Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	28 Feb 2024	28 Feb 2024	CPAI-2021-2120	CVE-2021-27513	EyesOfNetwork Arbitrary File Upload (CVE-2021-27513)
High	28 Feb 2024	28 Feb 2024	CPAI-2021-2119	CVE-2021-42671	Engineers Online Portal Improper Access Control (CVE-2021-42671)
Medium	28 Feb 2024	28 Feb 2024	CPAI-2021-2116	CVE-2021-26812	Jitsi Meet Cross-Site Scripting (CVE-2021-26812)
Critical	28 Feb 2024	28 Feb 2024	CPAI-2020-4135	CVE-2020-14092	WordPress iThemes PayPal Pro Plugin SQL Injection (CVE-2020-14092)
Critical	28 Feb 2024	28 Feb 2024	CPAI-2021-2115	CVE-2021-42669	Engineers Online Portal Command Injection (CVE-2021-42669)
Medium	28 Feb 2024	28 Feb 2024	CPAI-2021-2114	CVE-2021-43788	Nodebb Directory Traversal (CVE-2021-43788)
High	28 Feb 2024	28 Feb 2024	CPAI-2020-4134	CVE-2020-36197	QNAP Music Station Improper Access Control (CVE-2020-36197)
High	28 Feb 2024	28 Feb 2024	CPAI-2019-3161	CVE-2019-17418	MetInfo SQL Injection (CVE-2019-17418)
Critical	28 Feb 2024	28 Feb 2024	CPAI-2021-2113	CVE-2021-29003	Genexis Platinum 4410 Firmware Remote Code Execution (CVE-2021-29003)
High	28 Feb 2024	28 Feb 2024	CPAI-2021-2112	CVE-2021-3317	KLog Server Command Injection (CVE-2021-3317)
High	28 Feb 2024	28 Feb 2024	CPAI-2020-4132	CVE-2020-25858	Qualcomm Mobile Access Point Denial of Service (CVE-2020-25858)
High	28 Feb 2024	28 Feb 2024	CPAI-2016-1278	CVE-2016-2510	BeanShell Remote Code Execution (CVE-2016-2510)
Critical	28 Feb 2024	28 Feb 2024	CPAI-2019-3160	CVE-2019-14931	Mitsubishi Electric smartRTU Firmware Command Injection (CVE-2019-14931)
Medium	28 Feb 2024	28 Feb 2024	CPAI-2020-4131	CVE-2020-36289	Atlassian Multiple Products Information Disclosure (CVE-2020-36289)
Medium	28 Feb 2024	28 Feb 2024	CPAI-2007-0486	CVE-2007-0373	Joomla SQL Injection (CVE-2007-0373)
Medium	28 Feb 2024	28 Feb 2024	CPAI-2020-4130	CVE-2020-5405	VMware Spring Cloud Config Directory Traversal (CVE-2020-5405)
Critical	28 Feb 2024	28 Feb 2024	CPAI-2020-4129	CVE-2020-15922	Mida Solutions eFramework Privilege Escalation (CVE-2020-15922)
High	28 Feb 2024	28 Feb 2024	CPAI-2013-3911	CVE-2013-5912	Thomson Reuters Velocity Analytics Vhayu Analytic Remote Code Execution (CVE-2013-5912)
High	28 Feb 2024	28 Feb 2024	CPAI-2020-4128	CVE-2020-12146	Silver Peak Unity Orchestrator Authentication Bypass (CVE-2020-12146)
High	28 Feb 2024	28 Feb 2024	CPAI-2020-4127	CVE-2020-3495	Cisco Jabber Command Injection (CVE-2020-3495)
Medium	28 Feb 2024	28 Feb 2024	CPAI-2021-2123	CVE-2021-34228	TOTOLINK A3002R Firmware Cross-Site Scripting (CVE-2021-34228)
Critical	28 Feb 2024	28 Feb 2024	CPAI-2023-1541	CVE-2023-6989	WordPress Shield Security Plugin Local File Inclusion (CVE-2023-6989)
High	28 Feb 2024	28 Feb 2024	CPAI-2024-0042		Lantronix EDS-MD Cross-Site Request Forgery
Medium	28 Feb 2024	28 Feb 2024	CPAI-2023-1443	CVE-2023-42325	Netgate pfSense Cross-Site Scripting (CVE-2023-42325)
