Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Critical	19 May 2024	30 Jun 2024	CPAI-2024-0289	CVE-2024-25641	Cacti Arbitrary File Upload (CVE-2024-25641)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2024-0526	CVE-2024-5806	Progress MOVEit Transfer Authentication Bypass (CVE-2024-5806)
High	27 Jun 2024	27 Jun 2024	CPAI-2024-0525	CVE-2024-5274	Google Chrome Type Confusion (CVE-2024-5274)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2023-1815	CVE-2023-49442	JEECG Remote Code Execution (CVE-2023-49442)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2023-1809	CVE-2023-4873 CVE-2023-5684 CVE-2023-7039	Byzoro Multiple Products SQL Injection (CVE-2023-4873; CVE-2023-5684; CVE-2023-7039)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2024-0448	CVE-2024-29849	Veeam Backup and Replication Authentication Bypass (CVE-2024-29849)
High	27 Jun 2024	27 Jun 2024	CPAI-2023-1791	CVE-2023-47415	Cypress Solutions CTM-200 Command Injection (CVE-2023-47415)
High	27 Jun 2024	27 Jun 2024	CPAI-2022-2093	CVE-2022-28917	Tenda AX12 Buffer Overflow (CVE-2022-28917)
High	27 Jun 2024	27 Jun 2024	CPAI-2023-1786	CVE-2023-50968	Apache OFBiz Server-Side Request Forgery (CVE-2023-50968)
High	27 Jun 2024	27 Jun 2024	CPAI-2024-0421	CVE-2024-33343	D-Link DIR-822 Command Injection (CVE-2024-33343)
High	28 May 2024	27 Jun 2024	CPAI-2024-0335	CVE-2024-4439	WordPress Core Cross-Site Scripting (CVE-2024-4439)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2024-0508	CVE-2024-34359	Python Package llama-cpp-python Remote Code Execution (CVE-2024-34359)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2024-0503	CVE-2024-22729	Netis Systems MW5360 Command Injection (CVE-2024-22729)
High	27 Jun 2024	27 Jun 2024	CPAI-2024-0447	CVE-2024-24399	Lepton CMS Arbitrary File Upload (CVE-2024-24399)
High	27 Jun 2024	27 Jun 2024	CPAI-2020-4183	CVE-2020-16243	WECON LeviStudioU Buffer Overflow (CVE-2020-16243)
Medium	27 Jun 2024	27 Jun 2024	CPAI-2024-0260	CVE-2024-3054	WordPress Project WPvivid Backup Plugin Insecure Deserialization (CVE-2024-3054)
Critical	27 Jun 2024	27 Jun 2024	CPAI-2021-1950	CVE-2021-38390	Delta DIAEnergie SQL Injection (CVE-2021-38390)
High	27 Jun 2024	27 Jun 2024	CPAI-2022-1693	CVE-2022-41133	Delta DIAEnergie SQL Injection (CVE-2022-41133)
High	26 Jun 2024	26 Jun 2024	CPAI-2023-1807	CVE-2023-6893	Hikvision Intercom Broadcasting System Arbitrary File Read (CVE-2023-6893)
High	26 Jun 2024	26 Jun 2024	CPAI-2024-0410	CVE-2024-25850	Netis Systems WF2780 Command Injection (CVE-2024-25850)
Critical	26 Jun 2024	26 Jun 2024	CPAI-2019-3193	CVE-2019-18937 CVE-2019-18939	eQ-3 HomeMatic Remote Code Execution (CVE-2019-18937; CVE-2019-18939)
Critical	25 Jun 2024	25 Jun 2024	CPAI-2024-0457	CVE-2024-36680	PrestaShop Promokit Facebook Module SQL Injection (CVE-2024-36680)
High	25 Jun 2024	25 Jun 2024	CPAI-2023-1784	CVE-2023-45463 CVE-2023-45464 CVE-2023-45468	Netis Systems N3M Buffer Overflow (CVE-2023-45463; CVE-2023-45464; CVE-2023-45468)
