High
|
9 Apr 2024 |
9 Apr 2024 |
CPAI-2024-0169
|
Microsoft CVE-2024-26209
|
CVE-2024-26209
|
Microsoft Local Security Authority Subsystem Service Information Disclosure (CVE-2024-26209)
|
High
|
9 Apr 2024 |
9 Apr 2024 |
CPAI-2024-0168
|
Microsoft CVE-2024-26218
|
CVE-2024-26218
|
Microsoft Windows Kernel Elevation of Privilege (CVE-2024-26218)
|
High
|
8 Apr 2024 |
8 Apr 2024 |
CPAI-2022-2050
|
|
CVE-2022-28955
|
D-Link DIR-816L Authentication Bypass (CVE-2022-28955)
|
Critical
|
8 Apr 2024 |
8 Apr 2024 |
CPAI-2021-2153
|
|
CVE-2021-41266
|
Minio Console Authentication Bypass (CVE-2021-41266)
|
Critical
|
8 Apr 2024 |
8 Apr 2024 |
CPAI-2021-2152
|
|
CVE-2021-44427
|
RosarioSIS SQL Injection (CVE-2021-44427)
|
Medium
|
8 Apr 2024 |
8 Apr 2024 |
CPAI-2021-2151
|
|
CVE-2021-36450
|
Verint Workforce Optimization Cross-Site Scripting (CVE-2021-36450)
|
High
|
8 Apr 2024 |
8 Apr 2024 |
CPAI-2022-2046
|
|
CVE-2022-46443
|
Bangresto Project SQL Injection (CVE-2022-46443)
|
High
|
8 Apr 2024 |
8 Apr 2024 |
CPAI-2023-1625
|
|
CVE-2023-38944
|
Multilaser Routers Authentication Bypass (CVE-2023-38944)
|
Medium
|
8 Apr 2024 |
8 Apr 2024 |
CPAI-2022-1912
|
|
CVE-2022-48428
|
JetBrains TeamCity Cross-Site Scripting (CVE-2022-48428)
|
Medium
|
7 Apr 2024 |
7 Apr 2024 |
CPAI-2023-1640
|
|
CVE-2023-5914
|
Citrix StoreFront Cross-Site Scripting (CVE-2023-5914)
|
High
|
7 Apr 2024 |
7 Apr 2024 |
CPAI-2023-1639
|
|
CVE-2023-6184
|
Citrix Session Recording Remote Code Execution (CVE-2023-6184)
|
Critical
|
7 Apr 2024 |
7 Apr 2024 |
CPAI-2024-0173
|
|
CVE-2024-24497 CVE-2024-24499
|
Employee Management System SQL Injection (CVE-2024-24497; CVE-2024-24499)
|
Critical
|
7 Apr 2024 |
7 Apr 2024 |
CPAI-2024-0167
|
|
CVE-2024-24496
|
Daily Habit Tracker Authentication Bypass (CVE-2024-24496)
|
Critical
|
7 Apr 2024 |
7 Apr 2024 |
CPAI-2024-0164
|
|
CVE-2024-22836
|
Akaunting Command Injection (CVE-2024-22836)
|
Medium
|
7 Apr 2024 |
7 Apr 2024 |
CPAI-2023-1633
|
|
CVE-2023-0157
|
WordPress All-in-One Security Plugin Privilege Escalation (CVE-2023-0157)
|
High
|
7 Apr 2024 |
7 Apr 2024 |
CPAI-2024-0160
|
|
CVE-2024-24724
|
Gibbon Server-Side Template Injection (CVE-2024-24724)
|
Medium
|
7 Apr 2024 |
7 Apr 2024 |
CPAI-2023-1631
|
|
CVE-2023-0156
|
WordPress All-in-One Security Plugin Path Traversal (CVE-2023-0156)
|
High
|
7 Apr 2024 |
7 Apr 2024 |
CPAI-2024-0147
|
|
CVE-2024-23898
|
Jenkins Cross-Site Request Forgery (CVE-2024-23898)
