Medium
|
14 Apr 2025 |
14 Apr 2025 |
CPAI-2019-3270
|
|
CVE-2019-6841
|
Schneider Electric Modicon Denial of Service (CVE-2019-6841)
|
High
|
14 Apr 2025 |
14 Apr 2025 |
CPAI-2023-2023
|
|
CVE-2023-27159
|
Appwrite Server-Side Request Forgery (CVE-2023-27159)
|
High
|
20 Mar 2025 |
14 Apr 2025 |
CPAI-2025-0098
|
|
CVE-2025-0411
|
7-Zip Remote Code Execution (CVE-2025-0411)
|
High
|
10 Apr 2025 |
10 Apr 2025 |
CPAI-2019-3269
|
|
CVE-2019-6851
|
Schneider-Electric Modicon Information Disclosure (CVE-2019-6851)
|
Critical
|
10 Apr 2025 |
10 Apr 2025 |
CPAI-2018-2910
|
|
CVE-2018-7842
|
Schneider-Electric Modicon Privilege Escalation (CVE-2018-7842)
|
Medium
|
10 Apr 2025 |
10 Apr 2025 |
CPAI-2020-4289
|
|
CVE-2020-2230
|
Jenkins Cross-Site Scripting (CVE-2020-2230)
|
Medium
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0188
|
Adobe APSB25-15
|
CVE-2025-30294
|
Adobe ColdFusion Improper Input Validation (APSB25-15: CVE-2025-30294)
|
High
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0187
|
Adobe APSB25-15
|
CVE-2025-30285
|
Adobe ColdFusion Deserialization of Untrusted Data (APSB25-15: CVE-2025-30285)
|
Medium
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0186
|
Adobe APSB25-15
|
CVE-2025-30292
|
Adobe ColdFusion Cross-Site Scripting (APSB25-15: CVE-2025-30292)
|
High
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0185
|
Adobe APSB25-15
|
CVE-2025-30290
|
Adobe ColdFusion Directory Traversal (APSB25-15: CVE-2025-30290)
|
High
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0183
|
Adobe APSB25-15
|
CVE-2025-30289
|
Adobe ColdFusion Command Injection (APSB25-15: CVE-2025-30289)
|
High
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0182
|
Adobe APSB25-15
|
CVE-2025-30287
|
Adobe ColdFusion Improper Authentication (APSB25-15: CVE-2025-30287)
|
Critical
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0181
|
Adobe APSB25-15
|
CVE-2025-30281
|
Adobe ColdFusion Improper Access Control (APSB25-15: CVE-2025-30281)
|
Critical
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2024-1545
|
|
CVE-2024-5753 CVE-2024-5827
|
Vanna.AI SQL Injection (CVE-2024-5753; CVE-2024-5827)
|
Critical
|
8 Apr 2025 |
8 Apr 2025 |
CPAI-2025-0179
|
Microsoft CVE-2025-26670
|
CVE-2025-26670
|
Microsoft Lightweight Directory Access Protocol Client Remote Code Execution (CVE-2025-26670)
|
High
|
8 Apr 2025 |
8 Apr 2025 |
CPAI-2025-0178
|
Microsoft CVE-2025-27480
|
CVE-2025-27480
|
Windows Remote Desktop Services Remote Code Execution Vulnerability (CVE-2025-27480)
|
Critical
|
8 Apr 2025 |
8 Apr 2025 |
CPAI-2025-0173
|
Microsoft CVE-2025-29793
|
CVE-2025-29793
|
Microsoft SharePoint Remote Code Execution (CVE-2025-29793)
|
Critical
|
11 Feb 2025 |
8 Apr 2025 |
CPAI-2025-0030
|
Microsoft CVE-2025-21400
|
CVE-2025-21400 CVE-2025-29794
|
Microsoft SharePoint Remote Code Execution (CVE-2025-21400; CVE-2025-29794)
|
High
|
14 Jan 2025 |
8 Apr 2025 |
CPAI-2025-0003
|
Microsoft CVE-2025-21309
|
CVE-2025-21309 CVE-2025-24035 CVE-2025-24045 CVE-2025-27482
|
Microsoft Windows Remote Desktop Services Remote Code Execution (CVE-2025-21309; CVE-2025-24035; CVE-2025-24045; CVE-2025-27482)
|
Critical
|
8 Apr 2025 |
8 Apr 2025 |
CPAI-2024-1515
|
|
CVE-2024-43919
|
WordPress YARPP Plugin Authentication Bypass (CVE-2024-43919)
|
High
|
8 Apr 2025 |
8 Apr 2025 |
CPAI-2024-1457
|
|
CVE-2024-43461
|
Microsoft Windows Spoofing (CVE-2024-43461)
|
Critical
|
7 Apr 2025 |
7 Apr 2025 |
CPAI-2025-0169
|
|
CVE-2025-0851
|
Deep Java Library Path Traversal (CVE-2025-0851)
|
High
|
7 Apr 2025 |
7 Apr 2025 |
CPAI-2022-2202
|
|
CVE-2022-24314
|
Schneider-Electric Interactive Graphical SCADA System Memory Corruption (CVE-2022-24314)
|
