|
Critical
|
9 Sep 2024 |
9 Sep 2024 |
CPAI-2024-0722
|
|
CVE-2024-41660
|
OpenBMC slpd-lite Heap Buffer Overflow (CVE-2024-41660)
|
|
High
|
20 Aug 2024 |
9 Sep 2024 |
CPAI-2018-2785
|
|
CVE-2018-12543
|
Eclipse Mosquitto Denial-of-Service (CVE-2018-12543)
|
|
High
|
9 Sep 2024 |
9 Sep 2024 |
CPAI-2024-0648
|
|
CVE-2024-1167
|
SEW-EURODRIVE MOVITOOLS MotionStudio External Entity Injection (CVE-2024-1167)
|
|
Medium
|
19 Jun 2024 |
9 Sep 2024 |
CPAI-2023-1589
|
|
CVE-2023-0921
CVE-2024-2874
|
GitLab Denial of Service (CVE-2023-0921; CVE-2024-2874)
|
|
Medium
|
9 Sep 2024 |
9 Sep 2024 |
CPAI-2019-2908
|
|
CVE-2019-0948
|
Microsoft Windows XML External Entity Injection (CVE-2019-0948)
|
|
High
|
8 Sep 2024 |
8 Sep 2024 |
CPAI-2024-0783
|
|
CVE-2024-39906
|
Haven Command Injection (CVE-2024-39906)
|
|
High
|
8 Sep 2024 |
8 Sep 2024 |
CPAI-2023-1893
|
|
CVE-2023-51389
CVE-2024-42362
|
Apache HertzBeat Insecure Deserialization (CVE-2023-51389; CVE-2024-42362)
|
|
High
|
8 Sep 2024 |
8 Sep 2024 |
CPAI-2024-0776
|
|
CVE-2024-45528
|
CodeAstro Membership Management System Cross-Site Scripting (CVE-2024-45528)
|
|
Critical
|
8 Sep 2024 |
8 Sep 2024 |
CPAI-2024-0773
|
|
CVE-2024-6633
|
Fortra FileCatalyst Workflow Remote Code Execution (CVE-2024-6633)
|
|
Critical
|
26 Mar 2024 |
8 Sep 2024 |
CPAI-2024-0075
|
|
CVE-2007-4556
CVE-2013-4316
|
Object-Graph Navigation Language Injection (CVE-2007-4556; CVE-2013-4316)
|
|
High
|
8 Sep 2024 |
8 Sep 2024 |
CPAI-2022-1446
|
|
CVE-2022-36957
CVE-2022-38108
CVE-2022-47503
CVE-2022-47504
|
SolarWinds Orion Platform Insecure Deserialization (CVE-2022-36957; CVE-2022-38108; CVE-2022-47503; CVE-2022-47504)
|
|
Medium
|
5 Sep 2024 |
5 Sep 2024 |
CPAI-2023-1887
|
|
CVE-2023-6502
|
GitLab Community Edition (CE) and Enterprise Denial Of Service (Redos) (CVE-2023-6502)
|
|
Medium
|
5 Sep 2024 |
5 Sep 2024 |
CPAI-2010-0812
|
|
CVE-2010-2742
|
Microsoft Windows Server Denial of Service (CVE-2010-2742)
|
|
Medium
|
5 Sep 2024 |
5 Sep 2024 |
CPAI-2022-1595
|
|
CVE-2022-1018
|
Rockwell Automation Multiple Products XML External Entity Injection (CVE-2022-1018)
|
|
High
|
5 Sep 2024 |
5 Sep 2024 |
CPAI-2021-1774
|
|
CVE-2021-40346
|
HAProxy Integer Overflow (CVE-2021-40346)
|
|
High
|
5 Sep 2024 |
5 Sep 2024 |
CPAI-2020-3836
|
|
CVE-2020-16215
|
Advantech WebAccess/HMI Designer Buffer Overflow (CVE-2020-16215)
|
|
High
|
4 Sep 2024 |
4 Sep 2024 |
CPAI-2023-1888
|
|
CVE-2023-25570
|
Apollo Eureka Authentication Bypass (CVE-2023-25570)
|
|
High
|
4 Sep 2024 |
4 Sep 2024 |
CPAI-2024-0766
|
|
|
Hikvision Multiple Products Arbitrary File Upload
|
|
Critical
|
4 Sep 2024 |
4 Sep 2024 |
CPAI-2023-1882
|
|
CVE-2023-48362
|
Apache Drill XML External Entity (CVE-2023-48362)
|
|
High
|
4 Sep 2024 |
4 Sep 2024 |
CPAI-2023-1880
|
|
CVE-2023-27981
|
Schneider Electric Multiple Products Directory Traversal (CVE-2023-27981)
|
|
Critical
|
4 Sep 2024 |
4 Sep 2024 |
CPAI-2024-0684
|
|
CVE-2024-37079
|
VMWare vCenter Server Integer Underflow (CVE-2024-37079)
|
|
High
|
25 Jul 2024 |
4 Sep 2024 |
CPAI-2024-0601
|
|
CVE-2024-38112
|
Microsoft Windows Spoofing (CVE-2024-38112)
|
|
Medium
|
4 Sep 2024 |
4 Sep 2024 |
CPAI-2013-3853
|
|
CVE-2013-4826
|
HP Multiple Products Information Disclosure (CVE-2013-4826)
|
|
Medium
|
4 Sep 2024 |
4 Sep 2024 |
CPAI-2016-1254
|
|
CVE-2016-2168
|
Apache Subversion Denial of Service (CVE-2016-2168)
|
|
Critical
|
4 Sep 2024 |
4 Sep 2024 |
CPAI-2022-1567
|
|
CVE-2022-2329
|
Schneider Electric Interactive Graphical SCADA System Buffer Overflow (CVE-2022-2329)