Critical	28 Feb 2024	28 Feb 2024	CPAI-2023-1385	CVE-2023-6360	WordPress Joedolson My Calendar Plugin SQL Injection (CVE-2023-6360)
High	26 Feb 2024	26 Feb 2024	CPAI-2024-0081	CVE-2024-21412	Microsoft Defender SmartScreen Bypass (CVE-2024-21412)
High	26 Feb 2024	26 Feb 2024	CPAI-2024-0073	CVE-2024-1709	ConnectWise ScreenConnect Authentication Bypass (CVE-2024-1709)
High	26 Feb 2024	26 Feb 2024	CPAI-2022-2024	CVE-2022-28080	Royal Event Management System SQL Injection (CVE-2022-28080)
High	26 Feb 2024	26 Feb 2024	CPAI-2023-1546	CVE-2023-27034	PrestaShop Joommasters Jms Blog SQL Injection (CVE-2023-27034)
High	26 Feb 2024	26 Feb 2024	CPAI-2024-0066		Lantronix EDS-MD Cross-Site Scripting
Critical	26 Feb 2024	26 Feb 2024	CPAI-2018-2628	CVE-2018-14417	SoftNAS Cloud Privilege Escalation (CVE-2018-14417)
High	25 Feb 2024	25 Feb 2024	CPAI-2023-1547	CVE-2023-50358	QNAP QTS Command Injection (CVE-2023-50358)
Critical	25 Feb 2024	25 Feb 2024	CPAI-2021-2125	CVE-2021-32030	ASUS GT-AC2900 Authentication Bypass (CVE-2021-32030)
Medium	25 Feb 2024	25 Feb 2024	CPAI-2020-4136	CVE-2020-27128	Cisco SD-WAN Directory Traversal (CVE-2020-27128)
Critical	25 Feb 2024	25 Feb 2024	CPAI-2021-2111	CVE-2021-22962	Ivanti Avalanche Denial of Service (CVE-2021-22962)
Medium	25 Feb 2024	25 Feb 2024	CPAI-2023-1539	CVE-2023-34967	Samba Type Confusion (CVE-2023-34967)
Medium	25 Feb 2024	25 Feb 2024	CPAI-2022-1946	CVE-2022-45876	VISAM VBASE XML External Entity Injection (CVE-2022-45876)
High	25 Feb 2024	25 Feb 2024	CPAI-2023-1182	CVE-2023-39469	PaperCut MF/NG Remote Code Execution (CVE-2023-39469)
High	25 Feb 2024	25 Feb 2024	CPAI-2021-1806	CVE-2021-34993 CVE-2021-34996	Commvault Commcell Command Injection (CVE-2021-34996; CVE-2021-34993)
High	21 Feb 2024	21 Feb 2024	CPAI-2022-2020	CVE-2022-46650	Sierra Wireless AirLink Information Disclosure (CVE-2022-46650)
Critical	21 Feb 2024	21 Feb 2024	CPAI-2023-1540	CVE-2023-4474	Zyxel NAS Command Injection (CVE-2023-4474)
Critical	21 Feb 2024	21 Feb 2024	CPAI-2023-1538	CVE-2023-4473	Zyxel NAS Authentication Bypass (CVE-2023-4473)
High	21 Feb 2024	21 Feb 2024	CPAI-2018-2558	CVE-2018-2616	Oracle OSS Support Tools Remote Code Execution (CVE-2018-2616)
Medium	21 Feb 2024	21 Feb 2024	CPAI-2022-1586	CVE-2022-34783	Jenkins Plot Plugin Cross-Site Scripting (CVE-2022-34783)
Critical	20 Feb 2024	20 Feb 2024	CPAI-2017-1803	CVE-2017-7921	Hikvision Multiple Products Improper Authentication (CVE-2017-7921)
High	20 Feb 2024	20 Feb 2024	CPAI-2023-1533	CVE-2023-48646	Zoho ManageEngine RecoveryManager Plus Remote Code Execution (CVE-2023-48646)
High	20 Feb 2024	20 Feb 2024	CPAI-2024-0061		Lantronix EDS-MD Command Injection
High	20 Feb 2024	20 Feb 2024	CPAI-2023-1529	CVE-2023-34966	Samba Denial of Service (CVE-2023-34966)
High	20 Feb 2024	20 Feb 2024	CPAI-2017-1798	CVE-2017-11812	Microsoft ChakraCore Use After Free (CVE-2017-11812)
High	20 Feb 2024	20 Feb 2024	CPAI-2023-1502	CVE-2023-44443	GIMP Remote Code Execution (CVE-2023-44443)