Home / 2021 Advisories Archive

2021 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	5 Dec 2021	24 Jul 2024	CPAI-2021-0240		CVE-2018-19907 CVE-2019-19999 CVE-2021-25770 CVE-2021-35450 CVE-2021-43097 CVE-2021-46063 CVE-2022-24881 CVE-2022-4282 CVE-2022-4300 CVE-2023-41544 CVE-2023-45303 CVE-2024-24230 CVE-2024-28713	Java Server-Side Template Injection (CVE-2018-19907; CVE-2019-19999; CVE-2021-25770; CVE-2021-35450; CVE-2021-43097; CVE-2021-46063; CVE-2022-24881; CVE-2022-4282; CVE-2022-4300; CVE-2023-41544; CVE-2023-45303; CVE-2024-24230; CVE-2024-28713)
Critical	20 Mar 2021	21 Jul 2024	CPAI-2020-1396		CVE-2012-0393 CVE-2016-0785 CVE-2022-22980 CVE-2022-23463 CVE-2023-30331 CVE-2023-34468 CVE-2023-49109 CVE-2023-49299 CVE-2024-0195 CVE-2024-2064 CVE-2024-23320	Java Server Pages Backdoor (CVE-2012-0393; CVE-2016-0785; CVE-2022-22980; CVE-2022-23463; CVE-2023-30331; CVE-2023-34468; CVE-2023-49109; CVE-2023-49299; CVE-2024-0195; CVE-2024-2064; CVE-2024-23320)
Critical	18 Apr 2021	3 Jul 2024	CPAI-2021-0140			Ruby Server-Side Template Injection
Critical	11 Apr 2021	27 Jun 2024	CPAI-2021-0211		CVE-2020-11991 CVE-2020-24589 CVE-2021-23792 CVE-2021-26703 CVE-2021-37425 CVE-2021-43142 CVE-2022-24449 CVE-2022-38389 CVE-2022-39135 CVE-2022-43941 CVE-2022-47514 CVE-2023-23595 CVE-2023-46265 CVE-2024-34102	XML External Entity Over HTTP Request (CVE-2020-11991; CVE-2020-24589; CVE-2021-23792; CVE-2021-26703; CVE-2021-37425; CVE-2021-43142; CVE-2022-24449; CVE-2022-38389; CVE-2022-39135; CVE-2022-43941; CVE-2022-47514; CVE-2023-23595; CVE-2023-46265; CVE-2024-34102)
High	9 Sep 2021	26 Jun 2024	CPAI-2021-0554		CVE-2021-40444	Microsoft Internet Explorer MSHTML Remote Code Execution (CVE-2021-40444)
Critical	21 Dec 2021	25 Jun 2024	CPAI-2021-0935		CVE-2021-41081	Zoho ManageEngine Network Configuration Manager SQL Injection (CVE-2021-41081)
High	8 Dec 2021	25 Jun 2024	CPAI-2021-0931		CVE-2021-43798	Grafana Directory Traversal (CVE-2021-43798)
Critical	14 Jul 2021	25 Jun 2024	CPAI-2021-0476	Microsoft CVE-2021-34473	CVE-2021-34473 CVE-2021-34523 CVE-2022-41082	Microsoft Exchange Server Remote Code Execution (CVE-2021-34473; CVE-2021-34523; CVE-2022-41082)
High	11 Aug 2021	24 Jun 2024	CPAI-2021-0499		CVE-2021-32932	Advantech iView deleteZtpConfig SQL Injection (CVE-2021-32932)
Critical	23 Aug 2021	24 Jun 2024	CPAI-2021-0497		CVE-2021-20090 CVE-2021-20091 CVE-2021-20092	Buffalo Routers Directory Traversal (CVE-2021-20090; CVE-2021-20091; CVE-2021-20092)
High	30 Jun 2021	24 Jun 2024	CPAI-2021-0456		CVE-2021-3277	Nagios XI Manage.php Directory Traversal (CVE-2021-3277)
High	1 Jun 2021	24 Jun 2024	CPAI-2021-0326		CVE-2021-30638	Apache Tapestry Information Disclosure (CVE-2021-30638)
