Home / 2022 Advisories Archive

2022 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Medium	27 Nov 2022	27 Nov 2022	CPAI-2022-0937	CVE-2022-36533	Super Flexible Software Syncovery Cross-site Scripting (CVE-2022-36533)
High	27 Nov 2022	27 Nov 2022	CPAI-2022-0905	CVE-2022-31097	Grafana Cross-Site Scripting (CVE-2022-31097)
High	27 Nov 2022	27 Nov 2022	CPAI-2022-0902	CVE-2022-0557	Packagist Microweber Arbitrary File Upload (CVE-2022-0557)
Medium	24 Nov 2022	24 Nov 2022	CPAI-2021-1402	CVE-2021-21667	Jenkins Scriptler Plugin Cross-Site Scripting (CVE-2021-21667)
High	24 Nov 2022	24 Nov 2022	CPAI-2021-1401	CVE-2021-2190	Oracle E-Business Suite Sales Offline Denial of Service (CVE-2021-2190)
Medium	24 Nov 2022	24 Nov 2022	CPAI-2021-1400	CVE-2021-21649	Jenkins Dashboard View Plugin Cross-Site Scripting (CVE-2021-21649)
Medium	24 Nov 2022	24 Nov 2022	CPAI-2021-1399	CVE-2021-21616	Jenkins Active Choices Plugin Cross-Site Scripting (CVE-2021-21616)
High	24 Nov 2022	24 Nov 2022	CPAI-2022-0930	CVE-2022-30860	FUDforum Arbitrary File Upload (CVE-2022-30860)
Critical	24 Nov 2022	24 Nov 2022	CPAI-2022-0890	CVE-2022-30450	WaimairenCMS Remote Code Execution (CVE-2022-30450)
High	24 Nov 2022	24 Nov 2022	CPAI-2022-0884	CVE-2022-34120	Barangay Management System Arbitrary File Upload (CVE-2022-34120)
Critical	24 Nov 2022	24 Nov 2022	CPAI-2022-0881	CVE-2022-31885	Marval MSM Remote Code Execution (CVE-2022-31885)
Medium	24 Nov 2022	24 Nov 2022	CPAI-2022-0880	CVE-2022-31629	PHP Authentication Bypass (CVE-2022-31629)
Critical	24 Nov 2022	24 Nov 2022	CPAI-2021-1377	CVE-2021-21669	Jenkins Generic Webhook Trigger Plugin External Entity Injection (CVE-2021-21669)
High	24 Nov 2022	24 Nov 2022	CPAI-2018-2141	CVE-2018-10613	GE MDS PulseNET XML External Entity Expansion (CVE-2018-10613)
Medium	24 Nov 2022	24 Nov 2022	CPAI-2018-2140	CVE-2018-17686	Foxit Reader Out-of-Bounds Read (CVE-2018-17686)
High	23 Nov 2022	23 Nov 2022	CPAI-2022-0931	CVE-2022-25094	Home Owners Collection Management System Arbitrary File Upload (CVE-2022-25094)
Critical	23 Nov 2022	23 Nov 2022	CPAI-2022-0929	CVE-2022-37661	SmartRG Routers Command Injection (CVE-2022-37661)
High	23 Nov 2022	23 Nov 2022	CPAI-2022-0928	CVE-2022-41800	F5 Big-IP Command Injection (CVE-2022-41800)
High	23 Nov 2022	23 Nov 2022	CPAI-2022-0927	CVE-2022-41622	F5 Big-IP Cross-Site Request Forgery (CVE-2022-41622)
Critical	23 Nov 2022	23 Nov 2022	CPAI-2022-0925	CVE-2022-37130	D-Link DIR-816 Command Injection (CVE-2022-37130)
Critical	23 Nov 2022	23 Nov 2022	CPAI-2022-0924	CVE-2022-36267	Airspan AirSpot 5410 Command Injection (CVE-2022-36267)
High	23 Nov 2022	23 Nov 2022	CPAI-2022-0916	CVE-2022-40878	Exam Reviewer Management System Arbitrary File Upload (CVE-2022-40878)
Critical	23 Nov 2022	23 Nov 2022	CPAI-2022-0911	CVE-2022-1162	GitLab Hardcoded Credentials (CVE-2022-1162)
Critical	23 Nov 2022	23 Nov 2022	CPAI-2022-0906	CVE-2022-38621	Doufox Arbitrary File Upload (CVE-2022-38621)
Medium	23 Nov 2022	23 Nov 2022	CPAI-2022-0588	CVE-2022-0831 CVE-2022-0832	Pimcore Cross Site Scripting (CVE-2022-0831; CVE-2022-0832)
