Home / 2020 Advisories Archive

2020 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Medium	27 Mar 2020	27 Mar 2020	CPAI-2020-0109			PHP Garbage Collector Command Injection
Critical	27 Mar 2020	27 Mar 2020	CPAI-2016-0968		CVE-2016-8735	Apache Tomcat Remote Code Execution (CVE-2016-8735)
High	27 Mar 2020	27 Mar 2020	CPAI-2020-0155		CVE-2020-3797	Adobe Acrobat and Reader Memory corruption (APSB20-13: CVE-2020-3797)
High	27 Mar 2020	27 Mar 2020	CPAI-2020-0157		CVE-2020-3806	Adobe Acrobat and Reader Out-of-Bounds Read (APSB20-13: CVE-2020-3806)
High	27 Mar 2020	27 Mar 2020	CPAI-2020-0161		CVE-2020-3793	Adobe Acrobat and Reader Use after free (APSB20-13: CVE-2020-3793)
Medium	26 Mar 2020	26 Mar 2020	CPAI-2020-0112		CVE-2020-8615	WordPress Tutor LMS Plugin Cross Site Request Forgery (CVE-2020-8615)
Medium	26 Mar 2020	26 Mar 2020	CPAI-2020-0146		CVE-2020-8866	Horde Groupware PHP File Inclusion (CVE-2020-8866)
Critical	24 Mar 2020	26 Mar 2020	CPAI-2020-0152			Adobe Type Manager Library Remote Code Execution
High	26 Mar 2020	26 Mar 2020	CPAI-2020-0164		CVE-2020-10111	Citrix Gateway Cache Bypass (CVE-2020-10111)
Medium	25 Mar 2020	25 Mar 2020	CPAI-2018-1264		CVE-2018-14710	Asus ASUSWRT Reflected Cross Site Scripting (CVE-2018-14710)
High	16 Mar 2020	16 Mar 2020	CPAI-2020-0015			WEMS BEMS Authentication Bypass
High	16 Mar 2020	16 Mar 2020	CPAI-2018-1319		CVE-2018-4438	Apple Webkit Memory Corruption (CVE-2018-4438)
High	16 Mar 2020	16 Mar 2020	CPAI-2018-1320		CVE-2018-4442	Apple WebKit Use After Free (CVE-2018-4442)
High	16 Mar 2020	16 Mar 2020	CPAI-2020-0123			WordPress Ultimate-Member Plugin Cross-Site Scripting
High	25 Feb 2020	15 Mar 2020	CPAI-2019-1785		CVE-2019-10984 CVE-2019-10996	Red Lion Crimson Type Confusion (CVE-2019-10996; CVE-2019-10984)
High	15 Mar 2020	15 Mar 2020	CPAI-2020-0082			WordPress ThemeREX Plugin Remote Code Execution
High	15 Mar 2020	15 Mar 2020	CPAI-2020-0141		CVE-2020-10487	Apache Tomcat AJP File Inclusion (CVE-2020-10487)
Medium	11 Mar 2020	11 Mar 2020	CPAI-2018-1265		CVE-2018-14712	Asus ASUSWRT Buffer Overflow (CVE-2018-14712)
High	11 Mar 2020	11 Mar 2020	CPAI-2018-1270		CVE-2018-14713	Asus ASUSWRT Information Disclosure (CVE-2018-14713)
Critical	11 Mar 2020	11 Mar 2020	CPAI-2019-1884		CVE-2019-17570	Apache XML-RPC Insecure Deserialization (CVE-2019-17570)
Medium	11 Mar 2020	11 Mar 2020	CPAI-2020-0105			WordPress InfiniteWP Plugin Authentication Bypass
High	10 Mar 2020	10 Mar 2020	CPAI-2020-0090	Microsoft CVE-2020-0690	CVE-2020-0690	Microsoft DirectX Elevation of Privilege (CVE-2020-0690)
Critical	10 Mar 2020	10 Mar 2020	CPAI-2020-0093	Microsoft CVE-2020-0832	CVE-2020-0832	Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2020-0832)
Critical	10 Mar 2020	10 Mar 2020	CPAI-2020-0094	Microsoft CVE-2020-0824	CVE-2020-0824	Microsoft VBScript Remote Code Execution (CVE-2020-0824)
Critical	10 Mar 2020	10 Mar 2020	CPAI-2020-0095	Microsoft CVE-2020-0847	CVE-2020-0847	Microsoft VBScript Remote Code Execution (CVE-2020-0847)