High	1 Jun 2021	24 Jun 2024	CPAI-2021-0325		CVE-2021-29447	WordPress Core External Entity Injection (CVE-2021-29447)
High	26 Sep 2021	23 Jun 2024	CPAI-2021-0725		CVE-2021-22656	Advantech iView CommandServlet Directory Traversal (CVE-2021-22656)
Critical	25 Apr 2021	23 Jun 2024	CPAI-2021-0253		CVE-2021-25281 CVE-2021-25282	SaltStack Salt Directory Traversal (CVE-2021-25281; CVE-2021-25282)
Critical	12 May 2021	23 Jun 2024	CPAI-2021-0245		CVE-2021-26295	Apache OFBiz Insecure Deserialization (CVE-2021-26295)
High	18 Feb 2021	23 Jun 2024	CPAI-2021-0085		CVE-2021-25296 CVE-2021-25297 CVE-2021-25298 CVE-2021-25299	Nagios XI Remote Code Execution (CVE-2021-25296; CVE-2021-25297; CVE-2021-25298; CVE-2021-25299)
High	29 Dec 2021	20 Jun 2024	CPAI-2021-1009		CVE-2021-38391	Delta Electronics DIAEnergie SQL Injection (CVE-2021-38391)
High	22 Dec 2021	20 Jun 2024	CPAI-2021-0930		CVE-2021-39226	Grafana Snapshot Feature Information Disclosure (CVE-2021-39226)
Critical	7 Dec 2021	20 Jun 2024	CPAI-2021-0920		CVE-2021-44077	Zoho ManageEngine ServiceDesk Plus Remote Code Execution (CVE-2021-44077)
Critical	25 Nov 2021	20 Jun 2024	CPAI-2021-0892		CVE-2021-42258	BQE BillQuick Web Suite SQL Injection (CVE-2021-42258)
Critical	22 Mar 2021	19 Jun 2024	CPAI-2021-0198		CVE-2021-22986 CVE-2021-22987 CVE-2022-1388	F5 BIG-IP Remote Code Execution (CVE-2021-22986; CVE-2021-22987; CVE-2022-1388)
Critical	12 May 2021	27 May 2024	CPAI-2021-0285		CVE-2021-25812 CVE-2021-30228 CVE-2021-30229 CVE-2021-30230 CVE-2021-30231 CVE-2021-30232 CVE-2021-30233 CVE-2021-30234 CVE-2021-33962 CVE-2021-33963 CVE-2021-33964 CVE-2021-33965	China Mobile An Lianbao WF-1 Command Injection (CVE-2021-25812; CVE-2021-30228; CVE-2021-30229; CVE-2021-30230; CVE-2021-30231; CVE-2021-30232; CVE-2021-30233; CVE-2021-30234; CVE-2021-33962; CVE-2021-33963; CVE-2021-33964; CVE-2021-33965)
High	17 Jan 2021	27 May 2024	CPAI-2020-3204		CVE-2020-17518 CVE-2020-17519	Apache Flink Directory Traversal (CVE-2020-17518; CVE-2020-17519)
Critical	28 Nov 2021	20 May 2024	CPAI-2020-3442		CVE-2020-10148	SolarWinds Orion Platform Authentication Bypass (CVE-2020-10148)
High	7 Mar 2021	10 Apr 2024	CPAI-2020-3277		CVE-2020-24841 CVE-2023-1934	SDG PNPSCADA SQL Injection (CVE-2020-24841; CVE-2023-1934)
High	9 Sep 2021	7 Apr 2024	CPAI-2021-0518		CVE-2021-31630	OpenPLC WebServer Remote Code Execution (CVE-2021-31630)
Critical	28 Nov 2021	24 Mar 2024	CPAI-2018-1796		CVE-2018-1000533	GitList Command Injection (CVE-2018-1000533)
High	9 Mar 2021	21 Mar 2024	CPAI-2021-0108	Microsoft CVE-2021-26411	CVE-2021-26411	Microsoft Internet Explorer Memory Corruption (CVE-2021-26411)
