Home / 2022 Advisories Archive

2022 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
High	14 Nov 2022	14 Nov 2022	CPAI-2022-0846		CVE-2022-23375	WikiDocs Arbitrary File Upload (CVE-2022-23375)
Medium	14 Nov 2022	14 Nov 2022	CPAI-2022-0813		CVE-2022-30956	Jenkins Rundeck Plugin Cross-Site Scripting (CVE-2022-30956)
Critical	13 Nov 2022	13 Nov 2022	CPAI-2020-3614		CVE-2020-26879	Ruckus IoT Controller Web UI Authentication Bypass (CVE-2020-26879)
High	13 Nov 2022	13 Nov 2022	CPAI-2017-1536		CVE-2017-13772	TP Link Wr940N Routers Buffer Overflow (CVE-2017-13772)
Critical	13 Nov 2022	13 Nov 2022	CPAI-2019-2685		CVE-2019-13372	D-Link Central WiFiManager CWM-100 Remote Code Execution (CVE-2019-13372)
High	13 Nov 2022	13 Nov 2022	CPAI-2022-0806		CVE-2022-38534 CVE-2022-38535	TOTOLink 720R Command Injection (CVE-2022-38534; CVE-2022-38535)
Critical	13 Nov 2022	13 Nov 2022	CPAI-2020-3607		CVE-2020-14841	Oracle WebLogic Server Remote Code Execution (CVE-2020-14841)
High	10 Nov 2022	10 Nov 2022	CPAI-2022-0803		CVE-2022-36215	DedeBIZ Remote Code Execution (CVE-2022-36215)
Critical	10 Nov 2022	10 Nov 2022	CPAI-2022-0801		CVE-2022-31446	Tenda AC18 Router Command Injection (CVE-2022-31446)
Critical	10 Nov 2022	10 Nov 2022	CPAI-2022-0798		CVE-2022-25487	AtomCMS Arbitrary File Upload (CVE-2022-25487)
High	10 Nov 2022	10 Nov 2022	CPAI-2019-2680		CVE-2019-7670	Prima Systems FlexAir Command Injection (CVE-2019-7670)
Medium	10 Nov 2022	10 Nov 2022	CPAI-2021-1328		CVE-2021-46065	Zoho ManageEngine ServiceDesk Cross-Site Scripting (CVE-2021-46065)
Critical	10 Nov 2022	10 Nov 2022	CPAI-2022-0633		CVE-2022-0848	Part-DB Project Unrestricted File Upload (CVE-2022-0848)
High	9 Nov 2022	9 Nov 2022	CPAI-2022-0819			Mako Server Remote Command Execution
High	9 Nov 2022	9 Nov 2022	CPAI-2021-1343		CVE-2021-21300	Git Source Code Management Code Execution (CVE-2021-21300)
High	9 Nov 2022	9 Nov 2022	CPAI-2022-0817			Docker Daemon API Remote Code Execution
High	9 Nov 2022	9 Nov 2022	CPAI-2022-0816			osCommerce Remote Code Execution
High	9 Nov 2022	9 Nov 2022	CPAI-2017-1534		CVE-2017-7455	Moxa MXView Information Disclosure (CVE-2017-7455)
Critical	9 Nov 2022	9 Nov 2022	CPAI-2019-2681		CVE-2019-9204	Nagios IM SQL Injection (CVE-2019-9204)
High	9 Nov 2022	9 Nov 2022	CPAI-2019-2677		CVE-2019-9202	Nagios IM Command Injection (CVE-2019-9202)
High	9 Nov 2022	9 Nov 2022	CPAI-2022-0764		CVE-2022-2550	GitHub Repository Hestiacp Command Injection (CVE-2022-2550)
High	8 Nov 2022	8 Nov 2022	CPAI-2022-0811	Microsoft CVE-2022-41125	CVE-2022-41125	Microsoft Windows CNG Key Isolation Service Elevation of Privilege (CVE-2022-41125)
Critical	8 Nov 2022	8 Nov 2022	CPAI-2022-0810	Microsoft CVE-2022-41118	CVE-2022-41118	Microsoft Windows Scripting Languages Remote Code Execution (CVE-2022-41118)
High	8 Nov 2022	8 Nov 2022	CPAI-2022-0789	Microsoft CVE-2022-41057	CVE-2022-41057	Microsoft Windows HTTP.sys Elevation of Privilege (CVE-2022-41057)
High	8 Nov 2022	8 Nov 2022	CPAI-2022-0772	Microsoft CVE-2022-41096	CVE-2022-41096	Microsoft DWM Core Library Elevation of Privilege (CVE-2022-41096)
