Home / 2022 Advisories Archive

2022 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	19 Dec 2022	28 May 2023	CPAI-2022-1066		CVE-2018-7034 CVE-2022-28956	Multiple Routers Authentication Bypass (CVE-2018-7034; CVE-2022-28956)
Critical	2 May 2022	17 May 2023	CPAI-2022-0208		CVE-2022-27115	Studio-42 elFinder Remote Code Execution (CVE-2022-27115)
Critical	2 May 2022	17 May 2023	CPAI-2022-0207		CVE-2022-25075 CVE-2022-38511	TOTOLink A3000R Command Injection (CVE-2022-25075; CVE-2022-38511)
Medium	13 Oct 2022	14 May 2023	CPAI-2022-0645	Adobe APSB22-44	CVE-2022-38421	Adobe ColdFusion Remote Code Execution (APSB22-44: CVE-2022-38421)
Critical	6 Nov 2022	10 May 2023	CPAI-2022-0758		CVE-2022-2486 CVE-2022-2488	Wavlink Routers Command Injection (CVE-2022-2486; CVE-2022-2488)
Medium	9 Jun 2022	7 May 2023	CPAI-2022-0275		CVE-2022-28810	Zoho ManageEngine ADSelfService Plus Command Injection (CVE-2022-28810)
Critical	8 Dec 2022	4 May 2023	CPAI-2022-0985		CVE-2022-37802 CVE-2022-37803 CVE-2022-37804 CVE-2022-37805 CVE-2022-37806 CVE-2022-37807 CVE-2022-37808 CVE-2022-37809 CVE-2022-37811 CVE-2022-37812 CVE-2022-37813 CVE-2022-37814 CVE-2022-37815 CVE-2022-37816	Tenda AC1206 Stack Overflow (CVE-2022-37802; CVE-2022-37803; CVE-2022-37804; CVE-2022-37805; CVE-2022-37806; CVE-2022-37807; CVE-2022-37808; CVE-2022-37809; CVE-2022-37811; CVE-2022-37812; CVE-2022-37813; CVE-2022-37814; CVE-2022-37815; CVE-2022-37816)
Critical	8 Dec 2022	4 May 2023	CPAI-2022-0972		CVE-2022-35519 CVE-2022-35520 CVE-2022-35521 CVE-2022-35522 CVE-2022-35523 CVE-2022-35524 CVE-2022-35525 CVE-2022-35526 CVE-2022-35533 CVE-2022-35534 CVE-2022-35535 CVE-2022-35536 CVE-2022-35537 CVE-2022-35538	WAVLINK Routers Command Injection (CVE-2022-35519; CVE-2022-35520; CVE-2022-35521; CVE-2022-35522; CVE-2022-35523; CVE-2022-35524; CVE-2022-35525; CVE-2022-35526; CVE-2022-35533; CVE-2022-35534; CVE-2022-35535; CVE-2022-35536; CVE-2022-35537; CVE-2022-35538)
High	12 Oct 2022	1 May 2023	CPAI-2018-2125		CVE-2018-12498 CVE-2018-12888	iCMS Article SQL Injection (CVE-2018-12498; CVE-2018-12888)
High	9 Aug 2022	1 May 2023	CPAI-2022-0475		CVE-2022-35755	Microsoft Windows Print Spooler Elevation of Privilege (CVE-2022-35755)
High	9 Aug 2022	1 May 2023	CPAI-2022-0474		CVE-2022-35793	Microsoft Windows Print Spooler Elevation of Privilege (CVE-2022-35793)
High	29 Dec 2022	30 Apr 2023	CPAI-2021-1532		CVE-2021-3156	Sudo Project Buffer Overflow (CVE-2021-3156)
Medium	20 Sep 2022	18 Apr 2023	CPAI-2021-1283		CVE-2021-23124	Joomla! Cross-Site Scripting (CVE-2021-23124)
High	2 Feb 2022	18 Apr 2023	CPAI-2021-1058		CVE-2021-21315	Node.JS System Information Command Injection (CVE-2021-21315)
High	13 Mar 2022	9 Apr 2023	CPAI-2022-0072		CVE-2022-25148	WordPress WP Statistics Plugin SQL Injection (CVE-2022-25148)
Critical	10 Apr 2022	2 Apr 2023	CPAI-2021-1153		CVE-2021-35587	Oracle Access Manager Authentication Bypass (CVE-2021-35587)
High	12 Dec 2022	28 Mar 2023	CPAI-2018-2197		CVE-2018-9250	OpenEMR SQL Injection (CVE-2018-9250)
Critical	11 Dec 2022	27 Mar 2023	CPAI-2022-1013		CVE-2022-28561 CVE-2022-45043 CVE-2022-45977	Tenda AX12 Command Injection (CVE-2022-28561; CVE-2022-45043; CVE-2022-45977)
High	3 Nov 2022	27 Mar 2023	CPAI-2022-0784		CVE-2022-3602 CVE-2022-3786	OpenSSL Buffer Overflow (CVE-2022-3602; CVE-2022-3786)
Critical	21 Sep 2022	23 Mar 2023	CPAI-2022-0605		CVE-2022-34721	Microsoft Windows Internet Key Exchange Remote Code Execution (CVE-2022-34721)
High	20 Jul 2022	23 Mar 2023	CPAI-2022-0357		CVE-2022-27924	Zimbra Collaboration CRLF Injection (CVE-2022-27924)
High	21 Dec 2022	22 Mar 2023	CPAI-2021-1517		CVE-2021-21246	OneDev Platform Authentication Bypass (CVE-2021-21246)
Medium	26 Dec 2022	21 Mar 2023	CPAI-2018-2244		CVE-2018-17128	MyBB Visual Editor Cross-Site Scripting (CVE-2018-17128)
