Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	28 May 2024	28 May 2024	CPAI-2024-0328	CVE-2024-25228	Vinchin Backup and Recovery Command Injection (CVE-2024-25228)
Critical	28 May 2024	28 May 2024	CPAI-2024-0330	CVE-2024-4323	Fluent Bit HTTP Server Memory Corruption (CVE-2024-4323)
High	28 May 2024	28 May 2024	CPAI-2024-0316		Microsoft Exchange Server Insecure Deserialization
High	28 May 2024	28 May 2024	CPAI-2019-3187	CVE-2019-19642	Supermicro X8STi-F Command Injection (CVE-2019-19642)
Medium	28 Mar 2024	28 May 2024	CPAI-2023-1617	CVE-2023-5591	LibreNMS SQL Injection (CVE-2023-5591)
Medium	28 Feb 2024	28 May 2024	CPAI-2023-1443	CVE-2023-42325	Netgate pfSense Cross-Site Scripting (CVE-2023-42325)
High	28 May 2024	28 May 2024	CPAI-2023-1409	CVE-2023-48123	Netgate pfSense Remote Code Execution (CVE-2023-48123)
High	28 May 2024	28 May 2024	CPAI-2022-1604	CVE-2022-43396	Apache Kylin Command Injection (CVE-2022-43396)
Critical	27 May 2024	27 May 2024	CPAI-2024-0336	CVE-2024-4701	Netflix Genie Path Traversal (CVE-2024-4701)
Critical	27 May 2024	27 May 2024	CPAI-2023-1722	CVE-2023-43187	NodeBB Remote Code Execution (CVE-2023-43187)
Critical	27 May 2024	27 May 2024	CPAI-2020-4166	CVE-2020-24913	QCubed SQL Injection (CVE-2020-24913)
High	27 May 2024	27 May 2024	CPAI-2023-1711	CVE-2023-4355	Google Chrome Heap Corruption (CVE-2023-4355)
Critical	27 May 2024	27 May 2024	CPAI-2024-0323	CVE-2024-34716	PrestaShop Cross-Site Scripting (CVE-2024-34716)
Medium	27 May 2024	27 May 2024	CPAI-2021-2164	CVE-2021-31252	Chiyu Technology Server-Side Request Forgery (CVE-2021-31252)
High	27 May 2024	27 May 2024	CPAI-2023-1704	CVE-2023-33782	D-Link DIR-842V2 Command Injection (CVE-2023-33782)
Critical	27 May 2024	27 May 2024	CPAI-2023-1703	CVE-2023-39367	Peplink Smart Reader Command Injection (CVE-2023-39367)
High	27 May 2024	27 May 2024	CPAI-2024-0309	CVE-2024-22567	Mingsoft MCMS Arbitrary File Upload (CVE-2024-22567)
Medium	27 May 2024	27 May 2024	CPAI-2023-1698	CVE-2023-49231	Stilog Visual Planning Authentication Bypass (CVE-2023-49231)
High	27 May 2024	27 May 2024	CPAI-2024-0265	CVE-2024-0717	D-Link Multiple Products Information Disclosure (CVE-2024-0717)
Critical	9 May 2024	27 May 2024	CPAI-2024-0255	CVE-2024-2389	Flowmon Command Injection (CVE-2024-2389)
Critical	23 May 2024	23 May 2024	CPAI-2024-0322	CVE-2024-4671	Google Chrome Use After Free (CVE-2024-4671)
High	23 May 2024	23 May 2024	CPAI-2024-0320	CVE-2024-32113	Apache OFBiz Path Traversal (CVE-2024-32113)
Critical	23 May 2024	23 May 2024	CPAI-2024-0312	CVE-2024-3806 CVE-2024-3807	WordPress Porto Theme Local File Inclusion (CVE-2024-3806; CVE-2024-3807)
High	23 May 2024	23 May 2024	CPAI-2019-3188	CVE-2019-7262	Linear eMerge E3-Series Cross-Site Request Forgery (CVE-2019-7262)
High	23 May 2024	23 May 2024	CPAI-2024-0306	CVE-2024-2449	Kemp LoadMaster Cross-Site Request Forgery (CVE-2024-2449)
High	23 May 2024	23 May 2024	CPAI-2021-2163	CVE-2021-21206	Google Chrome Use After Free (CVE-2021-21206)
