Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	5 Nov 2024	5 Nov 2024	CPAI-2024-1036		CVE-2024-51567 CVE-2024-51568	CyberPanel Command Injection (CVE-2024-51567; CVE-2024-51568)
High	5 Nov 2024	5 Nov 2024	CPAI-2024-1010		CVE-2024-7591	Kemp Multiple Products Command Injection (CVE-2024-7591)
Critical	5 Nov 2024	5 Nov 2024	CPAI-2020-4207		CVE-2020-36708	WordPress Multiple Plugins Authentication Bypass (CVE-2020-36708)
Medium	5 Nov 2024	5 Nov 2024	CPAI-2022-2138		CVE-2022-4971	WordPress Sassy Social Share Plugin Cross-Site Scripting (CVE-2022-4971)
High	5 Nov 2024	5 Nov 2024	CPAI-2024-0929			Rapid7 AppSpider Security Scanner
High	5 Nov 2024	5 Nov 2024	CPAI-2024-0925			Fortinet Security Scanner
Critical	9 May 2024	5 Nov 2024	CPAI-2023-1693		CVE-2023-49606	Tinyproxy Use After Free (CVE-2023-49606)
Critical	24 Jun 2024	5 Nov 2024	CPAI-2022-1599		CVE-2022-40871	Dolibarr ERP CRM Remote Code Execution (CVE-2022-40871)
High	4 Nov 2024	4 Nov 2024	CPAI-2024-1030		CVE-2024-5010	Progress WhatsUp Gold Information Disclosure (CVE-2024-5010)
Critical	4 Nov 2024	4 Nov 2024	CPAI-2022-2139		CVE-2022-0342	Zyxel Usg40 Firmware Authentication Bypass (CVE-2022-0342)
High	4 Nov 2024	4 Nov 2024	CPAI-2024-0974		CVE-2024-42010	RoundCube Webmail Information Disclosure (CVE-2024-42010)
High	31 Oct 2024	4 Nov 2024	CPAI-2024-0967		CVE-2024-43363	Cacti Remote Code Execution (CVE-2024-43363)
High	3 Nov 2024	3 Nov 2024	CPAI-2024-1020			Greenbone Security Scanner
High	3 Nov 2024	3 Nov 2024	CPAI-2024-1003		CVE-2024-47949	JetBrains TeamCity Directory Traversal (CVE-2024-47949)
High	31 Oct 2024	31 Oct 2024	CPAI-2024-1026			ABB ASPECT Authentication Bypass
High	29 Oct 2024	31 Oct 2024	CPAI-2024-0997			ABB ASPECT Information Disclosure
High	29 Oct 2024	29 Oct 2024	CPAI-2024-0999		CVE-2024-9379	Ivanti Cloud Services Appliance SQL Injection (CVE-2024-9379)
Critical	29 Oct 2024	29 Oct 2024	CPAI-2024-0991		CVE-2024-8573 CVE-2024-8575 CVE-2024-8576 CVE-2024-8577 CVE-2024-8578 CVE-2024-8579	TOTOLINK Multiple Products Buffer Overflow (CVE-2024-8573; CVE-2024-8575; CVE-2024-8576; CVE-2024-8577; CVE-2024-8578; CVE-2024-8579)
High	10 Oct 2024	29 Oct 2024	CPAI-2024-0924		CVE-2024-6209	ABB ASPECT Directory Traversal (CVE-2024-6209)
Critical	10 Oct 2024	29 Oct 2024	CPAI-2023-1913		CVE-2023-0635 CVE-2023-0636	ABB ASPECT Command Injection (CVE-2023-0635; CVE-2023-0636)
Critical	10 Oct 2024	29 Oct 2024	CPAI-2024-0919		CVE-2024-6298	ABB ASPECT Remote Code Execution (CVE-2024-6298)
Critical	29 Oct 2024	29 Oct 2024	CPAI-2024-0798		CVE-2024-44000	WordPress LiteSpeed Cache Plugin Information Disclosure (CVE-2024-44000)
High	8 Oct 2024	28 Oct 2024	CPAI-2024-0921	Microsoft CVE-2024-43572	CVE-2024-43572	Microsoft Management Console Remote Code Execution (CVE-2024-43572)
High	25 Sep 2024	28 Oct 2024	CPAI-2024-0835		CVE-2024-45257	Build Your Own Botnet Framework Command Injection (CVE-2024-45257)
High	11 Jun 2024	28 Oct 2024	CPAI-2024-0369	Microsoft CVE-2024-30088	CVE-2024-30088	Microsoft Windows Kernel Elevation of Privilege (CVE-2024-30088)
High	27 Oct 2024	27 Oct 2024	CPAI-2024-0992		CVE-2024-32845	Ivanti Endpoint Manager SQL Injection (CVE-2024-32845)
Critical	27 Oct 2024	27 Oct 2024	CPAI-2024-0989		CVE-2024-9264	Grafana SQL Injection (CVE-2024-9264)
