Home / 2022 Advisories Archive

2022 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	12 Dec 2022	15 Oct 2024	CPAI-2022-1015		CVE-2022-38325 CVE-2022-38326 CVE-2022-40853 CVE-2022-40854 CVE-2022-40855 CVE-2022-40860 CVE-2022-40862 CVE-2022-40864 CVE-2022-40865 CVE-2022-40866 CVE-2022-40867 CVE-2022-40868 CVE-2022-40869 CVE-2023-27061	Tenda Routers Buffer Overflow (CVE-2022-38325; CVE-2022-38326; CVE-2022-40853; CVE-2022-40854; CVE-2022-40855; CVE-2022-40860; CVE-2022-40862; CVE-2022-40864; CVE-2022-40865; CVE-2022-40866; CVE-2022-40867; CVE-2022-40868; CVE-2022-40869; CVE-2023-27061)
Critical	4 Dec 2022	10 Oct 2024	CPAI-2022-0974		CVE-2022-30472 CVE-2022-30476 CVE-2022-30477 CVE-2022-38309 CVE-2022-38310 CVE-2022-38311 CVE-2022-38312 CVE-2022-38313 CVE-2022-38314 CVE-2022-40854 CVE-2023-37711 CVE-2023-38823 CVE-2023-45479 CVE-2023-4744	Tenda AC Routers Buffer Overflow (CVE-2022-30472; CVE-2022-30476; CVE-2022-30477; CVE-2022-38309; CVE-2022-38310; CVE-2022-38311; CVE-2022-38312; CVE-2022-38313; CVE-2022-38314; CVE-2022-40854; CVE-2023-37711; CVE-2023-38823; CVE-2023-45479; CVE-2023-4744)
Critical	20 Sep 2022	6 Oct 2024	CPAI-2018-2102		CVE-2018-19987 CVE-2018-19988 CVE-2018-19989 CVE-2018-19990 CVE-2018-6530 CVE-2024-3272 CVE-2024-44333 CVE-2024-44334 CVE-2024-44335 CVE-2024-44401 CVE-2024-44402	D-Link Multiple Products Command Injection (CVE-2018-19987; CVE-2018-19988; CVE-2018-19989; CVE-2018-19990; CVE-2018-6530; CVE-2024-3272; CVE-2024-44333; CVE-2024-44334; CVE-2024-44335; CVE-2024-44401; CVE-2024-44402)
Critical	11 Dec 2022	23 Sep 2024	CPAI-2021-1455		CVE-2021-30181	Apache Dubbo Remote Code Execution (CVE-2021-30181)
Critical	28 Nov 2022	9 Sep 2024	CPAI-2021-1430		CVE-2021-22802	Schneider-Electric Interactive Graphical SCADA Remote Code Execution (CVE-2021-22802)
Medium	2 Mar 2022	9 Sep 2024	CPAI-2022-0056		CVE-2022-23134	Zabbix Authentication Bypass (CVE-2022-23134)
Medium	22 Feb 2022	8 Sep 2024	CPAI-2021-1094		CVE-2021-21029	Magento Cross-Site Scripting (CVE-2021-21029)
High	14 Nov 2022	20 Aug 2024	CPAI-2022-0807		CVE-2022-1292	OpenSSL Command Injection (CVE-2022-1292)
High	20 Sep 2022	12 Aug 2024	CPAI-2021-1282		CVE-2021-27084	Microsoft Visual Studio Code Remote Code Execution (CVE-2021-27084)
Critical	23 May 2022	12 Aug 2024	CPAI-2022-0249		CVE-2022-0441 CVE-2024-5973	WordPress MasterStudy LMS Plugin Privilege Escalation (CVE-2022-0441; CVE-2024-5973)
High	12 Dec 2022	6 Aug 2024	CPAI-2022-1042		CVE-2022-41034	Microsoft Visual Studio Code Remote Code Execution (CVE-2022-41034)
