Home / 2021 Advisories Archive

2021 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	28 Mar 2021	28 Mar 2021	CPAI-2019-2450		CVE-2019-7257	Linear eMerge Arbitrary File Upload (CVE-2019-7257)
High	28 Mar 2021	28 Mar 2021	CPAI-2021-0208			Tiki Wiki CMS Groupware Authentication Bypass
High	28 Mar 2021	28 Mar 2021	CPAI-2021-0207			EFS Easy Chat Server Information Disclosure
High	28 Mar 2021	28 Mar 2021	CPAI-2021-0206			Apache Tomcat mod_jk Buffer Overflow
High	28 Mar 2021	28 Mar 2021	CPAI-2021-0205			Sapido RB-1732 Routers Remote Code Execution
Critical	28 Mar 2021	28 Mar 2021	CPAI-2017-1179		CVE-2017-11435	Humax HG100R Routers Authentication Bypass (CVE-2017-11435)
High	28 Mar 2021	28 Mar 2021	CPAI-2015-1462		CVE-2015-4027	Acunetix Web Scanner Privilege Escalation (CVE-2015-4027)
Critical	28 Mar 2021	28 Mar 2021	CPAI-2019-2449		CVE-2019-16894	inoERP download.php Insecure Deserialization (CVE-2019-16894)
High	28 Mar 2021	28 Mar 2021	CPAI-2020-3307		CVE-2020-8495	Kronos Web Time And Attendance Privilege Escalation (CVE-2020-8495)
High	28 Mar 2021	28 Mar 2021	CPAI-2020-3304		CVE-2020-35223	Netgear ProSAFE Cross-Site Request Forgery (CVE-2020-35223)
High	28 Mar 2021	28 Mar 2021	CPAI-2020-3303		CVE-2020-35230	Netgear ProSAFE Integer Overflow (CVE-2020-35230)
High	28 Mar 2021	28 Mar 2021	CPAI-2020-3302		CVE-2020-35227	Netgear ProSAFE Buffer Overflow (CVE-2020-35227)
High	28 Mar 2021	28 Mar 2021	CPAI-2020-3301		CVE-2020-35228	Netgear ProSAFE Cross-Site Scripting (CVE-2020-35228)
High	28 Mar 2021	28 Mar 2021	CPAI-2020-3300		CVE-2020-26919	Netgear ProSAFE Remote Code Execution (CVE-2020-26919)
Critical	28 Mar 2021	28 Mar 2021	CPAI-2021-0155		CVE-2021-25830 CVE-2021-25831 CVE-2021-25833	ONLYOFFICE DocumentServer Remote Code Execution (CVE-2021-25831; CVE-2021-25830; CVE-2021-25833)
High	24 Feb 2021	28 Mar 2021	CPAI-2021-0091		CVE-2020-19165 CVE-2020-24219 CVE-2020-28477 CVE-2021-26747 CVE-2021-27328	Arbitrary Command Injection Over HTTP Traffic (CVE-2020-19165; CVE-2020-24219; CVE-2020-28477; CVE-2021-26747; CVE-2021-27328)
High	28 Mar 2021	28 Mar 2021	CPAI-2021-0037			RMI And Oracle WebLogic T3 Protocol Insecure Deserialization
High	24 Mar 2021	24 Mar 2021	CPAI-2021-0196		CVE-2021-3342	EPrints Arbitrary File Read (CVE-2021-3342)
Critical	24 Mar 2021	24 Mar 2021	CPAI-2021-0159			EPrints Scholix Remote Code Execution
Critical	24 Mar 2021	24 Mar 2021	CPAI-2021-0156		CVE-2021-26918	Probot Bot Type Confusion (CVE-2021-26918)
High	24 Mar 2021	24 Mar 2021	CPAI-2021-0154		CVE-2021-26704	EPrints Command Injection (CVE-2021-26704)
Critical	24 Mar 2021	24 Mar 2021	CPAI-2021-0151		CVE-2021-27964	SonLogger Arbitrary File Upload (CVE-2021-27964)
High	20 Mar 2021	20 Mar 2021	CPAI-2020-3294		CVE-2020-29134	TOTVS Fluig Platform Directory Traversal (CVE-2020-29134)
High	14 Mar 2021	20 Mar 2021	CPAI-2021-0146		CVE-2021-22992	F5 BIG-IP Buffer Overflow (CVE-2021-22992)
Critical	17 Mar 2021	17 Mar 2021	CPAI-2021-0143		CVE-2021-26476	EPrints Command Injection (CVE-2021-26476)
