Home / 2021 Advisories Archive

2021 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
High	24 Sep 2021	24 Sep 2021	CPAI-2021-0717			Apple MacOS Finder Remote Code Execution
High	22 Sep 2021	22 Sep 2021	CPAI-2021-0680		CVE-2021-38145	Form Tools SQL Injection (CVE-2021-38145)
High	22 Sep 2021	22 Sep 2021	CPAI-2021-0679		CVE-2021-36622	Sourcecodester Online Covid Vaccination Scheduler Arbitrary File Upload (CVE-2021-36622)
High	22 Sep 2021	22 Sep 2021	CPAI-2020-3391		CVE-2020-36287	Atlassian Jira Gadgets Plugin Authentication Bypass (CVE-2020-36287)
Critical	22 Sep 2021	22 Sep 2021	CPAI-2018-1755		CVE-2018-12426	WordPress Live Chat Support Pro Plugin Remote Code Execution (CVE-2018-12426)
High	19 Sep 2021	19 Sep 2021	CPAI-2021-0686	Microsoft CVE-2021-36955	CVE-2021-36955	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-36955)
High	19 Sep 2021	19 Sep 2021	CPAI-2021-0685		CVE-2021-30632	Google Chrome V8 Out-of-Bounds Write (CVE-2021-30632)
High	20 Jun 2021	19 Sep 2021	CPAI-2020-3356		CVE-2020-15153 CVE-2020-35545	Unauthorized SQL Commands Over HTTP (CVE-2020-15153; CVE-2020-35545)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0592	Microsoft CVE-2021-38639	CVE-2021-38639	Microsoft Win32k Elevation of Privilege (CVE-2021-38639)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0587		CVE-2021-39841	Adobe Acrobat and Reader Type Confusion (APSB21-55: CVE-2021-39841)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0583		CVE-2021-39836	Adobe Acrobat and Reader Use After Free (APSB21-55: CVE-2021-39836)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0582		CVE-2021-39842	Adobe Acrobat and Reader Use After Free (APSB21-55: CVE-2021-39842)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0580		CVE-2021-39846	Adobe Acrobat and Reader Stack-based Buffer Overflow (APSB21-55: CVE-2021-39846)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0579		CVE-2021-39838	Adobe Acrobat and Reader Use After Free (APSB21-55: CVE-2021-39838)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0578		CVE-2021-39837	Adobe Acrobat and Reader Use After Free (APSB21-55: CVE-2021-39837)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0577		CVE-2021-39844	Adobe Acrobat and Reader Out-of-bounds Read (APSB21-55: CVE-2021-39844)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0576		CVE-2021-39843	Adobe Acrobat and Reader Out-of-bounds Write (APSB21-55: CVE-2021-39843)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0575		CVE-2021-39845	Adobe Acrobat and Reader Stack-based Buffer Overflow (APSB21-55: CVE-2021-39845)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0574		CVE-2021-39840	Adobe Acrobat and Reader Use After Free (APSB21-55: CVE-2021-39840)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0573		CVE-2021-39839	Adobe Acrobat and Reader Use After Free (APSB21-55: CVE-2021-39839)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0550	Microsoft CVE-2021-36975	CVE-2021-36975	Microsoft Win32k Elevation of Privilege (CVE-2021-36975)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0545	Microsoft CVE-2021-36963	CVE-2021-36963	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-36963)
High	14 Sep 2021	14 Sep 2021	CPAI-2021-0544	Microsoft CVE-2021-38633	CVE-2021-38633	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-38633)
