Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	8 Feb 2024	8 Feb 2024	CPAI-2018-2677	CVE-2018-15704	Advantech WebAccess Buffer Overflow (CVE-2018-15704)
High	8 Feb 2024	8 Feb 2024	CPAI-2020-4106	CVE-2020-12513	Pepperl Fuchs IO-Link Master Command Injection (CVE-2020-12513)
Critical	8 Feb 2024	8 Feb 2024	CPAI-2021-2095	CVE-2021-24472	WordPress QantumThemes Multiple Plugins Server-Side Request Forgery (CVE-2021-24472)
High	8 Feb 2024	8 Feb 2024	CPAI-2023-1512	CVE-2023-6567	WordPress LearnPress Plugin SQL Injection (CVE-2023-6567)
High	8 Feb 2024	8 Feb 2024	CPAI-2018-2655	CVE-2018-7700	DedeCMS Cross-Site Request Forgery (CVE-2018-7700)
High	8 Feb 2024	8 Feb 2024	CPAI-2016-1253	CVE-2016-8530	HP Intelligent Management Center Denial of Service (CVE-2016-8530)
High	4 Feb 2024	7 Feb 2024	CPAI-2024-0035	CVE-2024-21893	Ivanti Server-Side Request Forgery (CVE-2024-21893)
Critical	18 Jan 2024	7 Feb 2024	CPAI-2024-0016	CVE-2024-21887	Ivanti Command Injection (CVE-2024-21887)
High	18 Jan 2024	7 Feb 2024	CPAI-2023-1476	CVE-2023-46805	Ivanti Authentication Bypass (CVE-2023-46805)
Critical	6 Feb 2024	6 Feb 2024	CPAI-2023-1484	CVE-2023-48023	Anyscale Ray Server-Side Request Forgery (CVE-2023-48023)
Critical	5 Feb 2024	5 Feb 2024	CPAI-2023-1509	CVE-2023-46263	Ivanti Avalanche Arbitrary File Upload (CVE-2023-46263)
High	5 Feb 2024	5 Feb 2024	CPAI-2023-1506	CVE-2023-31102	7-Zip Integer Underflow (CVE-2023-31102)
High	5 Feb 2024	5 Feb 2024	CPAI-2024-0022		WordPress Sonaar Music Plugin Cross-Site Scripting
High	5 Feb 2024	5 Feb 2024	CPAI-2023-1494	CVE-2023-27179	GDidees CMS Arbitrary File Download (CVE-2023-27179)
High	4 Feb 2024	4 Feb 2024	CPAI-2023-1507	CVE-2023-36039	Microsoft Exchange Server Spoofing (CVE-2023-36039)
Critical	4 Feb 2024	4 Feb 2024	CPAI-2023-1496	CVE-2023-20073	Cisco RV340 Arbitrary File Upload (CVE-2023-20073)
Critical	4 Feb 2024	4 Feb 2024	CPAI-2023-1491	CVE-2023-4708	Infosoftbd Clcknshop SQL Injection (CVE-2023-4708)
High	4 Feb 2024	4 Feb 2024	CPAI-2024-0028	CVE-2024-0517	Google Chrome Out of Bounds Write (CVE-2024-0517)
Critical	4 Feb 2024	4 Feb 2024	CPAI-2023-1508	CVE-2023-41727 CVE-2023-46216 CVE-2023-46217	Ivanti Avalanche Stack Buffer Overflow (CVE-2023-41727; CVE-2023-46216; CVE-2023-46217)
High	4 Feb 2024	4 Feb 2024	CPAI-2023-0501	CVE-2023-25652	Git Remote Code Execution (CVE-2023-25652)
Medium	1 Feb 2024	1 Feb 2024	CPAI-2021-2092	CVE-2021-21402	Jellyfin Directory Traversal (CVE-2021-21402)
Critical	1 Feb 2024	1 Feb 2024	CPAI-2023-1483	CVE-2023-46574	TOTOLINK A3700R Command Injection (CVE-2023-46574)
Medium	31 Jan 2024	31 Jan 2024	CPAI-2019-3141	CVE-2019-19985	WordPress Email Subscribers And Newsletters Plugin Information Disclosure (CVE-2019-19985)
Critical	30 Jan 2024	30 Jan 2024	CPAI-2023-1480	CVE-2023-46977	TOTOLINK LR1200GB Stack Overflow (CVE-2023-46977)
High	29 Jan 2024	29 Jan 2024	CPAI-2022-1998	CVE-2022-1529	Mozilla Multiple Products Prototype Pollution (CVE-2022-1529)
