Home / 2021 Advisories Archive

2021 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	29 Nov 2021	29 Nov 2021	CPAI-2020-3434		CVE-2020-21250	CSZ CMS SQL Injection (CVE-2020-21250)
High	28 Nov 2021	28 Nov 2021	CPAI-2018-1795		CVE-2018-1000116	NET-SNMP Memory Corruption (CVE-2018-1000116)
High	28 Nov 2021	28 Nov 2021	CPAI-2018-1793		CVE-2018-20434	LibreNMS addhost Command Injection (CVE-2018-20434)
High	28 Nov 2021	28 Nov 2021	CPAI-2016-1168		CVE-2016-6909	Fortinet FortiOS Remote Code Execution (CVE-2016-6909)
Critical	28 Nov 2021	28 Nov 2021	CPAI-2021-0890		CVE-2021-3958	IPack SCADA Automation Software SQL Injection (CVE-2021-3958)
Critical	28 Nov 2021	28 Nov 2021	CPAI-2021-0888		CVE-2021-42077	PHP Event Calendar SQL Injection (CVE-2021-42077)
Critical	28 Nov 2021	28 Nov 2021	CPAI-2021-0886		CVE-2021-26740	Millken Doyocms Arbitrary File Upload (CVE-2021-26740)
Critical	28 Nov 2021	28 Nov 2021	CPAI-2021-0885		CVE-2021-26739	Millken Doyocms SQL Injection (CVE-2021-26739)
High	28 Nov 2021	28 Nov 2021	CPAI-2020-3437		CVE-2020-9273	Proftpd Project Remote Code Execution (CVE-2020-9273)
Critical	28 Nov 2021	28 Nov 2021	CPAI-2021-0870		CVE-2021-40371	Gridpro Request Management Remote Code Execution (CVE-2021-40371)
Critical	28 Nov 2021	28 Nov 2021	CPAI-2020-3424		CVE-2020-21652	Myucms Remote Code Execution (CVE-2020-21652)
Critical	28 Nov 2021	28 Nov 2021	CPAI-2021-0869		CVE-2021-40889	CMSUno Remote Code Execution (CVE-2021-40889)
Critical	28 Nov 2021	28 Nov 2021	CPAI-2021-0855		CVE-2021-24499	WordPress Workreap Theme Remote Code Execution (CVE-2021-24499)
Critical	24 Nov 2021	24 Nov 2021	CPAI-2021-0884		CVE-2021-24731	WordPress Pie Register Plugin SQL Injection (CVE-2021-24731)
Critical	24 Nov 2021	24 Nov 2021	CPAI-2021-0883		CVE-2021-24827	WordPress Asgaros Forum Plugin SQL Injection (CVE-2021-24827)
Critical	17 Nov 2021	24 Nov 2021	CPAI-2020-3426		CVE-2020-25367 CVE-2020-25368	D-Link DIR-823G Command Injection (CVE-2020-25367; CVE-2020-25368)
Critical	24 Nov 2021	24 Nov 2021	CPAI-2020-3422		CVE-2020-21725 CVE-2020-21726	OpenSNS SQL Injection (CVE-2020-21725; CVE-2020-21726)
Critical	17 Nov 2021	24 Nov 2021	CPAI-2021-0863		CVE-2021-40543 CVE-2021-40618	OpenSIS SQL Injection (CVE-2021-40618; CVE-2021-40543)
Critical	24 Nov 2021	24 Nov 2021	CPAI-2019-2511		CVE-2019-6288	Edgecore ECS2020 Command Injection (CVE-2019-6288)
Critical	24 Nov 2021	24 Nov 2021	CPAI-2020-3406		CVE-2020-21322	Feehi CMS Remote Code Execution (CVE-2020-21322)
High	23 Nov 2021	23 Nov 2021	CPAI-2021-0906		CVE-2021-42321	Microsoft Exchange Server Remote Code Execution (CVE-2021-42321)
High	21 Nov 2021	21 Nov 2021	CPAI-2021-0898			FatPipe Remote Code Execution
Critical	17 Nov 2021	17 Nov 2021	CPAI-2020-3428		CVE-2020-22223 CVE-2020-22225 CVE-2020-22226	Stivasoft Fundraising Script SQL Injection (CVE-2020-22223; CVE-2020-22225; CVE-2020-22226)
Critical	17 Nov 2021	17 Nov 2021	CPAI-2021-0874		CVE-2021-42325	Froxlor SQL Injection (CVE-2021-42325)