High	26 Aug 2021	12 Sep 2021	CPAI-2020-3393		CVE-2020-27261	Omron CX-One Stack Buffer Overflow (CVE-2020-27261)
High	12 Sep 2021	12 Sep 2021	CPAI-2019-2472		CVE-2019-19996	Intelbras IWR 3000N Denial of Service (CVE-2019-19996)
Critical	9 Sep 2021	9 Sep 2021	CPAI-2020-3392		CVE-2020-18879	Bludit Remote Code Execution (CVE-2020-18879)
High	9 Sep 2021	9 Sep 2021	CPAI-2021-0505		CVE-2021-21804	PHP Information Disclosure Over HTTP (CVE-2021-21804)
High	5 Sep 2021	5 Sep 2021	CPAI-2021-0547		CVE-2021-33766	Microsoft Exchange Information Disclosure (CVE-2021-33766)
Medium	5 Sep 2021	5 Sep 2021	CPAI-2021-0504		CVE-2021-25155	Aruba Instant Access Point Remote Code Execution (CVE-2021-25155)
High	13 Jun 2021	5 Sep 2021	CPAI-2021-0306		CVE-2021-33256	ManageEngine ADSelfService Plus Command Injection (CVE-2021-33256)
High	2 Sep 2021	2 Sep 2021	CPAI-2021-0519			Oracle Fatwire Cross Site Scripting
High	31 Jan 2021	31 Aug 2021	CPAI-2021-0023		CVE-2021-2109	Oracle WebLogic Server Remote Code Execution (CVE-2021-2109)
High	26 Aug 2021	26 Aug 2021	CPAI-2021-0535			Nagios XI Account Email Address Cross-Site Scripting
High	26 Aug 2021	26 Aug 2021	CPAI-2021-0533		CVE-2021-2392	Oracle Fusion Middleware BI Publisher Arbitrary File Upload (CVE-2021-2392)
High	26 Aug 2021	26 Aug 2021	CPAI-2021-0532		CVE-2021-37346	Nagios XI WatchGuard Wizard Command Injection (CVE-2021-37346)
High	26 Aug 2021	26 Aug 2021	CPAI-2020-3385		CVE-2020-3387	Cisco SD-WAN vManage Remote Code Execution (CVE-2020-3387)
High	26 Aug 2021	26 Aug 2021	CPAI-2020-3379		CVE-2020-7383	Rapid7 Nexpose SQL Injection (CVE-2020-7383)
High	18 Apr 2021	26 Aug 2021	CPAI-2020-3317		CVE-2018-17254 CVE-2020-18144 CVE-2020-29283 CVE-2020-29287 CVE-2020-29288 CVE-2020-35430 CVE-2021-24285	UNION Query-based SQL Injection Over HTTP Traffic (CVE-2018-17254; CVE-2020-18144; CVE-2020-29283; CVE-2020-29287; CVE-2020-29288; CVE-2020-35430; CVE-2021-24285)
High	24 Aug 2021	24 Aug 2021	CPAI-2021-0507		CVE-2021-37558	Centreon MediaWiki SQL Injection (CVE-2021-37558)
High	24 Aug 2021	24 Aug 2021	CPAI-2021-0501			WordPress Social Warfare Plugin Remote Code Execution
High	23 Aug 2021	23 Aug 2021	CPAI-2021-0517		CVE-2021-2189	Oracle E-Business Suite Sales Offline Denial of Service (CVE-2021-2189)
Critical	23 Aug 2021	23 Aug 2021	CPAI-2021-0516		CVE-2021-32930	Advantech iView runProViewUpgrade Command Injection (CVE-2021-32930)
High	18 Aug 2021	18 Aug 2021	CPAI-2021-0496		CVE-2021-24145	WordPress Modern Events Calendar Plugin Remote Code Execution (CVE-2021-24145)
High	17 Aug 2021	17 Aug 2021	CPAI-2019-2471		CVE-2019-18370	Xiaomi Mi WiFi R3G Remote Code Execution (CVE-2019-18370)
Medium	17 Aug 2021	17 Aug 2021	CPAI-2020-3384		CVE-2020-25205	Mimosa PTP Devices Stored Cross Site Scripting (CVE-2020-25205)
High	16 Aug 2021	16 Aug 2021	CPAI-2020-3383		CVE-2020-25206	Mimosa Devices Command Injection (CVE-2020-25206)
High	12 Aug 2021	12 Aug 2021	CPAI-2021-0508	Microsoft CVE-2021-36948	CVE-2021-36948	Microsoft Windows Update Medic Service Privilege Escalation (CVE-2021-36948)
High	11 Jul 2021	12 Aug 2021	CPAI-2021-0385			Thecus NAS Server Control Panel Command Injection
High	11 Aug 2021	11 Aug 2021	CPAI-2021-0500			Zoho ManageEngine Applications Manager URL monitor SQL Injection
High	11 Aug 2021	11 Aug 2021	CPAI-2021-0498		CVE-2021-22160	Apache Pulsar JSON Web Token Authentication Bypass (CVE-2021-22160)