Home / 2023 Advisories Archive

2023 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	9 Mar 2023	9 Mar 2023	CPAI-2019-2734	CVE-2019-6710 CVE-2019-7391	Zyxel Multiple Products Cross-Site Request Forgery (CVE-2019-7391; CVE-2019-6710)
High	8 Mar 2023	8 Mar 2023	CPAI-2023-0107		Astaroth Boleto Phishing Email Campaign
Critical	8 Mar 2023	8 Mar 2023	CPAI-2022-1326	CVE-2022-3900	WordPress Cooked Pro Plugin Insecure Deserialization (CVE-2022-3900)
Critical	8 Mar 2023	8 Mar 2023	CPAI-2021-1676	CVE-2021-43267	Linux Kernel TIPC Heap Overflow (CVE-2021-43267)
High	8 Mar 2023	8 Mar 2023	CPAI-2021-1628	CVE-2021-38001	Google Chrome V8 Type Confusion (CVE-2021-38001)
High	8 Mar 2023	8 Mar 2023	CPAI-2022-1242	CVE-2022-37958	Microsoft Windows NEGOEX Buffer Overflow (CVE-2022-37958)
Critical	8 Mar 2023	8 Mar 2023	CPAI-2022-1241	CVE-2022-43781	Atlassian Bitbucket Command Injection (CVE-2022-43781)
High	8 Mar 2023	8 Mar 2023	CPAI-2023-0068		uftpd Directory Traversal
High	7 Mar 2023	7 Mar 2023	CPAI-2023-0106		BazaLoader Phishing Email Campaign
Critical	7 Mar 2023	7 Mar 2023	CPAI-2022-1323	CVE-2022-46887	NexusPHP SQL Injection (CVE-2022-46887)
High	6 Mar 2023	6 Mar 2023	CPAI-2023-0110		Empire Python Launcher Remote Code Execution
Medium	6 Mar 2023	6 Mar 2023	CPAI-2022-1329	CVE-2022-46889	NexusPHP Cross Site Scripting (CVE-2022-46889)
High	12 Feb 2023	6 Mar 2023	CPAI-2023-0069	CVE-2023-0669	GoAnywhere MFT Insecure Deserialization (CVE-2023-0669)
High	5 Mar 2023	5 Mar 2023	CPAI-2023-0095		Rhadamanthys Notepad++ Phishing Campaign
Critical	2 Mar 2023	2 Mar 2023	CPAI-2023-0103	CVE-2023-23076	Zoho ManageEngine SupportCenter Plus Command Injection (CVE-2023-23076)
High	2 Mar 2023	2 Mar 2023	CPAI-2022-1184	CVE-2022-43551	Haxx Curl Authentication Bypass (CVE-2022-43551)
High	28 Feb 2023	28 Feb 2023	CPAI-2020-3722	CVE-2020-14421 CVE-2020-14950	aaPanel Command Injection (CVE-2020-14421; CVE-2020-14950)
Critical	9 Feb 2023	28 Feb 2023	CPAI-2022-1181	CVE-2022-45709 CVE-2022-45711 CVE-2022-45717	IP-COM M50 Command Injection (CVE-2022-45709; CVE-2022-45711; CVE-2022-45717)
High	28 Feb 2023	28 Feb 2023	CPAI-2022-1244	CVE-2022-45957	ZTE ZXHN Stack Overflow (CVE-2022-45957)
High	28 Feb 2023	28 Feb 2023	CPAI-2023-0094	CVE-2023-25194	Apache Kafka Remote Code Execution (CVE-2023-25194)
Medium	28 Feb 2023	28 Feb 2023	CPAI-2018-2318	CVE-2018-13361	TerraMaster TOS Improper Access Control (CVE-2018-13361)
High	27 Feb 2023	27 Feb 2023	CPAI-2022-1157	CVE-2022-47745	EasySoft ZenTao SQL Injection (CVE-2022-47745)
High	26 Feb 2023	26 Feb 2023	CPAI-2021-1666	CVE-2021-34527	Microsoft Windows Print Spooler Remote Code Execution (CVE-2021-34527)
Critical	26 Feb 2023	26 Feb 2023	CPAI-2022-1236	CVE-2022-4120	WordPress Stop Spammers Security Plugin Insecure Deserialization (CVE-2022-4120)
High	26 Feb 2023	26 Feb 2023	CPAI-2020-3735	CVE-2020-36222	OpenLDAP Denial of Service (CVE-2020-36222)