Critical	22 Nov 2022	22 Nov 2022	CPAI-2022-0903	CVE-2022-26272	IonizeCMS Remote Code Execution (CVE-2022-26272)
High	22 Nov 2022	22 Nov 2022	CPAI-2022-0896	CVE-2022-36532	Bolt CMS Arbitrary File Upload (CVE-2022-36532)
High	22 Nov 2022	22 Nov 2022	CPAI-2022-0895	CVE-2022-32420	College Management System Arbitrary File Upload (CVE-2022-32420)
Critical	22 Nov 2022	22 Nov 2022	CPAI-2022-0891	CVE-2022-25064	TP-Link TL-WR840N Command Injection (CVE-2022-25064)
Critical	22 Nov 2022	22 Nov 2022	CPAI-2022-0888	CVE-2022-25061	TP-Link TL-WR840N Command Injection (CVE-2022-25061)
Critical	22 Nov 2022	22 Nov 2022	CPAI-2022-0885	CVE-2022-29307	IonizeCMS Command Injection (CVE-2022-29307)
Critical	22 Nov 2022	22 Nov 2022	CPAI-2022-0868	CVE-2022-24108	OpenCart Remote Code Execution (CVE-2022-24108)
High	22 Nov 2022	22 Nov 2022	CPAI-2022-0809	CVE-2022-30079	Netgear R6200v2 Command Injection (CVE-2022-30079)
High	22 Nov 2022	22 Nov 2022	CPAI-2022-0802	CVE-2022-22909	DigitalDruid HotelDruid Remote Code Execution (CVE-2022-22909)
Critical	22 Nov 2022	22 Nov 2022	CPAI-2020-3609	CVE-2020-27868	Qognify Ocularis Insecure Deserialization (CVE-2020-27868)
Critical	22 Nov 2022	22 Nov 2022	CPAI-2018-2134	CVE-2018-15381	Cisco Unity Express Insecure Deserialization (CVE-2018-15381)
High	14 Sep 2022	22 Nov 2022	CPAI-2022-0473	CVE-2022-29078	Reverse Shell Commands Over HTTP Payload (CVE-2022-29078)
Critical	21 Nov 2022	22 Nov 2022	CPAI-2019-2526	CVE-2019-10068	Kentico CMS Remote Code Execution (CVE-2019-10068)
High	21 Nov 2022	21 Nov 2022	CPAI-2022-0915		Atmosphere Java Framework Reflected Cross-Site Scripting
Critical	21 Nov 2022	21 Nov 2022	CPAI-2022-0910	CVE-2022-29013	Razer Sila Gaming Router Command Injection (CVE-2022-29013)
High	21 Nov 2022	21 Nov 2022	CPAI-2022-0865	CVE-2022-28590	Pixelimity Arbitrary File Upload (CVE-2022-28590)
Critical	6 Nov 2022	21 Nov 2022	CPAI-2022-0781	CVE-2022-26501	Veeam Backup and Replication Authentication Bypass (CVE-2022-26501)
High	31 Jan 2022	21 Nov 2022	CPAI-2021-1055	CVE-2021-37975	Google Chrome Heap Corruption (CVE-2021-37975)
High	20 Nov 2022	20 Nov 2022	CPAI-2021-1392	CVE-2021-21642	Jenkins Config File Provider Plugin External Entity Injection (CVE-2021-21642)
Medium	20 Nov 2022	20 Nov 2022	CPAI-2021-1391	CVE-2021-21699	Jenkins Active Choices Plugin Cross-Site Scripting (CVE-2021-21699)
Medium	20 Nov 2022	20 Nov 2022	CPAI-2021-1390	CVE-2021-20080	Zoho ManageEngine ServiceDesk Plus Cross-Site Scripting (CVE-2021-20080)
Critical	20 Nov 2022	20 Nov 2022	CPAI-2019-2683	CVE-2019-16724	iSharer and upRedSun File Sharing Wizard Buffer Overflow (CVE-2019-16724)
High	17 Nov 2022	17 Nov 2022	CPAI-2017-1538	CVE-2017-12936	GraphicsMagic WMF Use After Free (CVE-2017-12936)
High	17 Nov 2022	17 Nov 2022	CPAI-2018-2148	CVE-2018-4443	Apple WebKit AbstractValue Set Use After Free (CVE-2018-4443)
Critical	17 Nov 2022	17 Nov 2022	CPAI-2017-1537	CVE-2017-17420	Quest NetVault Backup NVBUJobCountHistory SQL Injection (CVE-2017-17420)