|
Medium
|
7 Apr 2024 |
7 Apr 2024 |
CPAI-2023-1622
|
|
CVE-2023-40028
|
Ghost Arbitrary File Upload (CVE-2023-40028)
|
Critical
|
7 Apr 2024 |
7 Apr 2024 |
CPAI-2021-2141
|
|
CVE-2021-27651
|
Pega Infinity Authentication Bypass (CVE-2021-27651)
|
Critical
|
11 Mar 2024 |
7 Apr 2024 |
CPAI-2022-2035
|
|
CVE-2022-0788 CVE-2022-0948
|
WordPress Multiple Plugins SQL Injection (CVE-2022-0788; CVE-2022-0948)
|
High
|
4 Apr 2024 |
4 Apr 2024 |
CPAI-2023-1630
|
|
CVE-2023-37474
|
Copyparty Project Path Traversal (CVE-2023-37474)
|
High
|
4 Apr 2024 |
4 Apr 2024 |
CPAI-2021-2143
|
|
CVE-2021-40149 CVE-2021-40150
|
Reolink E1 Zoom Information Disclosure (CVE-2021-40149; CVE-2021-40150)
|
Critical
|
17 Mar 2024 |
4 Apr 2024 |
CPAI-2023-1592
|
|
CVE-2023-46979 CVE-2023-48799 CVE-2023-48802 CVE-2023-48803 CVE-2023-48804 CVE-2023-48805 CVE-2023-48806 CVE-2023-48807 CVE-2023-48808 CVE-2023-48810 CVE-2023-48811 CVE-2023-48812
|
TOTOLINK X6000R Command Injection (CVE-2023-46979; CVE-2023-48799; CVE-2023-48802; CVE-2023-48803; CVE-2023-48804; CVE-2023-48805; CVE-2023-48806; CVE-2023-48807; CVE-2023-48808; CVE-2023-48810; CVE-2023-48811; CVE-2023-48812)
|
Critical
|
23 Feb 2024 |
4 Apr 2024 |
CPAI-2024-0070
|
|
CVE-2024-25600
|
WordPress Brick Builder Theme Remote Code Execution (CVE-2024-25600)
|
Medium
|
3 Apr 2024 |
3 Apr 2024 |
CPAI-2021-2150
|
|
CVE-2021-21745
|
ZTE MF971R Cross-Site Request Forgery (CVE-2021-21745)
|
High
|
3 Apr 2024 |
3 Apr 2024 |
CPAI-2019-3180
|
|
CVE-2019-16313
|
ifw8 FR6 Information Disclosure (CVE-2019-16313)
|
Critical
|
3 Apr 2024 |
3 Apr 2024 |
CPAI-2024-0152
|
|
CVE-2024-1698
|
WordPress NotificationX Plugin SQL Injection (CVE-2024-1698)
|
Critical
|
2 Apr 2024 |
2 Apr 2024 |
CPAI-2024-0162
|
|
CVE-2024-3094
|
XZ Utils Backdoor (CVE-2024-3094)
|
Medium
|
2 Apr 2024 |
2 Apr 2024 |
CPAI-2021-2148
|
|
CVE-2021-20150
|
Trendnet AC2600 Information Disclosure (CVE-2021-20150)
|
High
|
2 Apr 2024 |
2 Apr 2024 |
CPAI-2021-2145
|
|
CVE-2021-40856
|
Auerswald COMfortel Authentication Bypass (CVE-2021-40856)
|
Critical
|
2 Apr 2024 |
2 Apr 2024 |
CPAI-2023-1623
|
|
CVE-2023-37714 CVE-2023-37715 CVE-2023-37716 CVE-2023-37717 CVE-2023-37718 CVE-2023-37719 CVE-2023-37721 CVE-2023-37722 CVE-2023-37723
|
Tenda Multiple Products Stack Overflow (CVE-2023-37714; CVE-2023-37715; CVE-2023-37716; CVE-2023-37717; CVE-2023-37718; CVE-2023-37719; CVE-2023-37721; CVE-2023-37722; CVE-2023-37723)
