Home / 2021 Advisories Archive

2021 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
High	14 Sep 2021	28 Jan 2025	CPAI-2021-0545	Microsoft CVE-2021-36963	CVE-2021-36963	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-36963)
High	12 Aug 2021	28 Jan 2025	CPAI-2021-0508	Microsoft CVE-2021-36948	CVE-2021-36948	Microsoft Windows Update Medic Service Privilege Escalation (CVE-2021-36948)
High	13 Jul 2021	28 Jan 2025	CPAI-2021-0450	Microsoft CVE-2021-34449	CVE-2021-34449	Microsoft Win32k Elevation of Privilege (CVE-2021-34449)
High	13 Jul 2021	28 Jan 2025	CPAI-2021-0449	Microsoft CVE-2021-33771	CVE-2021-33771	Microsoft Windows Kernel Elevation of Privilege (CVE-2021-33771)
High	8 Jun 2021	28 Jan 2025	CPAI-2021-0318	Microsoft CVE-2021-31956	CVE-2021-31956	Microsoft Windows NTFS Elevation of Privilege (CVE-2021-31956)
High	8 Jun 2021	28 Jan 2025	CPAI-2021-0315	Microsoft CVE-2021-31954	CVE-2021-31954	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-31954)
High	13 Apr 2021	28 Jan 2025	CPAI-2021-0223	Microsoft CVE-2021-28310	CVE-2021-28310	Microsoft Win32k Elevation of Privilege (CVE-2021-28310)
High	10 Feb 2021	28 Jan 2025	CPAI-2021-0077	Adobe APSB21-09	CVE-2021-21057	Adobe Acrobat and Reader NULL Pointer Dereference (APSB21-09: CVE-2021-21057)
High	10 Feb 2021	28 Jan 2025	CPAI-2021-0072	Adobe APSB21-09	CVE-2021-21060	Adobe Acrobat and Reader Improper Input Validation (APSB21-09: CVE-2021-21060)
Medium	7 Feb 2021	28 Jan 2025	CPAI-2019-2437		CVE-2019-1086	Microsoft Windows Audio Service Privilege Escalation (CVE-2019-1086)
High	9 Feb 2021	28 Jan 2025	CPAI-2021-0056	Adobe APSB21-09	CVE-2021-21045	Adobe Acrobat and Reader Improper Access Control (APSB21-09: CVE-2021-21045)
High	9 Feb 2021	28 Jan 2025	CPAI-2021-0053	Adobe APSB21-09	CVE-2021-21038	Adobe Acrobat and Reader Out-of-bounds Write (APSB21-09: CVE-2021-21038)
High	9 Feb 2021	28 Jan 2025	CPAI-2021-0032	Microsoft CVE-2021-1732	CVE-2021-1732	Microsoft Win32k Elevation of Privilege (CVE-2021-1732)
High	9 Feb 2021	28 Jan 2025	CPAI-2021-0028	Microsoft CVE-2021-1698	CVE-2021-1698	Microsoft Windows Win32k Elevation of Privilege (CVE-2021-1698)
Critical	12 Jan 2021	28 Jan 2025	CPAI-2021-0001	Microsoft CVE-2021-1647	CVE-2021-1647	Microsoft Defender Remote Code Execution (CVE-2021-1647)
Critical	16 Nov 2021	5 Jan 2025	CPAI-2020-3435		CVE-2020-8644	PlaySMS Command Injection (CVE-2020-8644)
Critical	30 Dec 2021	1 Jan 2025	CPAI-2021-0951		CVE-2021-40870	Aviatrix Controller Directory Traversal (CVE-2021-40870)
High	8 Dec 2021	1 Jan 2025	CPAI-2021-0931		CVE-2021-43798	Grafana Directory Traversal (CVE-2021-43798)