Critical	2 Mar 2021	17 Mar 2024	CPAI-2021-0099	Microsoft CVE-2021-26855	CVE-2021-26855 CVE-2021-27065	Microsoft Exchange Server Remote Code Execution (CVE-2021-26855; CVE-2021-27065)
Critical	20 Mar 2021	14 Mar 2024	CPAI-2020-3293		CVE-2020-6207	SAP Solution Manager Remote Code Execution (CVE-2020-6207)
Critical	14 Nov 2021	7 Mar 2024	CPAI-2021-0879		CVE-2021-40539	Zoho ManageEngine ADSelfService Plus Authentication Bypass (CVE-2021-40539)
Critical	21 Sep 2021	7 Mar 2024	CPAI-2021-0684		CVE-2021-38647	Microsoft Multiple Products Remote Code Execution (CVE-2021-38647)
Critical	29 Sep 2021	6 Mar 2024	CPAI-2021-0689		CVE-2021-36380	Sunhillo SureLine Command Injection (CVE-2021-36380)
Critical	5 May 2021	5 Mar 2024	CPAI-2021-0265		CVE-2021-27905	Apache Solr Server-Side Request Forgery (CVE-2021-27905)
Critical	2 Aug 2021	4 Mar 2024	CPAI-2021-0389		CVE-2021-22911	Rocket.Chat NoSQL injection (CVE-2021-22911)
Critical	2 Aug 2021	29 Feb 2024	CPAI-2021-0425		CVE-2021-30461	VoIPmonitor Remote Code Execution (CVE-2021-30461)
Critical	14 Nov 2021	8 Feb 2024	CPAI-2021-0867		CVE-2021-22205	GitLab Command Injection (CVE-2021-22205)
High	27 May 2021	8 Feb 2024	CPAI-2021-0300		CVE-2021-28149 CVE-2021-28151	Hongdian H8922 Command Injection (CVE-2021-28149; CVE-2021-28151)
High	5 Apr 2021	4 Feb 2024	CPAI-2017-1178		CVE-2017-1000170	jQuery File Tree Directory Traversal (CVE-2017-1000170)
Critical	27 Sep 2021	1 Feb 2024	CPAI-2021-0728		CVE-2021-22005	VMWare Multiple Products Arbitrary File Upload (CVE-2021-22005)
Critical	5 Apr 2021	1 Feb 2024	CPAI-2021-0199		CVE-2021-3378	FortiLogger Arbitrary File Upload (CVE-2021-3378)
High	29 Sep 2021	28 Jan 2024	CPAI-2021-0529		CVE-2021-21225	Google Chrome Heap Corruption (CVE-2021-21225)
Critical	28 Dec 2021	25 Jan 2024	CPAI-2021-1005		CVE-2021-37580	Apache ShenYu Admin Authentication Bypass (CVE-2021-37580)
Critical	8 Jun 2021	22 Jan 2024	CPAI-2021-0376		CVE-2021-21985	VMware vCenter Server Remote Code Execution (CVE-2021-21985)
Critical	31 Aug 2021	8 Jan 2024	CPAI-2021-0537		CVE-2021-35394	Realtek Jungle SDK Command Injection (CVE-2021-35394)
High	20 Mar 2021	21 Dec 2023	CPAI-2021-0013		CVE-2022-35870	Java Deserialization Suspicious Traffic (CVE-2022-35870)
Critical	31 Aug 2021	17 Dec 2023	CPAI-2021-0538		CVE-2021-35392 CVE-2021-35393 CVE-2021-35395	Realtek Jungle SDK Buffer Overflow (CVE-2021-35392; CVE-2021-35393; CVE-2021-35395)
High	11 May 2021	30 Nov 2023	CPAI-2021-0278		CVE-2021-28550	Adobe Acrobat Use After Free (CVE-2021-28550)
High	9 Feb 2021	26 Nov 2023	CPAI-2021-0066	Adobe APSB21-09	CVE-2021-21017	Adobe Acrobat Reader Buffer Overflow (CVE-2021-21017)