Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Critical	8 Jul 2024	8 Jul 2024	CPAI-2024-0549	CVE-2024-32002	Git Remote Code Execution (CVE-2024-32002)
Critical	8 Jul 2024	8 Jul 2024	CPAI-2024-0546	CVE-2024-38366	Trunk Cocoapods Command Injection (CVE-2024-38366)
Critical	8 Jul 2024	8 Jul 2024	CPAI-2021-2182	CVE-2021-30633	Google Chrome Use After Free (CVE-2021-30633)
High	2 Jun 2024	8 Jul 2024	CPAI-2024-0294	CVE-2023-45288 CVE-2024-27316 CVE-2024-28182 CVE-2024-30255	HTTP/2 CONTINUATION Flood Denial of Service (CVE-2023-45288; CVE-2024-27316; CVE-2024-28182; CVE-2024-30255)
High	7 Jul 2024	7 Jul 2024	CPAI-2024-0547	CVE-2024-32461	LibreNMS SQL Injection (CVE-2024-32461)
High	7 Jul 2024	7 Jul 2024	CPAI-2024-0545	CVE-2024-2961	GNU glibc Buffer Overflow (CVE-2024-2961)
Critical	7 Jul 2024	7 Jul 2024	CPAI-2023-1819	CVE-2023-47207	Delta InfraSuite Device Master Insecure Deserialization (CVE-2023-47207)
High	31 Mar 2024	7 Jul 2024	CPAI-2023-1606	CVE-2023-6114	WordPress Duplicator Plugin Information Disclosure (CVE-2023-6114)
High	4 Jul 2024	4 Jul 2024	CPAI-2024-0544		Weaver E-cology OA System Remote Code Execution
High	4 Jul 2024	4 Jul 2024	CPAI-2022-2102	CVE-2022-45504	Tenda W6-S Denial Of Service (CVE-2022-45504)
Critical	24 Jun 2024	3 Jul 2024	CPAI-2024-0409	CVE-2024-29973	Zyxel NAS Command Injection (CVE-2024-29973)
Medium	2 Jul 2024	2 Jul 2024	CPAI-2017-1868	CVE-2017-5754	Intel Multiple Products Information Disclosure (CVE-2017-5754)
Medium	1 Jul 2024	1 Jul 2024	CPAI-2020-4187	CVE-2020-13965	Roundcube Webmail Cross-Site Scripting (CVE-2020-13965)
Critical	1 Jul 2024	1 Jul 2024	CPAI-2024-0531	CVE-2024-0769	D-Link DIR-859 Directory Traversal (CVE-2024-0769)
High	1 Jul 2024	1 Jul 2024	CPAI-2024-0530	CVE-2024-28999	SolarWinds Platform Authentication Bypass (CVE-2024-28999)
High	1 Jul 2024	1 Jul 2024	CPAI-2024-0509	CVE-2024-29848	Ivanti Avalanche Arbitrary File Upload (CVE-2024-29848)
High	1 Jul 2024	1 Jul 2024	CPAI-2022-2098	CVE-2022-2419	Eveo URVE Web Manager Unrestricted File Upload (CVE-2022-2419)
Medium	1 Jul 2024	1 Jul 2024	CPAI-2024-0355	CVE-2024-31077	WordPress Project Forminator Plugin SQL Injection (CVE-2024-31077)
Medium	31 May 2024	1 Jul 2024	CPAI-2024-0311	CVE-2024-31997	XWiki.org XWiki Code Injection (CVE-2024-31997)
Medium	9 May 2024	1 Jul 2024	CPAI-2024-0218	CVE-2024-31465	XWiki Remote Code Execution (CVE-2024-31465)
Critical	21 Feb 2024	1 Jul 2024	CPAI-2023-1538	CVE-2023-4473	Zyxel NAS Authentication Bypass (CVE-2023-4473)
High	30 Jun 2024	30 Jun 2024	CPAI-2023-1821	CVE-2023-38874	Economizzer Remote Code Execution (CVE-2023-38874)
Critical	30 Jun 2024	30 Jun 2024	CPAI-2023-1818	CVE-2023-44974	Emlog Remote Code Execution (CVE-2023-44974)
Critical	30 Jun 2024	30 Jun 2024	CPAI-2023-1817	CVE-2023-6018	LF Projects MLflow Authentication Bypass (CVE-2023-6018)
High	30 Jun 2024	30 Jun 2024	CPAI-2024-0502	CVE-2024-2829	GitLab Community and Enterprise Edition Denial of Service (CVE-2024-2829)
