Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	24 Apr 2024	24 Apr 2024	CPAI-2021-2158		CVE-2021-36393	Moodle SQL Injection (CVE-2021-36393)
Critical	24 Apr 2024	24 Apr 2024	CPAI-2023-1653		CVE-2023-6019	Ray Command Injection (CVE-2023-6019)
High	24 Apr 2024	24 Apr 2024	CPAI-2024-0182		CVE-2024-24725	Gibbon LMS Insecure Deserialization (CVE-2024-24725)
High	24 Apr 2024	24 Apr 2024	CPAI-2024-0144		CVE-2024-25617	Squid Denial of Service (CVE-2024-25617)
High	10 Mar 2024	24 Apr 2024	CPAI-2023-1577		CVE-2023-50386	Apache Solr Arbitrary File Upload (CVE-2023-50386)
Critical	24 Apr 2024	24 Apr 2024	CPAI-2023-1668		CVE-2023-50252	Dompdf php-svg-lib Insecure Deserialization (CVE-2023-50252)
Medium	24 Apr 2024	24 Apr 2024	CPAI-2024-0188		CVE-2024-21388	Microsoft Edge Chromium Privilege Escalation (CVE-2024-21388)
Critical	21 Apr 2024	21 Apr 2024	CPAI-2024-0204		CVE-2024-0930	Tenda AC10U Buffer Overflow (CVE-2024-0930)
High	21 Apr 2024	21 Apr 2024	CPAI-2021-2157		CVE-2021-35325	TOTOLINK A720R Buffer Overflow (CVE-2021-35325)
High	21 Apr 2024	21 Apr 2024	CPAI-2023-1658		CVE-2023-7024	Google Chrome Heap Buffer Overflow (CVE-2023-7024)
Medium	21 Apr 2024	21 Apr 2024	CPAI-2020-4157		CVE-2020-2039	Palo Alto Networks PAN-OS Denial of Service (CVE-2020-2039)
Medium	21 Apr 2024	21 Apr 2024	CPAI-2022-2044		CVE-2022-29349 CVE-2022-40879 CVE-2022-46934	kkFileView Cross-Site Scripting (CVE-2022-29349; CVE-2022-40879; CVE-2022-46934)
High	21 Apr 2024	21 Apr 2024	CPAI-2023-1186		CVE-2023-39584	Hexo Directory Traversal (CVE-2023-39584)
High	18 Apr 2024	18 Apr 2024	CPAI-2024-0200		CVE-2024-24747	MinIO Privilege Escalation (CVE-2024-24747)
High	18 Apr 2024	18 Apr 2024	CPAI-2022-2053		CVE-2022-3723	Google Chrome Type Confusion (CVE-2022-3723)
Medium	18 Apr 2024	18 Apr 2024	CPAI-2024-0194		CVE-2024-31138	JetBrains TeamCity Cross-Site Scripting (CVE-2024-31138)
Medium	18 Apr 2024	18 Apr 2024	CPAI-2023-1657		CVE-2023-32985	Jenkins Sidebar Link Plugin Directory Traversal (CVE-2023-32985)
Critical	18 Apr 2024	18 Apr 2024	CPAI-2018-2732		CVE-2018-10143	Palo Alto Networks Expedition Command Injection (CVE-2018-10143)
High	18 Apr 2024	18 Apr 2024	CPAI-2023-1650		CVE-2023-24078	Real Time Logic FuguHub Remote Code Execution (CVE-2023-24078)
High	18 Apr 2024	18 Apr 2024	CPAI-2023-1649		CVE-2023-46695	Django Denial of Service (CVE-2023-46695)
High	18 Apr 2024	18 Apr 2024	CPAI-2021-2154		CVE-2021-27358	Grafana Snapshot Feature Denial of Service (CVE-2021-27358)
High	18 Apr 2024	18 Apr 2024	CPAI-2023-1647		CVE-2023-2591 CVE-2023-2859	TeamPass Cross-Site Scripting (CVE-2023-2591; CVE-2023-2859)
Critical	18 Apr 2024	18 Apr 2024	CPAI-2022-2051		CVE-2022-44366	Tenda i21 Heap Overflow (CVE-2022-44366)
High	18 Apr 2024	18 Apr 2024	CPAI-2024-0185		CVE-2024-0801	Arcserve Unified Data Protection Denial-Of-Service (CVE-2024-0801)
Medium	18 Apr 2024	18 Apr 2024	CPAI-2024-0177		CVE-2024-23494	Delta Electronics DIAEnergie SQL Injection (CVE-2024-23494)
