Medium
|
12 Mar 2024 |
12 Mar 2024 |
CPAI-2024-0096
|
|
CVE-2024-22241
|
VMware Aria Operations for Networks Cross-Site Scripting (CVE-2024-22241)
|
High
|
12 Mar 2024 |
12 Mar 2024 |
CPAI-2023-1554
|
|
CVE-2023-6187
|
WordPress Stranger Studios Paid Memberships Pro Arbitrary File Upload (CVE-2023-6187)
|
Critical
|
12 Mar 2024 |
12 Mar 2024 |
CPAI-2021-2121
|
|
CVE-2021-38454
|
Moxa MXview Directory Traversal (CVE-2021-38454)
|
Critical
|
12 Mar 2024 |
12 Mar 2024 |
CPAI-2018-2681
|
|
CVE-2018-3811
|
WordPress Oturia Smart Google Code Inserter Plugin SQL Injection (CVE-2018-3811)
|
High
|
12 Mar 2024 |
12 Mar 2024 |
CPAI-2023-1536
|
|
CVE-2023-7002
|
WordPress BackupBliss Backup Migration Plugin Command Injection (CVE-2023-7002)
|
Critical
|
11 Mar 2024 |
11 Mar 2024 |
CPAI-2023-1579
|
|
CVE-2023-22463
|
FIT2CLOUD KubePi Authentication Bypass (CVE-2023-22463)
|
Critical
|
11 Mar 2024 |
11 Mar 2024 |
CPAI-2024-0109
|
|
|
Stored Cross-Site Scripting in SVG Upload
|
Critical
|
11 Mar 2024 |
11 Mar 2024 |
CPAI-2022-2035
|
|
CVE-2022-0788 CVE-2022-0948
|
WordPress Multiple Plugins SQL Injection (CVE-2022-0788; CVE-2022-0948)
|
High
|
11 Mar 2024 |
11 Mar 2024 |
CPAI-2022-2033
|
|
CVE-2022-35870
|
Inductive Automation Ignition Insecure Deserialization (CVE-2022-35870)
|
High
|
11 Mar 2024 |
11 Mar 2024 |
CPAI-2024-0079
|
|
|
watchTowr Security Scanner
|
Critical
|
6 Mar 2024 |
10 Mar 2024 |
CPAI-2024-0104
|
|
CVE-2024-27198
|
JetBrains TeamCity Authentication Bypass (CVE-2024-27198)
|
High
|
10 Mar 2024 |
10 Mar 2024 |
CPAI-2023-1577
|
|
CVE-2023-50386
|
Apache Solr Arbitrary File Upload (CVE-2023-50386)
|
Critical
|
10 Mar 2024 |
10 Mar 2024 |
CPAI-2021-2135
|
|
CVE-2021-38540
|
Apache Airflow Authentication Bypass (CVE-2021-38540)
|
Critical
|
29 Feb 2024 |
10 Mar 2024 |
CPAI-2023-1564
|
|
CVE-2023-46453 CVE-2023-50919
|
GL.iNet Devices SQL Injection (CVE-2023-46453; CVE-2023-50919)
|
Critical
|
10 Mar 2024 |
10 Mar 2024 |
CPAI-2018-2684
|
|
CVE-2018-1207
|
Dell EMC Remote Code Execution (CVE-2018-1207)
|
High
|
10 Mar 2024 |
10 Mar 2024 |
CPAI-2023-1499
|
|
CVE-2023-7028
|
GitLab Privilege Escalation (CVE-2023-7028)
|
Critical
|
22 Jan 2024 |
10 Mar 2024 |
CPAI-2023-1486
|
|
CVE-2023-22527
|
Atlassian Confluence Template Injection (CVE-2023-22527)
|
Critical
|
7 Mar 2024 |
7 Mar 2024 |
CPAI-2022-2034
|
|
CVE-2022-45933
|
KubeView Information Disclosure (CVE-2022-45933)
|
High
|
7 Mar 2024 |
7 Mar 2024 |
CPAI-2023-1568
|
|
CVE-2023-40000
|
WordPress LiteSpeed Cache Plugin Authentication Bypass (CVE-2023-40000)
|
Critical
|
7 Mar 2024 |
7 Mar 2024 |
CPAI-2023-1567
|
|
CVE-2023-30261
|
OpenWB Command Injection (CVE-2023-30261)
|
Critical
|
7 Mar 2024 |
7 Mar 2024 |
CPAI-2023-1565
|
|
CVE-2023-25279
|
D-Link DIR-820L Command Injection (CVE-2023-25279)
|
Critical
|
7 Mar 2024 |
7 Mar 2024 |
CPAI-2022-2028
|
|
CVE-2020-10973 CVE-2022-34045
|
Wavlink Routers Authentication Bypass (CVE-2020-10973; CVE-2022-34045)
|
Critical
|
7 Mar 2024 |
7 Mar 2024 |
CPAI-2023-1556
|
|
CVE-2023-24150 CVE-2023-24151 CVE-2023-24152 CVE-2023-24153 CVE-2023-24156 CVE-2023-24157
|
TOTOLINK T8 Command Injection (CVE-2023-24150; CVE-2023-24151; CVE-2023-24152; CVE-2023-24153; CVE-2023-24156; CVE-2023-24157)
|
Critical
|
11 Jan 2024 |
7 Mar 2024 |
CPAI-2024-0013
|
|
|
UTA0178 Webshell Activity
|
High
|
6 Mar 2024 |
6 Mar 2024 |
CPAI-2024-0106
|
|
CVE-2024-27199
|
JetBrains TeamCity Path Traversal (CVE-2024-27199)
|
Critical
|
18 Jan 2024 |
6 Mar 2024 |
CPAI-2021-2078
|
|
CVE-2019-13101 CVE-2021-42627
|
D-Link Routers Authentication Bypass (CVE-2019-13101; CVE-2021-42627)
|
High
|
26 Feb 2024 |
6 Mar 2024 |
CPAI-2020-4091
|
|
CVE-2020-9490
|
Apache HTTP Server Request Smuggling (CVE-2020-9490)
|
Medium
|
6 Mar 2024 |
6 Mar 2024 |