Critical	14 Dec 2022	28 Jul 2024	CPAI-2022-1068		CVE-2018-18706 CVE-2022-32383 CVE-2022-32385 CVE-2023-0782 CVE-2023-40797 CVE-2023-40798 CVE-2023-40799 CVE-2023-40801 CVE-2023-45481 CVE-2024-0922 CVE-2024-0923 CVE-2024-0925 CVE-2024-0927 CVE-2024-0928	Tenda AC Routers Stack Overflow (CVE-2018-18706; CVE-2022-32383; CVE-2022-32385; CVE-2023-0782; CVE-2023-40797; CVE-2023-40798; CVE-2023-40799; CVE-2023-40801; CVE-2023-45481; CVE-2024-0922; CVE-2024-0923; CVE-2024-0925; CVE-2024-0927; CVE-2024-0928)
Critical	11 Dec 2022	18 Jul 2024	CPAI-2022-1010		CVE-2022-32032 CVE-2023-49046 CVE-2024-30620 CVE-2024-30621	Tenda AX Routers Stack Overflow (CVE-2022-32032; CVE-2023-49046; CVE-2024-30620; CVE-2024-30621)
Medium	8 Mar 2022	14 Jul 2024	CPAI-2022-0061	Microsoft CVE-2022-23253	CVE-2022-23253	Microsoft Point-to-Point Tunneling Protocol Denial of Service (CVE-2022-23253)
Critical	16 Mar 2022	8 Jul 2024	CPAI-2021-1110		CVE-2021-44515	ZohoCorp ManageEngine Desktop Central Authentication Bypass (CVE-2021-44515)
Critical	18 Dec 2022	4 Jul 2024	CPAI-2022-1074		CVE-2022-24144 CVE-2023-27239	Tenda AX3 Stack Overflow (CVE-2022-24144; CVE-2023-27239)
Critical	22 Nov 2022	4 Jul 2024	CPAI-2022-0866		CVE-2022-24148 CVE-2022-24150 CVE-2023-27240	Tenda AX3 Command Injection (CVE-2022-24148; CVE-2022-24150; CVE-2023-27240)
Critical	19 Apr 2022	4 Jul 2024	CPAI-2022-0202		CVE-2022-26809	Microsoft RPC Remote Code Execution (CVE-2022-26809)
High	14 Dec 2022	2 Jul 2024	CPAI-2022-1047		CVE-2022-30129	Microsoft Visual Studio Code Remote Code Execution (CVE-2022-30129)
High	11 Oct 2022	2 Jul 2024	CPAI-2022-0641	Microsoft CVE-2022-38053	CVE-2022-38053	Microsoft SharePoint Server Remote Code Execution (CVE-2022-38053)
Critical	16 Feb 2022	25 Jun 2024	CPAI-2021-1024		CVE-2021-37415	Zoho ManageEngine ServiceDesk Authentication Bypass (CVE-2021-37415)
High	8 Dec 2022	24 Jun 2024	CPAI-2021-1477		CVE-2021-27212	OpenLDAP slapd Denial of Service (CVE-2021-27212)
High	8 Dec 2022	24 Jun 2024	CPAI-2021-1476		CVE-2021-27273	Netgear ProSAFE Command Injection (CVE-2021-27273)
High	8 Dec 2022	24 Jun 2024	CPAI-2021-1475		CVE-2021-27275	Netgear ProSAFE Network Management System Arbitrary File Deletion (CVE-2021-27275)
Medium	5 Dec 2022	24 Jun 2024	CPAI-2021-1454		CVE-2021-2401	Oracle Fusion Middleware Business Intelligence External Entity Injection (CVE-2021-2401)
Critical	5 Dec 2022	24 Jun 2024	CPAI-2021-1451		CVE-2021-2456	Oracle Fusion Middleware Business Intelligence Insecure Deserialization (CVE-2021-2456)
High	5 Dec 2022	23 Jun 2024	CPAI-2021-1453		CVE-2021-2396	Oracle Fusion Middleware Business Intelligence Remote Code Execution (CVE-2021-2396)
Medium	28 Nov 2022	23 Jun 2024	CPAI-2021-1429		CVE-2021-22242	GitLab Community and Enterprise Edition Cross-Site Scripting (CVE-2021-22242)
