	CPAI-2021-1174		CVE-2021-27852	Checkbox Survey Remote Code Execution (CVE-2021-27852)