|
|
Medium
|
4 Sep 2024 |
4 Sep 2024 |
CPAI-2022-1565
|
|
CVE-2022-22707
|
Lighttpd Buffer Overflow (CVE-2022-22707)
|
|
Medium
|
4 Sep 2024 |
4 Sep 2024 |
CPAI-2020-3840
|
|
CVE-2020-26981
|
Siemens Multiple Products Information Disclosure (CVE-2020-26981)
|
|
High
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2024-0755
|
|
CVE-2024-37901
|
XWiki.org XWiki Server-Side Template Injection (CVE-2024-37901)
|
|
Critical
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2024-0753
|
|
CVE-2024-6386
|
WordPress WPML Plugin Server-Side Template Injection (CVE-2024-6386)
|
|
Critical
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2024-0750
|
|
CVE-2024-38652
|
Ivanti Avalanche Directory Traversal (CVE-2024-38652)
|
|
Medium
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2024-0747
|
|
CVE-2024-23119
|
Centreon Project Centreon Web SQL Injection (CVE-2024-23119)
|
|
Critical
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2023-1881
|
|
CVE-2023-29412
|
Schneider Electric APC Easy UPS Online Monitoring Remote Code Execution (CVE-2023-29412)
|
|
High
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2024-0737
|
|
CVE-2024-32766
|
myQNAPcloud Command Injection (CVE-2024-32766)
|
|
Medium
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2024-0736
|
|
CVE-2024-29830
|
Ivanti Endpoint Manager SQL Injection (CVE-2024-29830)
|
|
High
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2018-2791
|
|
CVE-2018-16855
|
PowerDNS Recursor Out-of-Bounds Read (CVE-2018-16855)
|
|
High
|
26 Aug 2024 |
3 Sep 2024 |
CPAI-2024-0721
|
|
CVE-2024-6457
|
WordPress Project Husky Products Filter Plugin SQL Injection (CVE-2024-6457)
|
|
Medium
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2021-1959
|
|
CVE-2021-37152
|
Sonatype Nexus Repository Manager Cross-Site Scripting (CVE-2021-37152)
|
|
Medium
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2020-3997
|
|
CVE-2020-0765
|
Microsoft Remote Desktop Connection Manager XML External Entity Injection (CVE-2020-0765)
|
|
High
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2023-0801
|
|
CVE-2023-3256
|
Advantech R-SeeNet Local File Inclusion (CVE-2023-3256)
|
|
High
|
3 Sep 2024 |
3 Sep 2024 |
CPAI-2023-0775
|
|
CVE-2023-28716
|
MySCADA MyPRO Command Injection (CVE-2023-28716)
|
|
High
|
2 Sep 2024 |
2 Sep 2024 |
CPAI-2024-0771
|
|
CVE-2024-7029
|
AVTECH AVM1203 Command Injection (CVE-2024-7029)
|
|
Critical
|
2 Sep 2024 |
2 Sep 2024 |
CPAI-2024-0758
|
|
CVE-2024-31819
|
WWBN AVideo Remote Code Execution (CVE-2024-31819)
|
|
Critical
|
2 Sep 2024 |
2 Sep 2024 |
CPAI-2022-2119
|
|
CVE-2022-32522
|
Schneider Electric Interactive Graphical SCADA System Out-of-bounds Write (CVE-2022-32522)
|
|
High
|
2 Sep 2024 |
2 Sep 2024 |
CPAI-2024-0749
|
|
|
Zhiyuan OA Arbitrary File Upload
|
|
High
|
2 Sep 2024 |
2 Sep 2024 |
CPAI-2023-1883
|
|
CVE-2023-41578
|
Jeecg Boot Information Disclosure (CVE-2023-41578)
|
|
High
|
2 Sep 2024 |
2 Sep 2024 |
CPAI-2020-4197
|
|
CVE-2020-13573
|
Rockwell Automation RSLinx Denial of Service (CVE-2020-13573)
|
|
High
|
2 Sep 2024 |
2 Sep 2024 |
CPAI-2024-0742
|
|
|
Elber Wayber II Authentication Bypass
|
|
Critical
|
2 Sep 2024 |
2 Sep 2024 |
CPAI-2024-0731
|
|
CVE-2024-39914
|
FOG Project Command Injection (CVE-2024-39914)
|
|
Critical
|
2 Sep 2024 |
2 Sep 2024 |
CPAI-2024-0720
|
|
CVE-2024-7829
|
D-Link Multiple Products Command Injection (CVE-2024-7829)
|
|
Critical
|
1 Sep 2024 |
1 Sep 2024 |
CPAI-2022-2121
|
|
CVE-2022-47002
|
Masa CMS Authentication Bypass (CVE-2022-47002)
|
Feedback