Home / 2020 Advisories Archive

2020 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	25 Feb 2020	6 May 2020	CPAI-2019-1729	CVE-2019-5373 CVE-2019-5374	HPE Intelligent Management Center Command Injection (CVE-2019-5373; CVE-2019-5374)
Critical	6 May 2020	6 May 2020	CPAI-2020-0336		Kinsing Malware Infection Attempt
High	23 Apr 2020	4 May 2020	CPAI-2020-0301		WECON LeviStudio MulStatus szFilename Stack Buffer Overflow
High	1 Mar 2020	1 May 2020	CPAI-2020-0104	CVE-2020-0688	Microsoft Exchange Server Remote Code Execution (CVE-2020-0688)
High	1 May 2020	1 May 2020	CPAI-2020-0313		HPE IMC ForwardRedirect Expression Language Injection
High	1 May 2020	1 May 2020	CPAI-2020-0314		WECON LeviStudio MulStatus Buffer Overflow
High	1 May 2020	1 May 2020	CPAI-2020-0315		WECON LeviStudio G_bmp Buffer Overflow
High	1 May 2020	1 May 2020	CPAI-2020-0316		WordPress SEO Plugin Authentication Bypass
High	1 May 2020	1 May 2020	CPAI-2020-0317		WECON LeviStudio ShortMessage Buffer Overflow
Medium	30 Apr 2020	30 Apr 2020	CPAI-2020-0253	CVE-2020-6009	WordPress LearnDash Plugin SQL Injection (CVE-2020-6009)
Critical	30 Apr 2020	30 Apr 2020	CPAI-2020-0254		WordPress LearnPress Plugin Privilege Escalation
Critical	30 Apr 2020	30 Apr 2020	CPAI-2020-0256	CVE-2020-6008	WordPress LifterLMS Plugin Arbitrary File Write (CVE-2020-6008)
High	12 Apr 2020	30 Apr 2020	CPAI-2019-1974	CVE-2019-1070	Microsoft SharePoint Server Cross Site Scripting (CVE-2019-1070)
High	7 Apr 2020	27 Apr 2020	CPAI-2020-0187	CVE-2020-0693	Microsoft SharePoint Server Stored Cross Site Scripting (CVE-2020-0693)
Critical	8 Apr 2020	27 Apr 2020	CPAI-2020-0178	CVE-2020-2586 CVE-2020-2587	Oracle E-Business Suite SQL Injection (CVE-2020-2586; CVE-2020-2587)
High	27 Apr 2020	27 Apr 2020	CPAI-2020-0242	CVE-2020-9335	WordPress 10Web Photo Gallery Plugin Cross Site Scripting (CVE-2020-9335)
High	23 Apr 2020	27 Apr 2020	CPAI-2020-0299	CVE-2020-6586	Nagios Log Server Cross-Site Scripting (CVE-2020-6586)
Medium	27 Apr 2020	27 Apr 2020	CPAI-2020-0296	CVE-2020-8878	Foxitsoftware Foxit Studio Photo Remote Code Execution (CVE-2020-8878)
Critical	27 Apr 2020	27 Apr 2020	CPAI-2019-2071	CVE-2019-2904	Oracle JDeveloper ADF Faces Insecure Deserialization (CVE-2019-2904)
High	26 Apr 2020	26 Apr 2020	CPAI-2020-0167		HPE IMC ForwardRedirect Remote Code Execution
High	26 Apr 2020	26 Apr 2020	CPAI-2020-0168		HPE IMC Remote Code Execution
Critical	26 Apr 2020	26 Apr 2020	CPAI-2020-0287	CVE-2020-1947	Apache ShardingSphere Insecure Deserialization (CVE-2020-1947)
Critical	30 Mar 2020	23 Apr 2020	CPAI-2020-0175	CVE-2020-10245	CODESYS Web Server Buffer Overflow (CVE-2020-10245)
Critical	5 Mar 2020	22 Apr 2020	CPAI-2019-1751	CVE-2019-5370	HPE Intelligent Management Center Remote Code Execution (CVE-2019-5370)
Medium	19 Apr 2020	19 Apr 2020	CPAI-2016-0969	CVE-2016-3113	Ovirt Engine Reflected Cross Site Scripting (CVE-2016-3113)
High	19 Apr 2020	19 Apr 2020	CPAI-2019-2044	CVE-2019-15980	Cisco Data Center Network Manager Directory Traversal (CVE-2019-15980)