Critical	25 Jun 2024	25 Jun 2024	CPAI-2024-0398	CVE-2024-29972	Zyxel NAS Command Injection (CVE-2024-29972)
High	16 May 2024	25 Jun 2024	CPAI-2024-0278	CVE-2024-21793 CVE-2024-26026	F5 BIG-IP Next Central Manager SQL Injection (CVE-2024-21793; CVE-2024-26026)
High	24 Jun 2024	24 Jun 2024	CPAI-2022-2085	CVE-2022-2463	Rockwell Automation ISaGRAF Workbench Directory Traversal (CVE-2022-2463)
Critical	24 Jun 2024	24 Jun 2024	CPAI-2022-1599	CVE-2022-40871	Dolibarr ERP CRM Remote Code Execution (CVE-2022-40871)
High	23 Jun 2024	23 Jun 2024	CPAI-2024-0420	CVE-2024-25415	CE Phoenix Remote Code Execution (CVE-2024-25415)
Critical	23 Jun 2024	23 Jun 2024	CPAI-2024-0419		DEV-0569 Phishing Ad Campaign
High	23 Jun 2024	23 Jun 2024	CPAI-2024-0399	CVE-2024-32479	LibreNMS Stored Cross-Site Scripting (CVE-2024-32479)
High	23 Jun 2024	23 Jun 2024	CPAI-2024-0391	CVE-2024-5247	Netgear ProSAFE NMS300 Unrestricted File Upload (CVE-2024-5247)
High	23 Jun 2024	23 Jun 2024	CPAI-2023-1772	CVE-2023-51365	QNAP QTS Directory Traversal (CVE-2023-51365)
Medium	23 Jun 2024	23 Jun 2024	CPAI-2024-0385	CVE-2024-23117	Centreon Project Centreon Web SQL Injection (CVE-2024-23117)
Critical	23 Jun 2024	23 Jun 2024	CPAI-2024-0305		LDAP Injection
Medium	23 Jun 2024	23 Jun 2024	CPAI-2023-1261		TA505 Phishing Campaign
Critical	20 Jun 2024	20 Jun 2024	CPAI-2024-0418	CVE-2024-3922	WordPress Dokan Pro Plugin SQL Injection (CVE-2024-3922)
Medium	20 Jun 2024	20 Jun 2024	CPAI-2024-0415	CVE-2024-20404	Cisco Finesse Server-Side Request Forgery (CVE-2024-20404)
High	20 Jun 2024	20 Jun 2024	CPAI-2024-0405	CVE-2024-23535	Ivanti Avalanche Directory Traversal (CVE-2024-23535)
High	20 Jun 2024	20 Jun 2024	CPAI-2024-0403	CVE-2024-4947	Google Chrome Type Confusion (CVE-2024-4947)
Critical	20 Jun 2024	20 Jun 2024	CPAI-2023-1745	CVE-2023-34800	D-Link GO-RT-AC750 Command Injection (CVE-2023-34800)
High	28 May 2024	20 Jun 2024	CPAI-2024-0353	CVE-2024-24919	Check Point VPN Information Disclosure (CVE-2024-24919)
High	19 Jun 2024	19 Jun 2024	CPAI-2023-1778	CVE-2023-36884	Microsoft Multiple Products Remote Code Execution (CVE-2023-36884)
Critical	19 Jun 2024	19 Jun 2024	CPAI-2023-1770	CVE-2023-27853	Netgear RAX30 Remote Code Execution (CVE-2023-27853)
Critical	19 Jun 2024	19 Jun 2024	CPAI-2023-1754	CVE-2023-32571	Dynamic Linq Remote Code Execution (CVE-2023-32571)
Critical	19 Jun 2024	19 Jun 2024	CPAI-2024-0377	CVE-2024-1874	PHP Command Injection (CVE-2024-1874)
High	19 Jun 2024	19 Jun 2024	CPAI-2024-0359	CVE-2024-25938	Foxit Reader Use After Free (CVE-2024-25938)
High	19 Jun 2024	19 Jun 2024	CPAI-2024-0357	CVE-2024-25648	Foxit Reader Use After Free (CVE-2024-25648)
Critical	17 Apr 2024	19 Jun 2024	CPAI-2024-0198		LG LED Assistant Directory Traversal
Medium	19 Jun 2024	19 Jun 2024	CPAI-2023-1589	CVE-2023-0921	GitLab Denial of Service (CVE-2023-0921)
Critical	15 Jan 2024	19 Jun 2024	CPAI-2023-1451	CVE-2023-37679 CVE-2023-43208	NextGen Mirth Connect Command Injection (CVE-2023-37679; CVE-2023-43208)