Home / 2018 Advisories Archive

2018 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
High	22 Nov 2018	5 Mar 2019	CPAI-2019-0031			Trend Micro IWSVA Deploywizard Haport Parameter Command Injection - Ver2
High	22 Nov 2018	5 Mar 2019	CPAI-2019-0029			Trend Micro IWSVA Parameter Command Injection - Ver2
High	22 Nov 2018	5 Mar 2019	CPAI-2019-0030			Trend Micro IWSVA Domain List Bdn Paremeter Command Injection - Ver2
High	12 Jun 2018	3 Mar 2019	CPAI-2018-0532	Microsoft CVE-2018-8210	CVE-2018-8210	Microsoft Windows Remote Code Execution (CVE-2018-8210)
High	27 Nov 2018	3 Mar 2019	CPAI-2018-1111			Magecart Credit Card Stealer
High	13 Feb 2018	27 Feb 2019	CPAI-2018-0116	Adobe APSB18-02	CVE-2018-4904	Adobe Acrobat and Reader Heap Overflow (APSB18-02: CVE-2018-4904)
High	15 Apr 2018	27 Feb 2019	CPAI-2018-0278	Microsoft CVE-2018-0950	CVE-2018-0950	Microsoft Office Information Disclosure (CVE-2018-0950)
High	2 Oct 2018	27 Feb 2019	CPAI-2018-0904	Adobe APSB18-30	CVE-2018-12855	Adobe Acrobat and Reader Buffer Errors (APSB18-30: CVE-2018-12855)
Critical	11 Dec 2018	27 Feb 2019	CPAI-2018-1122	Microsoft CVE-2018-8631	CVE-2018-8631	Microsoft Internet Explorer Memory Corruption (CVE-2018-8631)
High	13 Mar 2018	26 Feb 2019	CPAI-2018-0159	Microsoft CVE-2018-0893	CVE-2018-0893	Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-0893)
High	25 Dec 2018	24 Feb 2019	CPAI-2019-0001		CVE-2018-19615	Rockwell Automation Allen-Bradley PowerMonitor 1000 Cross-Site Scripting (CVE-2018-19615)
Critical	29 Mar 2018	20 Feb 2019	CPAI-2018-0192		CVE-2018-7600	Drupal Core Remote Code Execution (CVE-2018-7600)
Low	9 Dec 2018	13 Feb 2019	CPAI-2018-1226		CVE-2018-7503	Advantech WebAccess NMS DownloadAction Directory Traversal (CVE-2018-7503)
Critical	29 Mar 2018	5 Feb 2019	CPAI-2018-0188			Suspicious Exploit Kit Website Redirection
Medium	9 Dec 2018	3 Feb 2019	CPAI-2018-1225		CVE-2018-3604	Trend Micro Control Manager sCloudService GetPassword SQL Injection (CVE-2018-3604)
High	22 Oct 2018	24 Jan 2019	CPAI-2019-0058		CVE-2018-10594	Delta Electronics Delta Industrial Automation Buffer Overflow (CVE-2018-10594)
Low	2 May 2018	23 Jan 2019	CPAI-2018-0364		CVE-2017-1000117	Git ssh URL Processing Command Execution (CVE-2017-1000117)
Critical	12 Sep 2018	23 Jan 2019	CPAI-2018-0881		CVE-2018-8475	Microsoft Windows Remote Code Execution (CVE-2018-8475)
High	26 Dec 2018	23 Jan 2019	CPAI-2018-1286		CVE-2018-20377	Orange Livebox ADSL modem Information Disclosure (CVE-2018-20377)
Critical	1 Nov 2018	21 Jan 2019	CPAI-2018-1045	Microsoft CVE-2018-8476	CVE-2018-8476	Microsoft Windows Deployment Services TFTP Server Code Execution (CVE-2018-8476)
Critical	7 Oct 2018	20 Jan 2019	CPAI-2018-1119			Hadoop YARN ResourceManager Remote Command Execution
High	18 Dec 2018	17 Jan 2019	CPAI-2018-1288		CVE-2018-1000140	Red Hat librelp Stack Buffer Overflow (CVE-2018-1000140)
High	10 Jul 2018	16 Jan 2019	CPAI-2018-0627	Adobe APSB18-21	CVE-2018-5067	Adobe Acrobat and Reader Heap Overflow (APSB18-21: CVE-2018-5067)
Medium	18 Dec 2018	16 Jan 2019	CPAI-2018-1272		CVE-2018-17207	WordPress Snap Creek Duplicator Code Injection (CVE-2018-17207)
