Home / 2020 Advisories Archive

2020 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Critical	6 Dec 2020	6 Dec 2020	CPAI-2016-1024	CVE-2016-9682	SonicWall Secure Remote Access Server Command Injection (CVE-2016-9682)
High	6 Dec 2020	6 Dec 2020	CPAI-2016-1025	CVE-2016-0093	Microsoft Windows Server Privilege Escalation (CVE-2016-0093)
Critical	6 Dec 2020	6 Dec 2020	CPAI-2016-1027	CVE-2016-9684	Sonicwall Secure Remote Access Server Command Injection (CVE-2016-9684)
Critical	4 Nov 2020	6 Dec 2020	CPAI-2020-1095	CVE-2020-1472	Winlogon Privilege Escalation (CVE-2020-1472)
Critical	6 Dec 2020	6 Dec 2020	CPAI-2020-1260	CVE-2020-5260	Git Information Disclosure (CVE-2020-5260)
Medium	6 Dec 2020	6 Dec 2020	CPAI-2020-1262	CVE-2020-1958	Apache Druid Information Disclosure (CVE-2020-1958)
High	6 Dec 2020	6 Dec 2020	CPAI-2010-0658	CVE-2010-2738	Microsoft Windows Uniscribe Memory Corruption (CVE-2010-2738)
High	18 Nov 2020	3 Dec 2020	CPAI-2020-1198	CVE-2020-11530 CVE-2020-17463 CVE-2020-17506 CVE-2020-25990 CVE-2020-27481 CVE-2020-5766 CVE-2020-8655 CVE-2020-8656 CVE-2020-9465	SQL Injection Over HTTP Traffic (CVE-2020-11530; CVE-2020-17463; CVE-2020-17506; CVE-2020-25990; CVE-2020-27481; CVE-2020-5766; CVE-2020-8655; CVE-2020-8656; CVE-2020-9465)
Medium	3 Dec 2020	3 Dec 2020	CPAI-2020-1257	CVE-2020-28578 CVE-2020-28579	Trend Micro InterScan Web Security Virtual Appliance Stack Overflow (CVE-2020-28578; CVE-2020-28579)
High	2 Dec 2020	2 Dec 2020	CPAI-2016-1019	CVE-2016-0007	Microsoft Windows Server Privilege Escalation (CVE-2016-0007)
High	2 Dec 2020	2 Dec 2020	CPAI-2016-1020	CVE-2016-0095	Microsoft Windows Server Privilege Escalation (CVE-2016-0095)
Medium	2 Dec 2020	2 Dec 2020	CPAI-2016-1021	CVE-2016-3371	Microsoft Windows Server Information Disclosure (CVE-2016-3371)
Medium	2 Dec 2020	2 Dec 2020	CPAI-2016-1022	CVE-2016-8719	Moxa AWK-3131A Cross-Site Scripting (CVE-2016-8719)
High	1 Dec 2020	1 Dec 2020	CPAI-2020-1235	CVE-2020-24365	Gemtek WRTM-127ACN Command Injection (CVE-2020-24365)
Critical	1 Dec 2020	1 Dec 2020	CPAI-2020-1237	CVE-2020-28140	SourceCodester Online Clothing Store Command Injection (CVE-2020-28140)
Critical	1 Dec 2020	1 Dec 2020	CPAI-2020-1240	CVE-2020-28130	SourceCodester Online Library Management System Command Injection (CVE-2020-28130)
Medium	1 Dec 2020	1 Dec 2020	CPAI-2020-1242		WonderCMS Persistent Cross-Site Scripting
High	29 Nov 2020	29 Nov 2020	CPAI-2020-1223	CVE-2020-8165	Ruby On Rails Remote Code Execution (CVE-2020-8165)
High	29 Nov 2020	29 Nov 2020	CPAI-2020-1239	CVE-2020-28138	SourceCodester Online Clothing Store SQL Injection (CVE-2020-28138)
High	29 Nov 2020	29 Nov 2020	CPAI-2020-1241	CVE-2020-5791	Nagios XI Command Injection (CVE-2020-5791)
High	29 Nov 2020	29 Nov 2020	CPAI-2020-1243	CVE-2020-18185	PluXml Remote Code Execution (CVE-2020-18185)
High	29 Nov 2020	29 Nov 2020	CPAI-2020-1245	CVE-2020-25483	UCMS Project Command Injection (CVE-2020-25483)
Medium	28 Nov 2020	28 Nov 2020	CPAI-2019-2406	CVE-2019-19143	TP-LINK TL-WR849N Authentication Bypass (CVE-2019-19143)