Critical	18 Apr 2024	18 Apr 2024	CPAI-2023-1637		CVE-2023-6895	Hikvision Intercom Broadcasting System Command Injection (CVE-2023-6895)
Medium	18 Apr 2024	18 Apr 2024	CPAI-2024-0166		CVE-2024-25574	Delta Electronics DIAEnergie SQL Injection (CVE-2024-25574)
Medium	18 Apr 2024	18 Apr 2024	CPAI-2023-1628		CVE-2023-39265	Apache Superset Authentication Bypass (CVE-2023-39265)
Critical	6 Mar 2024	18 Apr 2024	CPAI-2024-0104		CVE-2024-27198	JetBrains TeamCity Authentication Bypass (CVE-2024-27198)
High	18 Apr 2024	18 Apr 2024	CPAI-2022-2029		CVE-2022-36635	ZKTeco ZKBioSecurity SQL Injection (CVE-2022-36635)
High	18 Apr 2024	18 Apr 2024	CPAI-2023-0930		CVE-2023-38124	Inductive Automation Ignition Cross-Site Scripting (CVE-2023-38124)
Medium	17 Apr 2024	17 Apr 2024	CPAI-2023-1651		CVE-2023-0992	WordPress Shield Security Plugin Cross-Site Scripting (CVE-2023-0992)
Medium	17 Apr 2024	17 Apr 2024	CPAI-2023-1656		CVE-2023-36563	Microsoft WordPad Information Disclosure (CVE-2023-36563)
High	17 Apr 2024	17 Apr 2024	CPAI-2022-2052		CVE-2022-45768	EDIMAX BR-6428nS Command Injection (CVE-2022-45768)
High	17 Apr 2024	17 Apr 2024	CPAI-2023-0449		CVE-2023-32714	Splunk Arbitrary File Read and Write (CVE-2023-32714)
High	16 Apr 2024	16 Apr 2024	CPAI-2023-1646		CVE-2023-25437	vTech VCS754 Information Disclosure (CVE-2023-25437)
High	15 Apr 2024	15 Apr 2024	CPAI-2023-1652		CVE-2023-47565	QNAP QVR Command Injection (CVE-2023-47565)
High	14 Apr 2024	14 Apr 2024	CPAI-2024-0187		CVE-2024-20767	Adobe ColdFusion Information Disclosure (CVE-2024-20767)
Critical	14 Apr 2024	14 Apr 2024	CPAI-2022-2049		CVE-2022-24838	Nextcloud Calendar SMTP Command Injection (CVE-2022-24838)
Critical	14 Apr 2024	14 Apr 2024	CPAI-2023-1642		CVE-2023-34747	UJCMS Arbitrary File Upload (CVE-2023-34747)
High	14 Apr 2024	14 Apr 2024	CPAI-2024-0163		CVE-2024-1538	WordPress File Manager Plugin Cross-Site Scripting (CVE-2024-1538)
High	14 Apr 2024	14 Apr 2024	CPAI-2023-1632		CVE-2023-2833	WordPress ReviewX Plugin Privilege Escalation (CVE-2023-2833)
Medium	14 Apr 2024	14 Apr 2024	CPAI-2021-2147		CVE-2021-21816	D-Link DIR-3040 Information Disclosure (CVE-2021-21816)
Medium	14 Apr 2024	14 Apr 2024	CPAI-2023-0461		CVE-2023-34225	JetBrains TeamCity Cross-Site Scripting (CVE-2023-34225)
High	14 Apr 2024	14 Apr 2024	CPAI-2018-2731		CVE-2018-15517	D-Link Central WiFiManager Server-Side Request Forgery (CVE-2018-15517)
High	11 Apr 2024	11 Apr 2024	CPAI-2023-1643		CVE-2023-34096	Thruk Path Traversal (CVE-2023-34096)
Critical	11 Apr 2024	11 Apr 2024	CPAI-2023-1641		CVE-2023-3643	Boss Mini Information Disclosure (CVE-2023-3643)
High	11 Apr 2024	11 Apr 2024	CPAI-2023-1616		CVE-2023-48725	Netgear RAX30 Buffer Overflow (CVE-2023-48725)
Medium	10 Apr 2024	10 Apr 2024	CPAI-2023-1634		CVE-2023-2745	WordPress Directory Traversal (CVE-2023-2745)
High	9 Apr 2024	9 Apr 2024	CPAI-2024-0183	Microsoft CVE-2024-26234	CVE-2024-26234	Microsoft Proxy Driver Spoofing (CVE-2024-26234)