Medium	6 Dec 2018	15 Jan 2019	CPAI-2018-1141		CVE-2018-15768	Dell OpenManage Network Manager Authentication Bypass (CVE-2018-15768)
High	5 Nov 2018	13 Jan 2019	CPAI-2018-1036		CVE-2018-18471	Axentra Hipserv Multiple Vulnerabilities (CVE-2018-18471)
High	5 Nov 2018	13 Jan 2019	CPAI-2018-1073		CVE-2018-3953 CVE-2018-3954 CVE-2018-3955	Linksys ESeries OS Command Injection (CVE-2018-3953; CVE-2018-3954; CVE-2018-3955)
High	13 Dec 2018	6 Jan 2019	CPAI-2018-1255		CVE-2017-14384	Dell EMC Storage Manager EmConfigMigration Servlet Directory Traversal (CVE-2017-14384)
High	10 Dec 2018	4 Jan 2019	CPAI-2018-1170			Microsoft Word Mail Attachment Remote Code Execution
Medium	13 Dec 2018	3 Jan 2019	CPAI-2018-1262	0-day 0DAY_ID_31688	CVE-2018-1000845	Avahi avahi-daemon Denial Of Service (CVE-2018-1000845)
Medium	24 Dec 2018	3 Jan 2019	CPAI-2018-1287		CVE-2018-15715	Zoom Desktop Application Unauthorized UDP Message (CVE-2018-15715)
High	25 Dec 2018	3 Jan 2019	CPAI-2018-1291		CVE-2018-1821	IBM Operational Decision Manager External Entity Injection (CVE-2018-1821)
High	7 Nov 2018	1 Jan 2019	CPAI-2018-1080		CVE-2018-3910	Yi Technology Home Camera cloudAPI SSID Code Execution (CVE-2018-3910)
High	14 Nov 2018	31 Dec 2018	CPAI-2018-1107		CVE-2018-3928	Yi Technology Home Camera 27US Denial Of Service (CVE-2018-3928)
High	27 Nov 2018	31 Dec 2018	CPAI-2018-1112		CVE-2018-3935	Yi Technology Home Camera CRCDec Denial Of Service (CVE-2018-3935)
High	10 Dec 2018	31 Dec 2018	CPAI-2018-1277			Tech Support Scams Obfuscation Methods
Critical	23 Dec 2018	31 Dec 2018	CPAI-2018-1283		CVE-2017-12557	HP Intelligent Management Insecure Deserialization (CVE-2017-12557)
High	21 Nov 2018	30 Dec 2018	CPAI-2018-1279		CVE-2002-0392	Apache Software Foundation Apache HTTP Server Remote Code Execution (CVE-2002-0392) - Ver2
Medium	22 Nov 2018	30 Dec 2018	CPAI-2018-1281		CVE-2017-12544	HPE System Management Homepage Issue (CVE-2017-12544) - Ver2
Critical	17 Dec 2018	30 Dec 2018	CPAI-2018-1284			Magellan SQLite SQL Injection
High	27 Nov 2018	27 Dec 2018	CPAI-2018-1130		CVE-2018-10517	CMS Made Simple Remote Code Execution (CVE-2018-10517)
High	6 Dec 2018	27 Dec 2018	CPAI-2018-1139		CVE-2018-19505	BMC Remedy Privilege Escalation (CVE-2018-19505)
High	6 Nov 2018	26 Dec 2018	CPAI-2018-1079		CVE-2018-3892	Yi Technology Home Camera Time Sync Code Execution (CVE-2018-3892)
High	28 Nov 2018	25 Dec 2018	CPAI-2018-1113		CVE-2017-15120	PowerDNS Recursor Denial of Service (CVE-2017-15120)
High	6 Dec 2018	25 Dec 2018	CPAI-2018-1142	0day	CVE-2018-15767	Dell OpenManage Network Manager Authentication Bypass (CVE-2018-15767)
High	1 Nov 2018	24 Dec 2018	CPAI-2018-1032		CVE-2017-9312	Rockwell Automation Allen-Bradley L30ERMS Denial Of Service (CVE-2017-9312)
High	24 Dec 2018	24 Dec 2018	CPAI-2018-1282		CVE-2018-15442	Cisco Webex Meetings Desktop App Update Service Command Injection (CVE-2018-15442)
High	25 Sep 2018	23 Dec 2018	CPAI-2018-0957			Multiple Browsers Denial of Service (Browser Reaper)
High	20 Dec 2018	23 Dec 2018	CPAI-2018-1278		CVE-2018-18774	CentOS Web Panel Cross-Site Scripting (CVE-2018-18774)
Critical	19 Dec 2018	20 Dec 2018	CPAI-2018-1275	Microsoft CVE-2018-8653	CVE-2018-8653	Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-8653)