CPAI-2011-0743
|
|
CVE-2011-1610
|
Cisco Unified Communications Manager SQL Injection (CVE-2011-1610)
|
Critical
|
6 Mar 2024 |
6 Mar 2024 |
CPAI-2020-4142
|
|
CVE-2020-35951
|
WordPress Quiz and Survey Master Plugin Arbitrary File Deletion (CVE-2020-35951)
|
Critical
|
6 Mar 2024 |
6 Mar 2024 |
CPAI-2022-2026
|
|
CVE-2022-26148
|
Grafana Information Disclosure (CVE-2022-26148)
|
High
|
13 Feb 2024 |
6 Mar 2024 |
CPAI-2024-0029
|
Microsoft CVE-2024-21338
|
CVE-2024-21338
|
Microsoft Windows Kernel Elevation of Privilege (CVE-2024-21338)
|
Critical
|
5 Mar 2024 |
5 Mar 2024 |
CPAI-2020-4145
|
|
CVE-2020-8771
|
WordPress Time Capsule Plugin Authentication Bypass (CVE-2020-8771)
|
Critical
|
5 Mar 2024 |
5 Mar 2024 |
CPAI-2020-4144
|
|
CVE-2020-7136
|
HPE Smart Update Manager Remote Unauthorized Access (CVE-2020-7136)
|
High
|
4 Mar 2024 |
4 Mar 2024 |
CPAI-2017-1834
|
|
CVE-2017-3599
|
Oracle MySQL Integer Overflow (CVE-2017-3599)
|
High
|
4 Mar 2024 |
4 Mar 2024 |
CPAI-2023-1548
|
|
CVE-2023-5482
|
Google Chrome Out of Bounds Write (CVE-2023-5482)
|
Critical
|
15 Jan 2024 |
4 Mar 2024 |
CPAI-2023-1451
|
|
CVE-2023-37679 CVE-2023-43208
|
NextGen Mirth Connect Command Injection (CVE-2023-37679; CVE-2023-43208)
|
High
|
29 Feb 2024 |
29 Feb 2024 |
CPAI-2023-1563
|
|
CVE-2023-50445
|
GL.iNet Devices Command Injection (CVE-2023-50445)
|
Critical
|
29 Feb 2024 |
29 Feb 2024 |
CPAI-2023-1557
|
|
CVE-2023-24343 CVE-2023-24344 CVE-2023-24345 CVE-2023-24346 CVE-2023-24347 CVE-2023-24348 CVE-2023-24349 CVE-2023-24350 CVE-2023-24351 CVE-2023-24352
|
D-Link DIR-605L Buffer Overflow (CVE-2023-24343; CVE-2023-24344; CVE-2023-24345; CVE-2023-24346; CVE-2023-24347; CVE-2023-24348; CVE-2023-24349; CVE-2023-24350; CVE-2023-24351; CVE-2023-24352)
|
Critical
|
29 Feb 2024 |
29 Feb 2024 |
CPAI-2023-1555
|
|
CVE-2023-24138 CVE-2023-24139 CVE-2023-24140 CVE-2023-24141 CVE-2023-24142 CVE-2023-24143 CVE-2023-24144 CVE-2023-24145 CVE-2023-24146 CVE-2023-24148 CVE-2023-24160 CVE-2023-24161
|
TOTOLINK CA300-PoE Command Injection (CVE-2023-24138; CVE-2023-24139; CVE-2023-24140; CVE-2023-24141; CVE-2023-24142; CVE-2023-24143; CVE-2023-24144; CVE-2023-24145; CVE-2023-24146; CVE-2023-24148; CVE-2023-24160; CVE-2023-24161)
|
High
|
29 Feb 2024 |
29 Feb 2024 |
CPAI-2024-0069
|
|
|
TOTOLINK LR1200GB Authentication Bypass
|
Critical
|
29 Feb 2024 |
29 Feb 2024 |
CPAI-2021-2110
|
|
CVE-2021-22707
|
Schneider Electric Multiple Products Hardcoded Credentials (CVE-2021-22707)
|
Medium
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2023-1553
|
|
CVE-2023-0050
|
GitLab Cross-Site Scripting (CVE-2023-0050)
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2023-1549
|
|
CVE-2023-32564
|
Ivanti Avalanche Unrestricted File Upload (CVE-2023-32564)
|
High
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2024-0071
|
|
CVE-2024-24824
|
Graylog Remote Code Execution (CVE-2024-24824)
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2022-2025
|
|
CVE-2022-0349
|
WordPress WPDeveloper NotificationX Plugin SQL Injection (CVE-2022-0349)
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2021-2126
|
|
CVE-2021-42887
|
TOTOLINK EX1200T Authentication Bypass (CVE-2021-42887)
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2020-4140
|
|
CVE-2020-24391
|
Mongo-Express Remote Code Execution (CVE-2020-24391)
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2021-2124
|
|
CVE-2021-35064
|
KramerAV VIAWare Privilege Escalation (CVE-2021-35064)
|
High
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2023-1545
|
|
CVE-2023-52251
|
Provectus ui Remote Code Execution (CVE-2023-52251)
|
Medium
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2022-2023
|
|
CVE-2022-27665
|
Progress Server Cross-Site Scripting (CVE-2022-27665)
|