Critical	16 Mar 2021	16 Mar 2021	CPAI-2021-0136		CVE-2021-27314 CVE-2021-27315 CVE-2021-27316	Doctor Appointment System SQL Injection (CVE-2021-27314; CVE-2021-27315; CVE-2021-27316)
High	16 Mar 2021	16 Mar 2021	CPAI-2021-0131			Tiki Wiki CMS GroupWare Remote Code Execution
Critical	16 Mar 2021	16 Mar 2021	CPAI-2021-0130		CVE-2021-25779	Baby Care System SQL Injection (CVE-2021-25779)
High	16 Mar 2021	16 Mar 2021	CPAI-2021-0119			Apache Flink Remote Code Execution
Critical	16 Mar 2021	16 Mar 2021	CPAI-2021-0118		CVE-2021-26809	PHPGurukul Car Rental Arbitrary File Upload (CVE-2021-26809)
Medium	16 Mar 2021	16 Mar 2021	CPAI-2021-0117		CVE-2021-27403	Asus Askey Routers Cross-Site Scripting (CVE-2021-27403)
Medium	16 Mar 2021	16 Mar 2021	CPAI-2021-0115		CVE-2021-27370	Monicahq Monica Stored Cross-Site Scripting (CVE-2021-27370)
High	15 Mar 2021	15 Mar 2021	CPAI-2020-3296		CVE-2020-27989	Nagios XI Dashboard Tools Cross-Site Scripting (CVE-2020-27989)
Critical	15 Mar 2021	15 Mar 2021	CPAI-2015-1459		CVE-2015-8789	libEBML Use After Free (CVE-2015-8789)
High	15 Mar 2021	15 Mar 2021	CPAI-2020-3295		CVE-2020-13947	Apache ActiveMQ message.jsp Cross-Site Scripting (CVE-2020-13947)
High	15 Mar 2021	15 Mar 2021	CPAI-2015-1458		CVE-2015-2504	Microsoft .NET Framework Privilege Escalation (CVE-2015-2504)
Critical	14 Mar 2021	14 Mar 2021	CPAI-2021-0144			Web Servers Malicious Encoding Path Traversal
Critical	14 Mar 2021	14 Mar 2021	CPAI-2021-0132			SQL Servers Blind SQL Injection Techniques
Critical	14 Mar 2021	14 Mar 2021	CPAI-2020-3282		CVE-2020-25216	yWorks yEd Desktop Remote Code Execution (CVE-2020-25216)
Critical	23 Feb 2021	14 Mar 2021	CPAI-2021-0048			Suspicious Exploitation Tools Payload
High	10 Mar 2021	10 Mar 2021	CPAI-2020-3281		CVE-2020-35339	74CMS Remote Code Execution (CVE-2020-35339)
High	10 Mar 2021	10 Mar 2021	CPAI-2021-0096		CVE-2021-26822	Teachers Record Management System SQL Injection (CVE-2021-26822)
High	10 Mar 2021	10 Mar 2021	CPAI-2020-3274		CVE-2020-10209	Amino Communications Command Injection (CVE-2020-10209)
High	22 Feb 2021	10 Mar 2021	CPAI-2021-0086		CVE-2021-26201	CASAP Automated Enrollment System Authentication Bypass (CVE-2021-26201)
High	9 Mar 2021	9 Mar 2021	CPAI-2021-0133	Microsoft CVE-2021-27076	CVE-2021-27076	Microsoft SharePoint Server Remote Code Execution (CVE-2021-27076)
High	9 Mar 2021	9 Mar 2021	CPAI-2021-0113	Microsoft CVE-2021-26863	CVE-2021-26863	Microsoft Win32k Elevation of Privilege (CVE-2021-26863)
Critical	9 Mar 2021	9 Mar 2021	CPAI-2021-0104	Microsoft CVE-2021-26897	CVE-2021-26897	Microsoft Windows DNS Server Remote Code Execution (CVE-2021-26897)
High	9 Mar 2021	9 Mar 2021	CPAI-2021-0103	Microsoft CVE-2021-26877	CVE-2021-26877	Microsoft Windows DNS Server Remote Code Execution (CVE-2021-26877)
High	9 Mar 2021	9 Mar 2021	CPAI-2021-0097	Microsoft CVE-2021-26868	CVE-2021-26868	Microsoft Windows Graphics Component Elevation of Privilege (CVE-2021-26868)
Critical	8 Mar 2021	8 Mar 2021	CPAI-2019-2439		CVE-2019-25024	OpenRepeater Command Injection (CVE-2019-25024)