Critical	27 Oct 2024	27 Oct 2024	CPAI-2024-0988		CVE-2024-23113	Fortinet Multiple Products Command Injection (CVE-2024-23113)
Medium	27 Oct 2024	27 Oct 2024	CPAI-2024-0980		CVE-2024-47525	LibreNMS Cross-Site Scripting (CVE-2024-47525)
Medium	27 Oct 2024	27 Oct 2024	CPAI-2024-0979		CVE-2024-6748	Zoho Corporation ManageEngine OpManager SQL Injection (CVE-2024-6748)
High	15 Oct 2024	27 Oct 2024	CPAI-2024-0963		CVE-2024-9380	Ivanti Cloud Services Appliance Command Injection (CVE-2024-9380)
Critical	22 Oct 2024	22 Oct 2024	CPAI-2021-2221		CVE-2021-24370	WordPress Radykal Fancy Product Designer Plugin Arbitrary File Upload (CVE-2021-24370)
High	19 Aug 2024	22 Oct 2024	CPAI-2024-0685		CVE-2024-29826 CVE-2024-29827	Ivanti Endpoint Manager SQL Injection (CVE-2024-29826; CVE-2024-29827)
Medium	29 Jul 2024	22 Oct 2024	CPAI-2024-0610		CVE-2024-38030	Microsoft Windows Spoofing (CVE-2024-38030)
Critical	21 Oct 2024	21 Oct 2024	CPAI-2024-0982		CVE-2024-40711	Veeam Backup and Replication Insecure Deserialization (CVE-2024-40711)
Critical	21 Oct 2024	21 Oct 2024	CPAI-2024-0981		CVE-2024-9680	Mozilla Multiple Products Use After Free (CVE-2024-9680)
High	21 Oct 2024	21 Oct 2024	CPAI-2024-0964		CVE-2024-37084	VMware Spring Cloud Data Flow Arbitrary File Upload (CVE-2024-37084)
Critical	21 Oct 2024	21 Oct 2024	CPAI-2021-2218		CVE-2021-24442	WordPress Wpdevart Poll Survey Questionnaire And Voting System SQL Injection (CVE-2021-24442)
High	21 Oct 2024	21 Oct 2024	CPAI-2024-0930		CVE-2024-35387	TOTOLINK LR350 Buffer Overflow (CVE-2024-35387)
Medium	27 Jun 2024	21 Oct 2024	CPAI-2024-0260		CVE-2024-3054	WordPress WPvivid Backup Plugin Insecure Deserialization (CVE-2024-3054)
High	13 Mar 2024	21 Oct 2024	CPAI-2023-1570		CVE-2023-34129	SonicWall Multiple Products Directory Traversal (CVE-2023-34129)
High	20 Oct 2024	20 Oct 2024	CPAI-2024-0957		CVE-2024-37397	Ivanti Endpoint Manager XML External Entity Injection (CVE-2024-37397)
High	20 Oct 2024	20 Oct 2024	CPAI-2024-0939		CVE-2024-9566 CVE-2024-9567 CVE-2024-9568 CVE-2024-9569 CVE-2024-9570 CVE-2024-9782 CVE-2024-9783 CVE-2024-9784 CVE-2024-9785 CVE-2024-9786 CVE-2024-9909 CVE-2024-9910 CVE-2024-9911 CVE-2024-9912	D-Link DIR-619L Buffer Overflow (CVE-2024-9566; CVE-2024-9567; CVE-2024-9568; CVE-2024-9569; CVE-2024-9570; CVE-2024-9782; CVE-2024-9783; CVE-2024-9784; CVE-2024-9785; CVE-2024-9786; CVE-2024-9909; CVE-2024-9910; CVE-2024-9911; CVE-2024-9912)
High	20 Oct 2024	20 Oct 2024	CPAI-2024-0913		CVE-2024-43454	Microsoft Windows Server Remote Code Execution (CVE-2024-43454)
High	20 Oct 2024	20 Oct 2024	CPAI-2023-1781		CVE-2023-52442	Linux Kernel Information Disclosure (CVE-2023-52442)
Medium	20 Oct 2024	20 Oct 2024	CPAI-2023-1411		CVE-2023-3867	Linux Kernel Information Disclosure (CVE-2023-3867)
Medium	20 Aug 2024	20 Oct 2024	CPAI-2022-1625		CVE-2022-48343	JetBrains TeamCity Cross-Site Scripting (CVE-2022-48343)
Medium	15 Oct 2024	15 Oct 2024	CPAI-2024-0955		CVE-2024-3346	Byzoro Smart S80 Command Injection (CVE-2024-3346)
High	15 Oct 2024	15 Oct 2024	CPAI-2024-0931		CVE-2024-35388	TOTOLINK NR1800X Buffer Overflow (CVE-2024-35388)
High	16 Sep 2024	15 Oct 2024	CPAI-2024-0704			HTML Entity Encoding Multiple Vulnerabilities