Home / 2020 Advisories Archive

2020 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	10 May 2020	10 May 2020	CPAI-2020-0333		UADMIN Botnet SQL Injection
Critical	10 May 2020	10 May 2020	CPAI-2020-0360	CVE-2020-8599	Trend Micro Apex One and OfficeScan Directory Traversal (CVE-2020-8599)
High	10 May 2020	10 May 2020	CPAI-2020-0362	CVE-2020-3250	Cisco UCS Director Directory Traversal (CVE-2020-3250)
High	8 May 2020	8 May 2020	CPAI-2020-0352		Google Chrome V8 Object.seal Type Confusion
High	1 Mar 2020	7 May 2020	CPAI-2019-1616	CVE-2019-16097	Harbor Container Registry Privilege Escalation (CVE-2019-16097)
High	25 Feb 2020	6 May 2020	CPAI-2019-1729	CVE-2019-5373 CVE-2019-5374	HPE Intelligent Management Center Command Injection (CVE-2019-5373; CVE-2019-5374)
Critical	6 May 2020	6 May 2020	CPAI-2020-0336		Kinsing Malware Infection Attempt
High	23 Apr 2020	4 May 2020	CPAI-2020-0301		WECON LeviStudio MulStatus szFilename Stack Buffer Overflow
High	1 Mar 2020	1 May 2020	CPAI-2020-0104	CVE-2020-0688	Microsoft Exchange Server Remote Code Execution (CVE-2020-0688)
High	1 May 2020	1 May 2020	CPAI-2020-0313		HPE IMC ForwardRedirect Expression Language Injection
High	1 May 2020	1 May 2020	CPAI-2020-0314		WECON LeviStudio MulStatus Buffer Overflow
High	1 May 2020	1 May 2020	CPAI-2020-0315		WECON LeviStudio G_bmp Buffer Overflow
High	1 May 2020	1 May 2020	CPAI-2020-0316		WordPress SEO Plugin Authentication Bypass
High	1 May 2020	1 May 2020	CPAI-2020-0317		WECON LeviStudio ShortMessage Buffer Overflow
Medium	30 Apr 2020	30 Apr 2020	CPAI-2020-0253	CVE-2020-6009	WordPress LearnDash Plugin SQL Injection (CVE-2020-6009)
Critical	30 Apr 2020	30 Apr 2020	CPAI-2020-0254		WordPress LearnPress Plugin Privilege Escalation
Critical	30 Apr 2020	30 Apr 2020	CPAI-2020-0256	CVE-2020-6008	WordPress LifterLMS Plugin Arbitrary File Write (CVE-2020-6008)
High	12 Apr 2020	30 Apr 2020	CPAI-2019-1974	CVE-2019-1070	Microsoft SharePoint Server Cross Site Scripting (CVE-2019-1070)
High	7 Apr 2020	27 Apr 2020	CPAI-2020-0187	CVE-2020-0693	Microsoft SharePoint Server Stored Cross Site Scripting (CVE-2020-0693)
Critical	8 Apr 2020	27 Apr 2020	CPAI-2020-0178	CVE-2020-2586 CVE-2020-2587	Oracle E-Business Suite SQL Injection (CVE-2020-2586; CVE-2020-2587)
High	27 Apr 2020	27 Apr 2020	CPAI-2020-0242	CVE-2020-9335	WordPress 10Web Photo Gallery Plugin Cross Site Scripting (CVE-2020-9335)
High	23 Apr 2020	27 Apr 2020	CPAI-2020-0299	CVE-2020-6586	Nagios Log Server Cross-Site Scripting (CVE-2020-6586)
Medium	27 Apr 2020	27 Apr 2020	CPAI-2020-0296	CVE-2020-8878	Foxitsoftware Foxit Studio Photo Remote Code Execution (CVE-2020-8878)
Critical	27 Apr 2020	27 Apr 2020	CPAI-2019-2071	CVE-2019-2904	Oracle JDeveloper ADF Faces Insecure Deserialization (CVE-2019-2904)
High	26 Apr 2020	26 Apr 2020	CPAI-2020-0167		HPE IMC ForwardRedirect Remote Code Execution
High	26 Apr 2020	26 Apr 2020	CPAI-2020-0168		HPE IMC Remote Code Execution