Critical	28 Nov 2020	28 Nov 2020	CPAI-2020-1222	CVE-2020-27955	Git LFS Remote Code Execution (CVE-2020-27955)
Critical	28 Nov 2020	28 Nov 2020	CPAI-2020-1224	CVE-2020-7357	Cayin CMS Command Injection (CVE-2020-7357)
Medium	28 Nov 2020	28 Nov 2020	CPAI-2020-1231		Nagios Log Server Persistent Cross-Site Scripting
High	28 Nov 2020	28 Nov 2020	CPAI-2020-1233	CVE-2020-28328	SuiteCRM Remote Code Execution (CVE-2020-28328)
High	28 Nov 2020	28 Nov 2020	CPAI-2010-0657	CVE-2010-2145	ClearSite Beta Remote File Inclusion (CVE-2010-2145)
High	28 Nov 2020	28 Nov 2020	CPAI-2020-1236	CVE-2020-5791	Nagios XI mibs.php Command Injection (CVE-2020-5791)
Medium	28 Nov 2020	28 Nov 2020	CPAI-2016-1016	CVE-2016-0070	Microsoft Windows Privilege Escalation (CVE-2016-0070)
Medium	28 Nov 2020	28 Nov 2020	CPAI-2016-1017	CVE-2016-8383	AntennaHouse DMC HTMLFilter Memory Corruption (CVE-2016-8383)
Medium	28 Nov 2020	28 Nov 2020	CPAI-2016-1018	CVE-2016-0517	Oracle E-Business Suite HR Component Multiple Vulnerabilities (CVE-2016-0517)
High	25 Nov 2020	25 Nov 2020	CPAI-2020-1186	CVE-2020-13778	rConfig Remote Code Execution (CVE-2020-13778)
Critical	25 Nov 2020	25 Nov 2020	CPAI-2020-1202	CVE-2020-25763	Seat Reservation System Arbitrary File Upload (CVE-2020-25763)
High	25 Nov 2020	25 Nov 2020	CPAI-2020-1204	CVE-2020-13259	RAD SecFlow-1v Cross Site Request Forgery (CVE-2020-13259)
Medium	25 Nov 2020	25 Nov 2020	CPAI-2020-1217		Wordpress Yoast SEO Plugin Arbitrary File Upload
Critical	25 Nov 2020	25 Nov 2020	CPAI-2020-1218	CVE-2020-7373	VBulletin Remote Code Execution (CVE-2020-7373)
Medium	25 Nov 2020	25 Nov 2020	CPAI-2020-1220		ASUS TM-AC1900 Command Injection
High	29 Sep 2020	23 Nov 2020	CPAI-2019-2274	CVE-2019-11447	CutePHP Cutenews Remote Code Execution (CVE-2019-11447)
Medium	23 Nov 2020	23 Nov 2020	CPAI-2020-1148	CVE-2020-5730	OpenMRS Cross-Site Scripting (CVE-2020-5730)
Critical	23 Nov 2020	23 Nov 2020	CPAI-2020-1189	CVE-2020-27739	Citadel WebCit Cross Site Scripting (CVE-2020-27739)
Critical	23 Nov 2020	23 Nov 2020	CPAI-2020-1190	CVE-2020-16257	Winston Command Injection (CVE-2020-16257)
High	23 Nov 2020	23 Nov 2020	CPAI-2020-1192	CVE-2020-16256	Winston Cross Site Request Forgery (CVE-2020-16256)
High	23 Nov 2020	23 Nov 2020	CPAI-2020-1219	CVE-2020-8209	Citrix XenMobile Server Directory Traversal (CVE-2020-8209)
Critical	23 Nov 2020	23 Nov 2020	CPAI-2019-2393	CVE-2019-19825	TOTOLINK Realtek SDK Routers Authentication Bypass (CVE-2019-19825)
Critical	23 Nov 2020	23 Nov 2020	CPAI-2019-2403	CVE-2019-3930	Crestron Stack Overflow (CVE-2019-3930)
Critical	23 Nov 2020	23 Nov 2020	CPAI-2019-2404	CVE-2019-3932	Crestron Authentication Bypass (CVE-2019-3932)
Medium	23 Nov 2020	23 Nov 2020	CPAI-2020-1193		Joomla Publisher Component Persistent Cross-Site Scripting
Medium	23 Nov 2020	23 Nov 2020	CPAI-2020-1194	CVE-2020-5736	Amcrest Cameras Null Pointer Dereference (CVE-2020-5736)
High	23 Nov 2020	23 Nov 2020	CPAI-2020-1195	CVE-2020-5735	Amcrest Cameras Stack Buffer Overflow (CVE-2020-5735)