Medium
|
7 Apr 2025 |
7 Apr 2025 |
CPAI-2020-4299
|
|
CVE-2020-12027
|
Rockwell Automation FactoryTalk View SE Information Disclosure (CVE-2020-12027)
|
High
|
7 Apr 2025 |
7 Apr 2025 |
CPAI-2020-4296
|
|
CVE-2020-5807
|
Rockwell Automation FactoryTalk Diagnostics Denial of Service (CVE-2020-5807)
|
Critical
|
7 Apr 2025 |
7 Apr 2025 |
CPAI-2024-1516
|
|
CVE-2024-48884
|
Fortinet Multiple Products Directory Traversal (CVE-2024-48884)
|
High
|
6 Apr 2025 |
6 Apr 2025 |
CPAI-2017-1954
|
|
CVE-2017-12637
|
SAP NetWeaver Application Server Java Directory Traversal (CVE-2017-12637)
|
Critical
|
26 Mar 2025 |
6 Apr 2025 |
CPAI-2025-0121
|
|
CVE-2025-1097 CVE-2025-1098 CVE-2025-1974 CVE-2025-24513 CVE-2025-24514
|
NGINX Ingress Controller Remote Code Execution (CVE-2025-1097; CVE-2025-1098; CVE-2025-1974; CVE-2025-24513; CVE-2025-24514)
|
Critical
|
6 Apr 2025 |
6 Apr 2025 |
CPAI-2024-1511
|
|
CVE-2024-4295
|
WordPress Icegram Email Subscribers and Newsletters Plugin SQL Injection (CVE-2024-4295)
|
Critical
|
6 Apr 2025 |
6 Apr 2025 |
CPAI-2025-0097
|
|
|
HTTP Webshells Activity
|
Critical
|
13 Mar 2025 |
6 Apr 2025 |
CPAI-2025-0084
|
|
CVE-2025-24813
|
Apache Tomcat Remote Code Execution (CVE-2025-24813)
|
Critical
|
6 Apr 2025 |
6 Apr 2025 |
CPAI-2024-1066
|
|
CVE-2024-49368
|
Nginx UI Command Injection (CVE-2024-49368)
|
Medium
|
3 Apr 2025 |
3 Apr 2025 |
CPAI-2020-4295
|
|
CVE-2020-5806
|
Rockwell Automation FactoryTalk Linx Denial of Service (CVE-2020-5806)
|
High
|
3 Apr 2025 |
3 Apr 2025 |
CPAI-2020-4294
|
|
CVE-2020-5802
|
Rockwell Automation FactoryTalk Linx Denial of Service (CVE-2020-5802)
|
High
|
3 Apr 2025 |
3 Apr 2025 |
CPAI-2020-4293
|
|
CVE-2020-5801
|
Rockwell Automation FactoryTalk Linx Denial of Service (CVE-2020-5801)
|
Medium
|
3 Apr 2025 |
3 Apr 2025 |
CPAI-2022-2198
|
|
CVE-2022-32215
|
Llhttp HTTP Request Smuggling (CVE-2022-32215)
|
Critical
|
3 Apr 2025 |
3 Apr 2025 |
CPAI-2024-1542
|
|
CVE-2024-36435
|
Supermicro BMC Stack-Based Buffer Overflow (CVE-2024-36435)
|
High
|
3 Apr 2025 |
3 Apr 2025 |
CPAI-2020-3850
|
|
CVE-2020-13935
|
Apache Tomcat Denial of Service (CVE-2020-13935)
|
Critical
|
2 Apr 2025 |
2 Apr 2025 |
CPAI-2023-2019
|
|
CVE-2023-25610
|
Fortinet Multiple Products Remote Code Execution (CVE-2023-25610)
|
Critical
|
27 Mar 2025 |
2 Apr 2025 |
CPAI-2025-0107
|
|
CVE-2025-21298
|
Microsoft Windows Remote Code Execution (CVE-2025-21298)
|
Medium
|
31 Mar 2025 |
31 Mar 2025 |
CPAI-2024-1544
|
|
CVE-2024-28156
|
Jenkins Build Monitor View Plugin Cross-Site Scripting (CVE-2024-28156)
|
High
|
31 Mar 2025 |
31 Mar 2025 |
CPAI-2025-0131
|
|
CVE-2025-29635
|
D-Link DIR-823X Command Injection (CVE-2025-29635)
|
High
|
31 Mar 2025 |
31 Mar 2025 |
CPAI-2024-1517
|
|
CVE-2024-50322
|
Ivanti Endpoint Manager Directory Traversal (CVE-2024-50322)
|
High
|
31 Mar 2025 |
31 Mar 2025 |
CPAI-2024-1466
|
|
CVE-2024-50567
|
Fortinet FortiWeb Command Injection (CVE-2024-50567)
|
Medium
|
31 Mar 2025 |
31 Mar 2025 |
CPAI-2025-0060
|
|
|
Nagios Enterprises Nagios XI SQL Injection
|
Medium
|
31 Mar 2025 |
31 Mar 2025 |
CPAI-2025-0026
|
|
CVE-2025-21308
|
Microsoft Windows Spoofing (CVE-2025-21308)
|
High
|
30 Mar 2025 |
30 Mar 2025 |
CPAI-2024-1536
|
|
CVE-2024-7646
|
NGINX Ingress Controller Code Injection (CVE-2024-7646)
|
Critical
|
30 Mar 2025 |
30 Mar 2025 |
CPAI-2024-1526
|
|
CVE-2024-50379
|
Apache Tomcat Information Disclosure (CVE-2024-50379)
|
Critical
|
30 Mar 2025 |
30 Mar 2025 |
CPAI-2025-0114
|
|
CVE-2025-0655
|
Man Group D-Tale Command Injection (CVE-2025-0655)
|
High
|
30 Mar 2025 |
30 Mar 2025 |
CPAI-2024-1520
|
|
CVE-2024-54887
|
TP-Link TL-WR940N Buffer Overflow (CVE-2024-54887)
|