Medium	6 Feb 2022	23 Jun 2024	CPAI-2021-1063		CVE-2021-26085 CVE-2021-26086	Atlassian Confluence Server Arbitrary File Read (CVE-2021-26085; CVE-2021-26086)
Medium	17 Nov 2022	20 Jun 2024	CPAI-2022-0883		CVE-2022-1178	OpenEMR Cross-Site Scripting (CVE-2022-1178)
Critical	17 Nov 2022	20 Jun 2024	CPAI-2021-1376		CVE-2021-40493	Zoho ManageEngine SQL Injection (CVE-2021-40493)
Critical	9 Nov 2022	20 Jun 2024	CPAI-2022-0845		CVE-2022-1281	WordPress Photo Gallery Plugin SQL Injection (CVE-2022-1281)
High	31 Oct 2022	20 Jun 2024	CPAI-2022-0776		CVE-2022-0819	Dolibarr ERP and CRM Code Injection (CVE-2022-0819)
Critical	31 Oct 2022	20 Jun 2024	CPAI-2022-0767		CVE-2022-1366	Delta Electronics DIAEnergie SQL Injection (CVE-2022-1366)
Medium	30 Oct 2022	20 Jun 2024	CPAI-2022-0761		CVE-2022-1181	OpenEMR Cross-Site Scripting (CVE-2022-1181)
Medium	30 Oct 2022	20 Jun 2024	CPAI-2022-0760		CVE-2022-1179	OpenEMR Cross-Site Scripting (CVE-2022-1179)
High	12 May 2022	20 Jun 2024	CPAI-2021-1169		CVE-2021-41282	pfSense Remote Code Execution (CVE-2021-41282)
Critical	23 Jan 2022	20 Jun 2024	CPAI-2021-1056		CVE-2021-42392	H2 Database Console Remote Code Execution (CVE-2021-42392)
High	25 Jan 2022	20 Jun 2024	CPAI-2021-1054		CVE-2021-40344	Nagios XI Remote Code Execution (CVE-2021-40344)
Medium	4 Jan 2022	20 Jun 2024	CPAI-2021-0944		CVE-2021-41349	Microsoft Exchange Server Cross Site Scripting (CVE-2021-41349)
Medium	14 Nov 2022	19 Jun 2024	CPAI-2021-1358		CVE-2021-44471	Delta Industrial Automation DIAEnergie Cross-Site Scripting (CVE-2021-44471)
Critical	17 Nov 2022	19 Jun 2024	CPAI-2022-0855		CVE-2022-1378	Delta Industrial Automation DIAEnergie SQL Injection (CVE-2022-1378)
Medium	17 Nov 2022	19 Jun 2024	CPAI-2022-0854		CVE-2022-1104	WordPress Popup Maker Plugin Cross-Site Scripting (CVE-2022-1104)
Critical	30 Oct 2022	19 Jun 2024	CPAI-2022-0762		CVE-2022-2135	Advantech iView SQL Injection (CVE-2022-2135)
Medium	30 Oct 2022	19 Jun 2024	CPAI-2022-0757		CVE-2022-0218	Wordpress Email Template Designer Plugin Authentication Bypass (CVE-2022-0218)
Medium	3 Nov 2022	19 Jun 2024	CPAI-2022-0742		CVE-2022-0364	WordPress Modern Events Calendar Lite Plugin Cross-Site Scripting (CVE-2022-0364)
Critical	20 Oct 2022	19 Jun 2024	CPAI-2022-0716		CVE-2022-1660	KeySight N6854A and N6841A RF Sensor Insecure Deserialization (CVE-2022-1660)
High	12 Sep 2022	19 Jun 2024	CPAI-2022-0527		CVE-2022-1429	Pimcore SQL Injection (CVE-2022-1429)
High	14 Mar 2022	19 Jun 2024	CPAI-2021-1119		CVE-2021-44544	DIAEnergie Cross-Site Scripting (CVE-2021-44544)
Critical	9 Feb 2022	19 Jun 2024	CPAI-2020-3454		CVE-2020-13927	Apache Airflow Authentication Bypass (CVE-2020-13927)