Critical	17 Nov 2021	17 Nov 2021	CPAI-2021-0872		CVE-2021-41674	Sourcecodester E-Negosyo System SQL Injection (CVE-2021-41674)
High	17 Nov 2021	17 Nov 2021	CPAI-2021-0866		CVE-2021-20126	Draytek VigorConnect Cross-Site Request Forgery (CVE-2021-20126)
Critical	17 Nov 2021	17 Nov 2021	CPAI-2021-0865		CVE-2021-35296	PTCL Modem HG150-Ub Authentication Bypass (CVE-2021-35296)
Critical	17 Nov 2021	17 Nov 2021	CPAI-2020-3418		CVE-2020-21127	Metinfo SQL Injection (CVE-2020-21127)
Critical	17 Nov 2021	17 Nov 2021	CPAI-2021-0850		CVE-2021-20125	Draytek VigorConnect Arbitrary File Upload (CVE-2021-20125)
Critical	16 Nov 2021	16 Nov 2021	CPAI-2020-3435		CVE-2020-8644	PlaySMS index.php Remote Code Execution (CVE-2020-8644)
Critical	16 Nov 2021	16 Nov 2021	CPAI-2020-3433		CVE-2020-12271	Sophos XG Firewall SQL Injection (CVE-2020-12271)
Critical	16 Nov 2021	16 Nov 2021	CPAI-2020-3432		CVE-2020-10181	Sumavision Enhanced Multimedia Router Cross Site Request Forgery (CVE-2020-10181)
Critical	15 Nov 2021	15 Nov 2021	CPAI-2020-3421		CVE-2020-20122	Wuzhi CMS SQL Injection (CVE-2020-20122)
Critical	15 Nov 2021	15 Nov 2021	CPAI-2021-0857		CVE-2021-40887	Projectsend Directory Traversal (CVE-2021-40887)
Critical	14 Nov 2021	14 Nov 2021	CPAI-2021-0851		CVE-2021-35327	TOTOLINK Technology Router Authentication Bypass (CVE-2021-35327)
Critical	14 Nov 2021	14 Nov 2021	CPAI-2020-3417		CVE-2020-22724	Mercury Router Command Injection (CVE-2020-22724)
High	14 Nov 2021	14 Nov 2021	CPAI-2020-3387		CVE-2020-11996	Apache Tomcat Denial of Service (CVE-2020-11996)
Critical	11 Nov 2021	11 Nov 2021	CPAI-2021-0774		CVE-2021-40674	Wuzhi CMS SQL Injection (CVE-2021-40674)
Critical	9 Nov 2021	9 Nov 2021	CPAI-2021-0853	Microsoft CVE-2021-38666	CVE-2021-38666	Microsoft Remote Desktop Client Remote Code Execution (CVE-2021-38666)
High	9 Nov 2021	9 Nov 2021	CPAI-2021-0803	Microsoft CVE-2021-42292	CVE-2021-42292	Microsoft Excel Security Feature Bypass (CVE-2021-42292)
Critical	9 Nov 2021	9 Nov 2021	CPAI-2021-0802	Microsoft CVE-2021-42298	CVE-2021-42298	Microsoft Defender Remote Code Execution (CVE-2021-42298)
High	8 Nov 2021	8 Nov 2021	CPAI-2021-0761			Filerun Cross Site Scripting
High	7 Nov 2021	7 Nov 2021	CPAI-2021-0809		CVE-2021-39608	FlatCore CMS Remote Code Execution (CVE-2021-39608)
Critical	7 Nov 2021	7 Nov 2021	CPAI-2021-0807		CVE-2021-26794	FrogCMS SentCMS Remote Code Execution (CVE-2021-26794)
High	7 Nov 2021	7 Nov 2021	CPAI-2021-0805		CVE-2021-20122	Telus Wi-Fi Hub Command Injection (CVE-2021-20122)
High	31 Oct 2021	31 Oct 2021	CPAI-2020-3405		CVE-2020-35948	WordPress XCloner Backup Plugin Remote Code Execution (CVE-2020-35948)
High	20 Oct 2021	20 Oct 2021	CPAI-2021-0758		CVE-2021-35062	DRK Odenwaldkreis Testerfassung Command Injection (CVE-2021-35062)
High	20 Oct 2021	20 Oct 2021	CPAI-2021-0746			Projectsend Cross Site Scripting
Critical	20 Oct 2021	20 Oct 2021	CPAI-2021-0745		CVE-2021-38727	FUEL CMS SQL Injection (CVE-2021-38727)
High	20 Oct 2021	20 Oct 2021	CPAI-2021-0743		CVE-2021-41383	Netgear R6020 Command Injection (CVE-2021-41383)