High	8 Nov 2022	16 Mar 2023	CPAI-2017-1533		CVE-2017-7413	Horde Groupware Webmail Command Injection (CVE-2017-7413)
Medium	19 Dec 2022	15 Mar 2023	CPAI-2018-2214		CVE-2018-10095	Dolibarr Cross-Site Scripting (CVE-2018-10095)
High	17 Nov 2022	13 Mar 2023	CPAI-2022-0879			MatrixSSL Verify X.509 Certificate Stack Buffer Overflow
Medium	10 Apr 2022	13 Mar 2023	CPAI-2022-0063		CVE-2022-24682	Zimbra Webmail Cross Site Scripting (CVE-2022-24682)
Critical	4 Jul 2022	9 Mar 2023	CPAI-2022-0359		CVE-2022-28219	Zoho ManageEngine ADAudit Plus Remote Code Execution (CVE-2022-28219)
High	3 Oct 2022	6 Mar 2023	CPAI-2022-0628		CVE-2022-41040 CVE-2022-41082 CVE-2023-21529	Microsoft Exchange Server Remote Code Execution (CVE-2022-41082; CVE-2022-41040; CVE-2023-21529)
Critical	17 May 2022	6 Mar 2023	CPAI-2022-0241	Microsoft CVE-2022-26937	CVE-2022-26937	Microsoft Windows Network File System Remote Code Execution (CVE-2022-26937)
Critical	6 Feb 2022	2 Mar 2023	CPAI-2021-0894		CVE-2021-42237	Sitecore XP Insecure Deserialization (CVE-2021-42237)
High	20 Sep 2022	28 Feb 2023	CPAI-2021-1282		CVE-2021-27084	Microsoft Visual Studio Code Remote Code Execution (CVE-2021-27084)
High	9 Aug 2022	28 Feb 2023	CPAI-2022-0471	Microsoft CVE-2022-34713	CVE-2022-34713	Microsoft Windows Support Diagnostic Tool Directory Traversal (CVE-2022-34713)
Critical	13 Jun 2022	26 Feb 2023	CPAI-2022-0279		CVE-2022-24706	Apache CouchDB Remote Code Execution (CVE-2022-24706)
High	31 Oct 2022	23 Feb 2023	CPAI-2022-0778		CVE-2022-0847	Linux Kernel Privilege Escalation (CVE-2022-0847)
Critical	25 Dec 2022	16 Feb 2023	CPAI-2018-2218		CVE-2018-13353 CVE-2018-13354 CVE-2018-13418	TerraMaster TOS Command Injection (CVE-2018-13353; CVE-2018-13354; CVE-2018-13418)
Critical	31 Oct 2022	16 Feb 2023	CPAI-2022-0739		CVE-2022-24170 CVE-2022-24171 CVE-2022-28572 CVE-2022-34595 CVE-2022-34596 CVE-2022-34597 CVE-2022-46538	Tenda Routers Command Injection (CVE-2022-24170; CVE-2022-24171; CVE-2022-28572; CVE-2022-34595; CVE-2022-34596; CVE-2022-34597; CVE-2022-46538)
Critical	16 Aug 2022	6 Feb 2023	CPAI-2022-0507		CVE-2018-5445 CVE-2022-26352	dotCMS Arbitrary File Upload (CVE-2022-26352; CVE-2018-5445)
Critical	11 Dec 2022	2 Feb 2023	CPAI-2022-1057		CVE-2022-27299 CVE-2022-27413 CVE-2022-27420 CVE-2022-30011 CVE-2022-38637 CVE-2022-46093	Hospital Management System SQL Injection (CVE-2022-27299; CVE-2022-27413; CVE-2022-27420; CVE-2022-30011; CVE-2022-38637; CVE-2022-46093)
Medium	9 Nov 2022	11 Jan 2023	CPAI-2018-2143		CVE-2018-6377	Joomla! CMS Cross-Site Scripting (CVE-2018-6377)
Critical	6 Nov 2022	5 Jan 2023	CPAI-2022-0683		CVE-2022-35914	GLPI Project Code Injection (CVE-2022-35914)
High	29 Dec 2022	29 Dec 2022	CPAI-2018-2242		CVE-2018-11144 CVE-2018-11145	Quest DR Series Disk Backup SQL Injection (CVE-2018-11144; CVE-2018-11145)
Critical	29 Dec 2022	29 Dec 2022	CPAI-2018-2224		CVE-2018-5972	Quickad Classified Ads CMS SQL Injection (CVE-2018-5972)
Critical	29 Dec 2022	29 Dec 2022	CPAI-2018-2241		CVE-2018-11143	Quest DR Series Disk Backup Remote Code Execution (CVE-2018-11143)
Critical	29 Dec 2022	29 Dec 2022	CPAI-2020-3640		CVE-2020-10879	rConfig Command Injection (CVE-2020-10879)
High	29 Dec 2022	29 Dec 2022	CPAI-2019-2730		CVE-2019-16893	TP-Link TP-SG105E Authentication Bypass (CVE-2019-16893)
High	13 Dec 2022	29 Dec 2022	CPAI-2022-1037	Microsoft CVE-2022-44683	CVE-2022-44683	Microsoft Windows Kernel Elevation of Privilege (CVE-2022-44683)
High	29 Dec 2022	29 Dec 2022	CPAI-2018-2237		CVE-2018-1146	Belkin N750 Authentication Bypass (CVE-2018-1146)
High	7 Dec 2022	29 Dec 2022	CPAI-2019-2695		CVE-2019-0233	Apache Struts Denial of Service (CVE-2019-0233)
Critical	29 Dec 2022	29 Dec 2022	CPAI-2018-2234		CVE-2018-13862	Trivum Authentication Bypass (CVE-2018-13862)