Critical	19 Apr 2020	19 Apr 2020	CPAI-2019-2050	CVE-2019-5105	CoDeSys V3 CmpRouter and CmpRouterEmbedded Integer Overflow (CVE-2019-5105)
High	19 Apr 2020	19 Apr 2020	CPAI-2019-2047	CVE-2019-18227	Advantech WISE-PaaS/RMM XML External Entity Injection (CVE-2019-18227)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2019-2015	CVE-2019-18229	Advantech WISE-PaaS/RMM SQL Injection (CVE-2019-18229)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2019-2016	CVE-2019-18610	Sangoma Asterisk Command Injection (CVE-2019-18610)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2019-2019	CVE-2019-1443	Microsoft SharePoint Information Disclosure (CVE-2019-1443)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2020-0268	CVE-2020-7064	PHP exif_read_data Out-Of-Bounds Read (CVE-2020-7064)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2020-0269	CVE-2020-7066	PHP get_headers Information Disclosure (CVE-2020-7066)
Medium	16 Apr 2020	16 Apr 2020	CPAI-2020-0270	CVE-2020-7065	PHP mb_strtolower Stack Buffer Overflow (CVE-2020-7065)
High	8 Apr 2020	8 Apr 2020	CPAI-2019-1973	CVE-2019-0189	Apache OFBiz Insecure Deserialization (CVE-2019-0189)
High	8 Apr 2020	8 Apr 2020	CPAI-2020-0226	CVE-2020-0729	Microsoft Windows LNK Remote Code Execution (CVE-2020-0729)
Medium	7 Apr 2020	7 Apr 2020	CPAI-2019-0760	CVE-2018-15887	Asus Dsln12e C1 Firmware Command Execution (CVE-2018-15887)
Medium	7 Apr 2020	7 Apr 2020	CPAI-2019-1969	CVE-2019-20139	Nagios XI Cross-Site Scripting (CVE-2019-20139)
High	7 Apr 2020	7 Apr 2020	CPAI-2019-1972	CVE-2019-15981	Cisco Data Center Network Manager Arbitrary File Deletion (CVE-2019-15981)
Critical	5 Apr 2020	5 Apr 2020	CPAI-2020-0179	CVE-2020-2555	Oracle Weblogic Insecure Deserialization (CVE-2020-2555)
Medium	2 Apr 2020	2 Apr 2020	CPAI-2018-1276	CVE-2018-13334 CVE-2018-13335 CVE-2018-13357	Terramaster TOS Cross Site Scripting (CVE-2018-13334; CVE-2018-13335; CVE-2018-13357)
Critical	31 Mar 2020	31 Mar 2020	CPAI-2018-1318	CVE-2018-10653	Citrix XenMobile XML External Entity Injection (CVE-2018-10653)
Medium	31 Mar 2020	31 Mar 2020	CPAI-2020-0172	CVE-2020-10385	Wordpress WPForms Plugin Cross-Site Scripting (CVE-2020-10385)
High	30 Mar 2020	30 Mar 2020	CPAI-2020-0163	CVE-2020-3795	Adobe Acrobat and Reader Out-of-bounds write (APSB20-13: CVE-2020-3795)
High	30 Mar 2020	30 Mar 2020	CPAI-2020-0154	CVE-2020-3807	Adobe Acrobat and Reader Buffer overflow (APSB20-13: CVE-2020-3807)
High	30 Mar 2020	30 Mar 2020	CPAI-2020-0160	CVE-2020-3802	Adobe Acrobat and Reader Use after free (APSB20-13: CVE-2020-3802)
High	30 Mar 2020	30 Mar 2020	CPAI-2020-0162	CVE-2020-3792	Adobe Acrobat and Reader Use after free (APSB20-13: CVE-2020-3792)
High	29 Mar 2020	29 Mar 2020	CPAI-2020-0156	CVE-2020-3800	Adobe Acrobat and Reader Memory address leak (APSB20-13: CVE-2020-3800)
High	29 Mar 2020	29 Mar 2020	CPAI-2020-0158	CVE-2020-3799	Adobe Acrobat and Reader Stack-based buffer overflow (APSB20-13: CVE-2020-3799)
High	29 Mar 2020	29 Mar 2020	CPAI-2020-0171	CVE-2020-3801	Adobe Acrobat and Reader Use after free (APSB20-13: CVE-2020-3801)