High	8 Nov 2022	8 Nov 2022	CPAI-2022-0770	Microsoft CVE-2022-41109	CVE-2022-41109	Microsoft Windows Win32k Elevation of Privilege (CVE-2022-41109)
High	8 Nov 2022	8 Nov 2022	CPAI-2022-0769	Microsoft CVE-2022-41113	CVE-2022-41113	Microsoft Windows Win32 Kernel Subsystem Elevation of Privilege (CVE-2022-41113)
Critical	8 Nov 2022	8 Nov 2022	CPAI-2022-0796		CVE-2022-35516	DedeCMS Remote Code Execution (CVE-2022-35516)
Medium	7 Nov 2022	7 Nov 2022	CPAI-2022-0792		CVE-2022-1175	GitLab Community and Enterprise Cross-Site Scripting (CVE-2022-1175)
High	7 Nov 2022	7 Nov 2022	CPAI-2022-0573		CVE-2022-20828	Cisco Firepower ASA Command Injection (CVE-2022-20828)
High	6 Nov 2022	6 Nov 2022	CPAI-2020-3612		CVE-2020-8163	Rails Remote Code Execution (CVE-2020-8163)
High	6 Nov 2022	6 Nov 2022	CPAI-2020-3611		CVE-2020-4241	IBM Spectrum Protect Plus uploadHttpsCertificate Command Injection (CVE-2020-4241)
High	6 Nov 2022	6 Nov 2022	CPAI-2020-3610		CVE-2020-27871	SolarWinds Orion Arbitrary File Write (CVE-2020-27871)
Medium	6 Nov 2022	6 Nov 2022	CPAI-2022-0786		CVE-2022-1707	WordPress Google Tag Manager Plugin Cross-Site Scripting (CVE-2022-1707)
Critical	6 Nov 2022	6 Nov 2022	CPAI-2022-0780		CVE-2022-34531	DedeCMS Command Injection (CVE-2022-34531)
Critical	6 Nov 2022	6 Nov 2022	CPAI-2022-0754		CVE-2022-29592	Tenda TX9 Pro Router Command Injection (CVE-2022-29592)
High	6 Nov 2022	6 Nov 2022	CPAI-2021-1322		CVE-2021-21659	Jenkins Filesystem Trigger Plugin XML External Entity Expansion (CVE-2021-21659)
Critical	6 Nov 2022	6 Nov 2022	CPAI-2019-2674		CVE-2019-9165	Nagios XI SQL Injection (CVE-2019-9165)
Critical	3 Nov 2022	3 Nov 2022	CPAI-2022-0785		CVE-2022-3786	OpenSSL Buffer Overflow (CVE-2022-3786)
Medium	3 Nov 2022	3 Nov 2022	CPAI-2022-0793		CVE-2022-0832	Pimcore Cross-Site Scripting (CVE-2022-0832)
Critical	3 Nov 2022	3 Nov 2022	CPAI-2022-0779		CVE-2022-34555	TP-Link TL-R473G Command Injection (CVE-2022-34555)
Critical	3 Nov 2022	3 Nov 2022	CPAI-2022-0749		CVE-2022-29337	C-DATA Command Injection (CVE-2022-29337)
High	3 Nov 2022	3 Nov 2022	CPAI-2022-0740		CVE-2022-25017	Hitron CHITA Command Injection (CVE-2022-25017)
Critical	2 Nov 2022	2 Nov 2022	CPAI-2022-0741		CVE-2022-24223	AtomCMS SQL Injection (CVE-2022-24223)
Critical	2 Nov 2022	2 Nov 2022	CPAI-2022-0731		CVE-2022-0888	WordPress Ninja Forms Plugin Arbitrary File Upload (CVE-2022-0888)
Critical	31 Oct 2022	31 Oct 2022	CPAI-2020-3608		CVE-2020-17132	Microsoft Exchange Remote Code Execution (CVE-2020-17132)
Critical	31 Oct 2022	31 Oct 2022	CPAI-2021-1329		CVE-2021-2394	Oracle WebLogic Server Remote Code Execution (CVE-2021-2394)
High	31 Oct 2022	31 Oct 2022	CPAI-2017-1531		CVE-2017-7456	Moxa MXView Denial of Service (CVE-2017-7456)
Medium	31 Oct 2022	31 Oct 2022	CPAI-2022-0774		CVE-2022-34777	Jenkins GitLab Plugin Cross-Site Scripting (CVE-2022-34777)
Medium	31 Oct 2022	31 Oct 2022	CPAI-2022-0768		CVE-2022-25772	Acquia Mautic Cross-Site Scripting (CVE-2022-25772)