High	24 Sep 2021	1 Jan 2025	CPAI-2021-0709		CVE-2021-33544 CVE-2021-33548 CVE-2021-33550 CVE-2021-33551 CVE-2021-33552 CVE-2021-33553 CVE-2021-33554	UDP Technology IP Camera Command Injection (CVE-2021-33544; CVE-2021-33548; CVE-2021-33550; CVE-2021-33551; CVE-2021-33552; CVE-2021-33553; CVE-2021-33554)
Critical	29 Sep 2021	1 Jan 2025	CPAI-2021-0689		CVE-2021-36380	Sunhillo SureLine Command Injection (CVE-2021-36380)
Critical	31 Aug 2021	1 Jan 2025	CPAI-2021-0538		CVE-2021-35392 CVE-2021-35393 CVE-2021-35395	Realtek Jungle SDK Buffer Overflow (CVE-2021-35392; CVE-2021-35393; CVE-2021-35395)
Critical	31 Aug 2021	1 Jan 2025	CPAI-2021-0531		CVE-2021-32305	WebSVN Remote Code Execution (CVE-2021-32305)
High	20 Jun 2021	1 Jan 2025	CPAI-2021-0418		CVE-2021-1499	Cisco HyperFlex HX Directory Traversal (CVE-2021-1499)
Critical	22 Mar 2021	1 Jan 2025	CPAI-2021-0198		CVE-2021-22986 CVE-2021-22987 CVE-2022-1388	F5 BIG-IP Remote Code Execution (CVE-2021-22986; CVE-2021-22987; CVE-2022-1388)
High	26 Jul 2021	31 Dec 2024	CPAI-2021-0485		CVE-2021-33742	Microsoft Internet Explorer Out-of-Bounds Write (CVE-2021-33742)
High	22 Dec 2021	23 Dec 2024	CPAI-2021-0902		CVE-2021-33000	Advantech WebAccess HMI Designer Buffer Overflow (CVE-2021-33000)
Critical	15 Jul 2021	19 Dec 2024	CPAI-2021-0461		CVE-2021-35464	ForgeRock OpenAM Remote Code Execution (CVE-2021-35464)
High	30 Dec 2021	18 Dec 2024	CPAI-2021-0963		CVE-2021-32789	WordPress WooCommerce Gutenberg Blocks Plugin SQL Injection (CVE-2021-32789)
Critical	22 Dec 2021	18 Dec 2024	CPAI-2020-3449		CVE-2020-10546 CVE-2020-10547 CVE-2020-10548 CVE-2020-10549	rConfig SQL Injection (CVE-2020-10546; CVE-2020-10547; CVE-2020-10548; CVE-2020-10549)
Critical	6 Oct 2021	18 Dec 2024	CPAI-2021-0749		CVE-2021-41773 CVE-2021-42013	Apache HTTP Server Directory Traversal (CVE-2021-41773; CVE-2021-42013)
High	16 Dec 2021	5 Dec 2024	CPAI-2021-0900		CVE-2021-31207	Microsoft Exchange Server Security Feature Authentication Bypass (CVE-2021-31207)
Critical	14 Nov 2021	5 Dec 2024	CPAI-2021-0879		CVE-2021-40539	Zoho ManageEngine ADSelfService Plus Authentication Bypass (CVE-2021-40539)
High	19 Jan 2021	5 Dec 2024	CPAI-2020-3217		CVE-2020-16245	Advantech iView exportTaskMgrReport Directory Traversal (CVE-2020-16245)
Critical	5 Dec 2021	27 Nov 2024	CPAI-2021-0240		CVE-2018-19907 CVE-2019-19999 CVE-2021-25770 CVE-2021-35450 CVE-2021-43097 CVE-2021-46063 CVE-2022-24881 CVE-2022-4282 CVE-2022-4300 CVE-2023-41544 CVE-2023-45303 CVE-2024-24230 CVE-2024-28713	Java Server-Side Template Injection (CVE-2018-19907; CVE-2019-19999; CVE-2021-25770; CVE-2021-35450; CVE-2021-43097; CVE-2021-46063; CVE-2022-24881; CVE-2022-4282; CVE-2022-4300; CVE-2023-41544; CVE-2023-45303; CVE-2024-24230; CVE-2024-28713)