High	10 Mar 2020	10 Mar 2020	CPAI-2020-0125		CVE-2020-3804	Adobe Acrobat and Reader Out-of-Bounds Read (APSB20-13: CVE-2020-3804)
High	8 Mar 2020	8 Mar 2020	CPAI-2018-1304		CVE-2018-17281	Digium Asterisk res_http_websocket Denial of Service (CVE-2018-17281)
Critical	8 Mar 2020	8 Mar 2020	CPAI-2020-0118		CVE-2020-10189	Zoho ManageEngine Remote Code Execution (CVE-2020-10189)
Medium	5 Mar 2020	5 Mar 2020	CPAI-2019-1671		CVE-2019-12436	Samba Denial of Service (CVE-2019-12436)
High	5 Mar 2020	5 Mar 2020	CPAI-2019-1765		CVE-2019-11943	HPE Intelligent Management Center Remote Code Execution (CVE-2019-11943)
High	5 Mar 2020	5 Mar 2020	CPAI-2019-1773		CVE-2019-11944	HPE Intelligent Management Center Insecure Deserialization (CVE-2019-11944)
High	25 Feb 2020	5 Mar 2020	CPAI-2019-1831		CVE-2019-11956	HPE ByteMessageResource Insecure Deserialization (CVE-2019-11956)
High	5 Mar 2020	5 Mar 2020	CPAI-2019-1912		CVE-2019-10987	Advantech WebAccess Remote Code Execution (CVE-2019-10987)
Medium	5 Mar 2020	5 Mar 2020	CPAI-2019-1915		CVE-2019-10097	Apache httpd Server Buffer Overflow (CVE-2019-10097)
Critical	5 Mar 2020	5 Mar 2020	CPAI-2019-1913		CVE-2019-5386	HPE Intelligent Management Center Remote Code Execution (CVE-2019-5386)
Critical	11 Feb 2020	4 Mar 2020	CPAI-2019-1722		CVE-2019-13556	Advantech WebAccess Buffer Overflow (CVE-2019-13556)
Medium	20 Feb 2020	4 Mar 2020	CPAI-2019-1860		CVE-2019-18890	Redmine SQL Injection (CVE-2019-18890)
Critical	23 Feb 2020	4 Mar 2020	CPAI-2020-0083		CVE-2020-7047 CVE-2020-7048	WordPress ThemeGrill Plugin Privilege Escalation (CVE-2020-7047; CVE-2020-7048)
High	23 Feb 2020	4 Mar 2020	CPAI-2020-0084			WordPress GDPR Cookie Consent Plugin Cross Site Scripting
Medium	1 Mar 2020	1 Mar 2020	CPAI-2019-1679		CVE-2019-12827	Digium Asterisk Denial Of Service (CVE-2019-12827)
High	1 Mar 2020	1 Mar 2020	CPAI-2019-1706		CVE-2019-13552	Advantech WebAccess SCADA Policy Bypass (CVE-2019-13552)
Medium	1 Mar 2020	1 Mar 2020	CPAI-2019-1713		CVE-2019-13182	Solarwinds Serv-U Ftp Server Cross-Site Scripting (CVE-2019-13182)
Critical	1 Mar 2020	1 Mar 2020	CPAI-2019-1802		CVE-2019-12630	Cisco Security Manager Insecure Deserialization (CVE-2019-12630)
Medium	1 Mar 2020	1 Mar 2020	CPAI-2019-1902		CVE-2019-2888	Oracle Weblogic Server Remote Code Execution (CVE-2019-2888)
High	1 Mar 2020	1 Mar 2020	CPAI-2019-1904		CVE-2019-2890	Oracle Weblogic Server Remote Code Execution (CVE-2019-2890)
High	1 Mar 2020	1 Mar 2020	CPAI-2019-1754		CVE-2019-1406	Microsoft Windows Jet Database Off By One (CVE-2019-1406)
High	1 Mar 2020	1 Mar 2020	CPAI-2015-1049		CVE-2015-7611	Apache James Server Command Injection (CVE-2015-7611)
Critical	1 Mar 2020	1 Mar 2020	CPAI-2018-1316		CVE-2018-17456	Git Submodule Remote Code Execution (CVE-2018-17456)
High	27 Feb 2020	27 Feb 2020	CPAI-2017-1037		CVE-2017-2505	Apple Webkit Remote Code Execution (CVE-2017-2505)
High	27 Feb 2020	27 Feb 2020	CPAI-2020-0006			Phpgurukul Hospital Management System Authentication Bypass