|
Critical
|
2 Apr 2024 |
2 Apr 2024 |
CPAI-2023-1598
|
|
CVE-2023-37170 CVE-2023-37171 CVE-2023-37172 CVE-2023-37173 CVE-2023-46976 CVE-2023-46993
|
TOTOLINK A3300R Command Injection (CVE-2023-37170; CVE-2023-37171; CVE-2023-37172; CVE-2023-37173; CVE-2023-46976; CVE-2023-46993)
|
High
|
1 Apr 2024 |
1 Apr 2024 |
CPAI-2021-2144
|
|
CVE-2021-3017
|
Intelbras Multiple Products Information Disclosure (CVE-2021-3017)
|
Critical
|
1 Apr 2024 |
1 Apr 2024 |
CPAI-2024-0116
|
|
|
XStream Insecure Deserialization
|
Critical
|
31 Mar 2024 |
31 Mar 2024 |
CPAI-2024-0143
|
|
CVE-2024-1212
|
Kemp LoadMaster LMOS Command Injection (CVE-2024-1212)
|
Critical
|
31 Mar 2024 |
31 Mar 2024 |
CPAI-2023-1618
|
|
CVE-2023-37791
|
D-Link DIR-619L Stack Overflow (CVE-2023-37791)
|
Critical
|
31 Mar 2024 |
31 Mar 2024 |
CPAI-2023-1615
|
|
CVE-2023-44693
|
D-Link DAR-7000 SQL Injection (CVE-2023-44693)
|
High
|
31 Mar 2024 |
31 Mar 2024 |
CPAI-2023-1606
|
|
CVE-2023-6114
|
WordPress Duplicator Plugin Information Disclosure (CVE-2023-6114)
|
Medium
|
28 Mar 2024 |
28 Mar 2024 |
CPAI-2023-1617
|
|
CVE-2023-5591
|
LibreNMS SQL Injection (CVE-2023-5591)
|
High
|
28 Mar 2024 |
28 Mar 2024 |
CPAI-2018-2730
|
|
CVE-2018-11538
|
SearchBlox Cross-Site Request Forgery (CVE-2018-11538)
|
Critical
|
28 Mar 2024 |
28 Mar 2024 |
CPAI-2017-1842
|
|
CVE-2017-17736
|
Kentico CMS Information Disclosure (CVE-2017-17736)
|
Critical
|
28 Mar 2024 |
28 Mar 2024 |
CPAI-2019-3178
|
|
CVE-2019-12583
|
Zyxel UAG2100 Authentication Bypass (CVE-2019-12583)
|
Critical
|
28 Mar 2024 |
28 Mar 2024 |
CPAI-2023-1605
|
|
CVE-2023-26477
|
XWiki Remote Code Execution (CVE-2023-26477)
|
Critical
|
3 Mar 2024 |
28 Mar 2024 |
CPAI-2024-0034
|
|
|
Client Side Template Injection
|
Medium
|
27 Mar 2024 |
27 Mar 2024 |
CPAI-2024-0130
|
|
CVE-2024-21726
|
Joomla! CMS Cross-Site Scripting (CVE-2024-21726)
|
Medium
|
27 Mar 2024 |
27 Mar 2024 |
CPAI-2010-0738
|
|
CVE-2010-3274
|
Zohocorp ManageEngine ADSelfService Plus Cross-Site Scripting (CVE-2010-3274)
|
High
|
27 Mar 2024 |
27 Mar 2024 |
CPAI-2011-0748
|
|
CVE-2011-1609
|
Cisco Unified Communications Manager SQL Injection (CVE-2011-1609)
|
Medium
|
27 Mar 2024 |
27 Mar 2024 |
CPAI-2011-0746
|
|
CVE-2011-2179
|
Icinga Cross-Site Scripting (CVE-2011-2179)
|
High
|
26 Mar 2024 |
26 Mar 2024 |
CPAI-2023-1621
|
|
CVE-2023-48788
|
Fortinet FortiClientEMS Remote Code Execution (CVE-2023-48788)
|