Critical	10 Dec 2021	25 Nov 2024	CPAI-2021-0936		CVE-2021-44228 CVE-2021-45046	Apache Log4j Remote Code Execution (CVE-2021-44228; CVE-2021-45046)
Critical	20 Mar 2021	21 Nov 2024	CPAI-2020-3293		CVE-2020-6207	SAP Solution Manager Remote Code Execution (CVE-2020-6207)
High	13 Dec 2021	18 Nov 2024	CPAI-2021-0912		CVE-2021-22204	ExifTool Remote Code Execution (CVE-2021-22204)
Critical	26 Aug 2021	18 Nov 2024	CPAI-2021-0536		CVE-2021-21805	Advantech R-SeeNet ping.php Command Injection (CVE-2021-21805)
Critical	12 May 2021	13 Nov 2024	CPAI-2021-0292	Microsoft CVE-2021-31166	CVE-2021-31166	Microsoft HTTP Protocol Stack Remote Code Execution (CVE-2021-31166)
High	20 Jan 2021	13 Nov 2024	CPAI-2020-1389		CVE-2020-35606 CVE-2022-36446	Webmin Command Injection (CVE-2020-35606; CVE-2022-36446)
Critical	24 Mar 2021	11 Nov 2024	CPAI-2020-3298		CVE-2020-29557	D-Link Dir-825 R1 Buffer Overflow (CVE-2020-29557)
Critical	18 May 2021	10 Nov 2024	CPAI-2021-0289		CVE-2021-31755 CVE-2021-31756 CVE-2021-31757 CVE-2021-31758	Tenda Routers Buffer Overflow (CVE-2021-31755; CVE-2021-31756; CVE-2021-31757; CVE-2021-31758)
Critical	11 Apr 2021	30 Oct 2024	CPAI-2021-0211		CVE-2020-11991 CVE-2020-24589 CVE-2021-23792 CVE-2021-26703 CVE-2021-37425 CVE-2021-43142 CVE-2022-24449 CVE-2022-38389 CVE-2022-39135 CVE-2022-43941 CVE-2022-47514 CVE-2023-23595 CVE-2023-46265 CVE-2024-34102	XML External Entity Over HTTP Request (CVE-2020-11991; CVE-2020-24589; CVE-2021-23792; CVE-2021-26703; CVE-2021-37425; CVE-2021-43142; CVE-2022-24449; CVE-2022-38389; CVE-2022-39135; CVE-2022-43941; CVE-2022-47514; CVE-2023-23595; CVE-2023-46265; CVE-2024-34102)
Critical	24 Jun 2021	7 Oct 2024	CPAI-2021-0286			PHP Webshell Upload Over HTTP
Critical	16 Dec 2021	12 Sep 2024	CPAI-2020-3438		CVE-2021-33816	Dolibarr ERP CRM Remote Code Execution (CVE-2021-33816)
Critical	21 Sep 2021	9 Sep 2024	CPAI-2021-0684		CVE-2021-38647	Microsoft Multiple Products Remote Code Execution (CVE-2021-38647)
High	7 Nov 2021	4 Sep 2024	CPAI-2021-0828		CVE-2021-20124	Draytek VigorConnect Directory Traversal (CVE-2021-20124)
High	11 Nov 2021	4 Sep 2024	CPAI-2021-0808		CVE-2021-20123	Draytek VigorConnect Directory Traversal (CVE-2021-20123)
Critical	2 May 2021	8 Aug 2024	CPAI-2020-3337		CVE-2020-29047	WordPress Hotel Booking Plugin PHP Object Injection (CVE-2020-29047)
Critical	18 Apr 2021	3 Jul 2024	CPAI-2021-0140			Ruby Server-Side Template Injection