High	29 Jan 2024	29 Jan 2024	CPAI-2022-1997	CVE-2022-1802	Mozilla Multiple Products Prototype Pollution (CVE-2022-1802)
Critical	29 Jan 2024	29 Jan 2024	CPAI-2018-2576	CVE-2018-7836	Schneider Electric IIoT Monitor Unrestricted File Upload (CVE-2018-7836)
High	28 Jan 2024	28 Jan 2024	CPAI-2024-0020	CVE-2024-23897	Jenkins Information Disclosure (CVE-2024-23897)
Medium	28 Jan 2024	28 Jan 2024	CPAI-2021-2091	CVE-2021-21973	VMware Multiple Products Server-Side Request Forgery (CVE-2021-21973)
High	24 Jan 2024	28 Jan 2024	CPAI-2023-1485	CVE-2023-24580	Django Denial of Service (CVE-2023-24580)
Medium	28 Jan 2024	28 Jan 2024	CPAI-2019-3138	CVE-2019-13396	FlightPath Directory Traversal (CVE-2019-13396)
Medium	25 Jan 2024	25 Jan 2024	CPAI-2023-1488	CVE-2023-0552	WordPress Pie Register Plugin Open Redirect (CVE-2023-0552)
High	25 Jan 2024	25 Jan 2024	CPAI-2023-1467	CVE-2023-25573	Metersphere Improper Access Control (CVE-2023-25573)
Medium	25 Jan 2024	25 Jan 2024	CPAI-2022-1995	CVE-2022-39960	Netic Group Export Authentication Bypass (CVE-2022-39960)
Critical	25 Jan 2024	25 Jan 2024	CPAI-2023-1457	CVE-2023-48022	Anyscale Ray Remote Code Execution (CVE-2023-48022)
Critical	16 Jan 2024	24 Jan 2024	CPAI-2023-1469	CVE-2023-6875	WordPress POST SMTP Mailer Plugin Authentication Bypass (CVE-2023-6875)
Critical	24 Jan 2024	24 Jan 2024	CPAI-2018-2651	CVE-2018-7251	Anchor CMS Information Disclosure (CVE-2018-7251)
Critical	24 Jan 2024	24 Jan 2024	CPAI-2023-1158	CVE-2023-4634	WordPress Media Library Assistant Plugin Remote Code Execution (CVE-2023-4634)
High	22 Jan 2024	22 Jan 2024	CPAI-2023-1479	CVE-2023-46455	GL.iNET GL-AR300M Directory Traversal (CVE-2023-46455)
Critical	22 Jan 2024	22 Jan 2024	CPAI-2023-1474	CVE-2023-5322 CVE-2023-6581	D-Link DAR-7000 SQL Injection (CVE-2023-5322; CVE-2023-6581)
Critical	22 Jan 2024	22 Jan 2024	CPAI-2023-1472	CVE-2023-49417 CVE-2023-49418	TOTOLINK A7000R Stack Overflow (CVE-2023-49417; CVE-2023-49418)
Medium	22 Jan 2024	22 Jan 2024	CPAI-2018-2652	CVE-2018-7662	Couch CMS Information Disclosure (CVE-2018-7662)
Critical	22 Jan 2024	22 Jan 2024	CPAI-2022-2000	CVE-2022-36553	Hytec Inter Command Injection (CVE-2022-36553)
Critical	22 Jan 2024	22 Jan 2024	CPAI-2022-2004	CVE-2022-29383	NETGEAR ProSAFE SSL VPN SQL Injection (CVE-2022-29383)
High	22 Jan 2024	22 Jan 2024	CPAI-2022-2003	CVE-2022-2200	Mozilla Multiple Products Prototype Pollution (CVE-2022-2200)
Critical	22 Jan 2024	22 Jan 2024	CPAI-2022-2002	CVE-2022-32429	Mega System Technologies MSNSwitch Authentication Bypass (CVE-2022-32429)
Medium	22 Jan 2024	22 Jan 2024	CPAI-2019-3144	CVE-2019-17503	Kirona Dynamic Resource Scheduling Information Disclosure (CVE-2019-17503)
High	21 Jan 2024	21 Jan 2024	CPAI-2019-3142	CVE-2019-11248	Kubernetes Authentication Bypass (CVE-2019-11248)
Critical	21 Jan 2024	21 Jan 2024	CPAI-2020-4098	CVE-2020-2733	Oracle JD Edwards EnterpriseOne Tools Authentication Bypass (CVE-2020-2733)
High	21 Jan 2024	21 Jan 2024	CPAI-2022-1987	CVE-2022-36883	Jenkins Git Plugin Authentication Bypass (CVE-2022-36883)