High	23 May 2024	23 May 2024	CPAI-2024-0301	CVE-2024-26331	ReCrystallize Server Authentication Bypass (CVE-2024-26331)
High	23 May 2024	23 May 2024	CPAI-2023-1700	CVE-2023-3124	WordPress Elementor Pro Plugin Privilege Escalation (CVE-2023-3124)
Medium	23 May 2024	23 May 2024	CPAI-2020-4165	CVE-2020-13896	Maipu MP1800X-50 Information Disclosure (CVE-2020-13896)
High	22 May 2024	22 May 2024	CPAI-2024-0317	CVE-2024-27130	QNAP QTS Stack Buffer Overflow (CVE-2024-27130)
Medium	22 May 2024	22 May 2024	CPAI-2024-0307	CVE-2024-2756	PHP Authentication Bypass (CVE-2024-2756)
High	22 May 2024	22 May 2024	CPAI-2023-1702	CVE-2023-49294	Asterisk Arbitrary File Read (CVE-2023-49294)
High	22 May 2024	22 May 2024	CPAI-2024-0299		D-Link DIR-X4860 Authentication Bypass
High	22 May 2024	22 May 2024	CPAI-2024-0296		D-Link DIR-X4860 Command Injection
High	22 May 2024	22 May 2024	CPAI-2023-1701	CVE-2023-36144	Intelbras SG 2404 MR Information Disclosure (CVE-2023-36144)
High	21 May 2024	21 May 2024	CPAI-2024-0315	CVE-2024-4761	Google Chromium V8 Out-of-Bounds Memory Write (CVE-2024-4761)
Medium	21 May 2024	21 May 2024	CPAI-2014-2576	CVE-2014-9708	Embedthis Appweb Denial of Service (CVE-2014-9708)
High	21 May 2024	21 May 2024	CPAI-2024-0291	CVE-2024-1451	GitLab Cross-Site Scripting (CVE-2024-1451)
Critical	21 May 2024	21 May 2024	CPAI-2020-4150	CVE-2020-13117	Wavlink WN575A4 Command Injection (CVE-2020-13117)
High	20 May 2024	20 May 2024	CPAI-2019-3186	CVE-2019-7258	Linear eMerge E3-Series Privilege Escalation (CVE-2019-7258)
High	20 May 2024	20 May 2024	CPAI-2024-0297	CVE-2024-20353 CVE-2024-20359	Cisco Multiple Products Remote Code Execution (CVE-2024-20353; CVE-2024-20359)
High	20 May 2024	20 May 2024	CPAI-2024-0287	CVE-2024-0265	SourceCodester Clinic Queuing System Remote Code Execution (CVE-2024-0265)
Critical	20 May 2024	20 May 2024	CPAI-2024-0285	CVE-2024-0264	SourceCodester Clinic Queuing System Authentication Bypass (CVE-2024-0264)
Critical	20 May 2024	20 May 2024	CPAI-2024-0272	CVE-2024-0921	D-Link DIR-816 Command Injection (CVE-2024-0921)
High	20 May 2024	20 May 2024	CPAI-2008-0553	CVE-2008-4128	Cisco IOS Cross-Site Request Forgery (CVE-2008-4128)
High	20 May 2024	20 May 2024	CPAI-2023-1695	CVE-2023-47218	QNAP QTS Command Injection (CVE-2023-47218)
Critical	20 May 2024	20 May 2024	CPAI-2024-0267	CVE-2024-28185 CVE-2024-28189	Judge0 Arbitrary File Read and Write (CVE-2024-28185; CVE-2024-28189)
Critical	20 May 2024	20 May 2024	CPAI-2024-0262	CVE-2024-29021	Judge0 Server-Side Request Forgery (CVE-2024-29021)
Critical	7 Mar 2024	20 May 2024	CPAI-2022-2028	CVE-2020-10973 CVE-2022-31847 CVE-2022-34045 CVE-2022-34046 CVE-2022-34047 CVE-2022-34049 CVE-2022-34576 CVE-2022-48165	Wavlink Routers Authentication Bypass (CVE-2020-10973; CVE-2022-31847; CVE-2022-34045; CVE-2022-34046; CVE-2022-34047; CVE-2022-34049; CVE-2022-34576; CVE-2022-48165)
High	19 May 2024	19 May 2024	CPAI-2020-4164	CVE-2020-15867	Gogs Remote Code Execution (CVE-2020-15867)