Critical	26 Apr 2020	26 Apr 2020	CPAI-2020-0287	CVE-2020-1947	Apache ShardingSphere Insecure Deserialization (CVE-2020-1947)
Critical	30 Mar 2020	23 Apr 2020	CPAI-2020-0175	CVE-2020-10245	CODESYS Web Server Buffer Overflow (CVE-2020-10245)
Critical	5 Mar 2020	22 Apr 2020	CPAI-2019-1751	CVE-2019-5370	HPE Intelligent Management Center Remote Code Execution (CVE-2019-5370)
High	22 Apr 2020	22 Apr 2020	CPAI-2020-0294	CVE-2020-5512	Gila CMS Directory Traversal (CVE-2020-5512)
High	1 Mar 2020	21 Apr 2020	CPAI-2019-1682	CVE-2019-11500	Dovecot And Pigeonhole Remote Code Execution (CVE-2019-11500)
Critical	19 Apr 2020	19 Apr 2020	CPAI-2019-1961	CVE-2019-14514	Microvirt MEmu Command Injection (CVE-2019-14514)
Medium	19 Apr 2020	19 Apr 2020	CPAI-2016-0969	CVE-2016-3113	Ovirt Engine Reflected Cross Site Scripting (CVE-2016-3113)
Medium	19 Apr 2020	19 Apr 2020	CPAI-2019-2026	CVE-2019-17116	WiKID 2FA Enterprise Server Cross-Site Scripting (CVE-2019-17116)
High	19 Apr 2020	19 Apr 2020	CPAI-2019-2044	CVE-2019-15980	Cisco Data Center Network Manager Directory Traversal (CVE-2019-15980)
Critical	19 Apr 2020	19 Apr 2020	CPAI-2019-2050	CVE-2019-5105	CoDeSys V3 CmpRouter and CmpRouterEmbedded Integer Overflow (CVE-2019-5105)
High	23 Mar 2020	19 Apr 2020	CPAI-2020-0145	CVE-2020-10221	rConfig Command Injection (CVE-2020-10221)
High	19 Apr 2020	19 Apr 2020	CPAI-2019-2047	CVE-2019-18227	Advantech WISE-PaaS/RMM XML External Entity Injection (CVE-2019-18227)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2019-2015	CVE-2019-18229	Advantech WISE-PaaS/RMM SQL Injection (CVE-2019-18229)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2019-2016	CVE-2019-18610	Sangoma Asterisk Command Injection (CVE-2019-18610)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2019-2019	CVE-2019-1443	Microsoft SharePoint Information Disclosure (CVE-2019-1443)
High	16 Apr 2020	16 Apr 2020	CPAI-2019-2043	CVE-2019-3993	ELOG Project Information Disclosure (CVE-2019-3993)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2020-0268	CVE-2020-7064	PHP exif_read_data Out-Of-Bounds Read (CVE-2020-7064)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2020-0269	CVE-2020-7066	PHP get_headers Information Disclosure (CVE-2020-7066)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2020-0270	CVE-2020-7065	PHP mb_strtolower Stack Buffer Overflow (CVE-2020-7065)
High	8 Apr 2020	8 Apr 2020	CPAI-2019-1973	CVE-2019-0189	Apache OFBiz Insecure Deserialization (CVE-2019-0189)
Medium	8 Apr 2020	8 Apr 2020	CPAI-2020-0217	CVE-2020-5513	Gila CMS Local File Inclusion (CVE-2020-5513)
High	8 Apr 2020	8 Apr 2020	CPAI-2020-0226	CVE-2020-0729	Microsoft Windows LNK Remote Code Execution (CVE-2020-0729)
High	7 Apr 2020	7 Apr 2020	CPAI-2019-0417	CVE-2017-15222	Ayukov NFTPD Buffer Overflow Remote Code Execution (CVE-2017-15222)
Medium	7 Apr 2020	7 Apr 2020	CPAI-2019-0760	CVE-2018-15887	Asus Dsln12e C1 Firmware Command Execution (CVE-2018-15887)