High	23 Feb 2023	23 Feb 2023	CPAI-2023-0088		Bandidos Phishing Email Campaign
Critical	23 Feb 2023	23 Feb 2023	CPAI-2022-1233	CVE-2022-24697	Apache Kylin Command Injection (CVE-2022-24697)
High	23 Feb 2023	23 Feb 2023	CPAI-2022-1225	CVE-2022-37155	SPIP Remote Code Execution (CVE-2022-37155)
High	22 Feb 2023	22 Feb 2023	CPAI-2022-1182	CVE-2022-4874	Netcomm Authentication Bypass (CVE-2022-4874)
High	22 Feb 2023	22 Feb 2023	CPAI-2022-1154	CVE-2022-38393	Asus RT-AX82U Denial Of Service (CVE-2022-38393)
High	22 Feb 2023	22 Feb 2023	CPAI-2020-3669	CVE-2020-13432	Rejetto HTTP File Server Buffer Overflow (CVE-2020-13432)
Critical	22 Feb 2023	22 Feb 2023	CPAI-2020-3423	CVE-2020-25223	Sophos SG UTM Command Injection (CVE-2020-25223)
High	22 Feb 2023	22 Feb 2023	CPAI-2022-1219	CVE-2022-45926	OpenText Content Suite Server-Side Request Forgery (CVE-2022-45926)
High	22 Feb 2023	22 Feb 2023	CPAI-2022-1218	CVE-2022-45925	OpenText Content Suite Information Disclosure (CVE-2022-45925)
Critical	21 Feb 2023	21 Feb 2023	CPAI-2020-3734	CVE-2020-35326	inxedu SQL Injection (CVE-2020-35326)
Critical	21 Feb 2023	21 Feb 2023	CPAI-2022-1216	CVE-2022-4855	Lead Management System SQL Injection (CVE-2022-4855)
High	21 Feb 2023	21 Feb 2023	CPAI-2020-3627	CVE-2020-10931	Memcached Denial of Service (CVE-2020-10931)
High	20 Feb 2023	20 Feb 2023	CPAI-2020-3732	CVE-2020-36227	OpenLDAP Denial of Service (CVE-2020-36227)
Critical	20 Feb 2023	20 Feb 2023	CPAI-2021-1618	CVE-2021-21243	OneDev Authentication Bypass (CVE-2021-21243)
Critical	19 Feb 2023	19 Feb 2023	CPAI-2022-1222	CVE-2022-46475	D-Link DIR 645A1 Stack Overflow (CVE-2022-46475)
Critical	19 Feb 2023	19 Feb 2023	CPAI-2022-1221	CVE-2022-46476	D-Link DIR-859 Command Injection (CVE-2022-46476)
Critical	19 Feb 2023	19 Feb 2023	CPAI-2023-0072	CVE-2023-0245 CVE-2023-0283	Online Flight Booking Management System SQL Injection (CVE-2023-0245; CVE-2023-0283)
High	19 Feb 2023	19 Feb 2023	CPAI-2022-1180	CVE-2022-45665 CVE-2022-45666	Tenda i22 Buffer Overflow (CVE-2022-45665; CVE-2022-45666)
High	19 Feb 2023	19 Feb 2023	CPAI-2022-1224	CVE-2022-47083	Spitfire CMS Insecure Deserialization (CVE-2022-47083)
High	16 Feb 2023	16 Feb 2023	CPAI-2022-1217	CVE-2022-24990	TerraMaster NAS Information Disclosure (CVE-2022-24990)
High	16 Feb 2023	16 Feb 2023	CPAI-2022-1215	CVE-2022-40005	Intelbras WiFiber Command Injection (CVE-2022-40005)
Critical	16 Feb 2023	16 Feb 2023	CPAI-2022-1159	CVE-2022-4101	WordPress Images Optimize and Upload CF7 Plugin Directory Traversal (CVE-2022-4101)
Critical	15 Feb 2023	15 Feb 2023	CPAI-2022-1162	CVE-2022-4873	Netcomm Buffer Overflow (CVE-2022-4873)
High	15 Feb 2023	15 Feb 2023	CPAI-2017-1614	CVE-2017-11918	Microsoft Edge Remote Code Execution (CVE-2017-11918)
High	15 Feb 2023	15 Feb 2023	CPAI-2019-2810	CVE-2019-6447	ES File Explorer File Manager Authentication Bypass (CVE-2019-6447)