Critical	30 Jun 2024	30 Jun 2024	CPAI-2023-1810	CVE-2023-46042	GetSimple CMS Remote Code Execution (CVE-2023-46042)
High	30 Jun 2024	30 Jun 2024	CPAI-2023-1808	CVE-2023-46865	Crater App Arbitrary File Upload (CVE-2023-46865)
High	30 Jun 2024	30 Jun 2024	CPAI-2022-2087	CVE-2022-45672	Tenda I22 Buffer Overflow (CVE-2022-45672)
High	30 Jun 2024	30 Jun 2024	CPAI-2023-1768	CVE-2023-35628	Microsoft Windows Remote Code Execution (CVE-2023-35628)
Medium	30 Jun 2024	30 Jun 2024	CPAI-2023-1763	CVE-2023-1183	LibreOffice Arbitrary File Write (CVE-2023-1183)
Critical	19 May 2024	30 Jun 2024	CPAI-2024-0289	CVE-2024-25641	Cacti Arbitrary File Upload (CVE-2024-25641)
High	27 Jun 2024	27 Jun 2024	CPAI-2024-0525	CVE-2024-5274	Google Chrome Type Confusion (CVE-2024-5274)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2023-1815	CVE-2023-49442	JEECG Remote Code Execution (CVE-2023-49442)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2024-0448	CVE-2024-29849	Veeam Backup and Replication Authentication Bypass (CVE-2024-29849)
High	27 Jun 2024	27 Jun 2024	CPAI-2023-1791	CVE-2023-47415	Cypress Solutions CTM-200 Command Injection (CVE-2023-47415)
High	27 Jun 2024	27 Jun 2024	CPAI-2022-2093	CVE-2022-28917	Tenda AX12 Buffer Overflow (CVE-2022-28917)
High	27 Jun 2024	27 Jun 2024	CPAI-2023-1786	CVE-2023-50968	Apache OFBiz Server-Side Request Forgery (CVE-2023-50968)
High	27 Jun 2024	27 Jun 2024	CPAI-2024-0421	CVE-2024-33343	D-Link DIR-822 Command Injection (CVE-2024-33343)
High	28 May 2024	27 Jun 2024	CPAI-2024-0335	CVE-2024-4439	WordPress Core Cross-Site Scripting (CVE-2024-4439)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2024-0508	CVE-2024-34359	Python Package llama-cpp-python Remote Code Execution (CVE-2024-34359)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2024-0503	CVE-2024-22729	Netis Systems MW5360 Command Injection (CVE-2024-22729)
High	27 Jun 2024	27 Jun 2024	CPAI-2024-0447	CVE-2024-24399	Lepton CMS Arbitrary File Upload (CVE-2024-24399)
High	27 Jun 2024	27 Jun 2024	CPAI-2020-4183	CVE-2020-16243	WECON LeviStudioU Buffer Overflow (CVE-2020-16243)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2021-1950	CVE-2021-38390	Delta DIAEnergie SQL Injection (CVE-2021-38390)
High	27 Jun 2024	27 Jun 2024	CPAI-2022-1693	CVE-2022-41133	Delta DIAEnergie SQL Injection (CVE-2022-41133)
High	26 Jun 2024	26 Jun 2024	CPAI-2023-1807	CVE-2023-6893	Hikvision Intercom Broadcasting System Arbitrary File Read (CVE-2023-6893)
High	26 Jun 2024	26 Jun 2024	CPAI-2024-0410	CVE-2024-25850	Netis Systems WF2780 Command Injection (CVE-2024-25850)
Critical	26 Jun 2024	26 Jun 2024	CPAI-2019-3193	CVE-2019-18937 CVE-2019-18939	eQ-3 HomeMatic Remote Code Execution (CVE-2019-18937; CVE-2019-18939)
Critical	25 Jun 2024	25 Jun 2024	CPAI-2024-0457	CVE-2024-36680	PrestaShop Promokit Facebook Module SQL Injection (CVE-2024-36680)
High	25 Jun 2024	25 Jun 2024	CPAI-2023-1784	CVE-2023-45463 CVE-2023-45464 CVE-2023-45468	Netis Systems N3M Buffer Overflow (CVE-2023-45463; CVE-2023-45464; CVE-2023-45468)