Home / 2022 Advisories Archive

2022 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	2 Oct 2022	2 Oct 2022	CPAI-2021-1279		CVE-2021-34746	Cisco NFVIS Improper Access Control (CVE-2021-34746)
Critical	2 Oct 2022	2 Oct 2022	CPAI-2019-2665		CVE-2019-17662	Cybelsoft ThinVNC Directory Traversal (CVE-2019-17662)
High	2 Oct 2022	2 Oct 2022	CPAI-2022-0554		CVE-2022-23940	SalesAgility SuiteCRM Remote Code Execution (CVE-2022-23940)
High	10 Aug 2022	29 Sep 2022	CPAI-2022-0468			PowerShell Functions Remote Code Execution
High	22 Sep 2022	22 Sep 2022	CPAI-2022-0566		CVE-2022-2294	Google Chrome WebRTC Heap Buffer Overflow (CVE-2022-2294)
High	20 Sep 2022	20 Sep 2022	CPAI-2020-3597		CVE-2020-25682	DNSmasq Out-of-Bounds Write (CVE-2020-25682)
High	20 Sep 2022	20 Sep 2022	CPAI-2019-2666		CVE-2019-0618	Microsoft Windows Server Remote Code Execution (CVE-2019-0618)
High	20 Sep 2022	20 Sep 2022	CPAI-2020-3593		CVE-2020-36228	OpenLDAP Integer Underflow (CVE-2020-36228)
High	20 Sep 2022	20 Sep 2022	CPAI-2018-2109		CVE-2018-13374	Fortinet FortiOS Improper Access Control (CVE-2018-13374)
Critical	20 Sep 2022	20 Sep 2022	CPAI-2022-0556		CVE-2022-33318	ICONICS GENESIS64 Remote Code Execution (CVE-2022-33318)
High	18 Sep 2022	18 Sep 2022	CPAI-2017-1529		CVE-2017-9355	Subsonic Server Side Request Forgery (CVE-2017-9355)
High	18 Sep 2022	18 Sep 2022	CPAI-2018-2119		CVE-2018-11130	VCFtools Use-after-free (CVE-2018-11130)
Medium	18 Sep 2022	18 Sep 2022	CPAI-2019-2667		CVE-2019-1439	Microsoft Graphics Device Interface Buffer Overflow (CVE-2019-1439)
High	18 Sep 2022	18 Sep 2022	CPAI-2017-1528		CVE-2017-14103	GraphicsMagick Use-after-free (CVE-2017-14103)
Medium	18 Sep 2022	18 Sep 2022	CPAI-2021-1277		CVE-2021-30657	Apple MacOS Authentication Bypass (CVE-2021-30657)
High	18 Sep 2022	18 Sep 2022	CPAI-2018-2118		CVE-2018-16509	Artifex Ghostscript Remote Code Execution (CVE-2018-16509)
High	18 Sep 2022	18 Sep 2022	CPAI-2018-2117		CVE-2018-1000035	InfoZip UnZip Buffer Overflow (CVE-2018-1000035)
Medium	18 Sep 2022	18 Sep 2022	CPAI-2018-2116		CVE-2018-19206	Roundcube Webmail func.inc Cross-site Scripting (CVE-2018-19206)
Medium	18 Sep 2022	18 Sep 2022	CPAI-2018-2115		CVE-2018-16323	ImageMagick ReadXBMImage Information Disclosure (CVE-2018-16323)
High	18 Sep 2022	18 Sep 2022	CPAI-2018-2114		CVE-2018-8397	Microsoft Graphics Device Interface Remote Code Execution (CVE-2018-8397)
Medium	18 Sep 2022	18 Sep 2022	CPAI-2020-3592		CVE-2020-26567	D-Link Routers Authentication Bypass (CVE-2020-26567)
High	18 Sep 2022	18 Sep 2022	CPAI-2017-1527		CVE-2017-11403	GraphicsMagick Use-after-free (CVE-2017-11403)
Critical	18 Sep 2022	18 Sep 2022	CPAI-2022-0600		CVE-2022-3180	WordPress WPGateway Plugin Privilege Escalation (CVE-2022-3180)
Critical	18 Sep 2022	18 Sep 2022	CPAI-2022-0579		CVE-2022-27593	QNAP NAS Photo Station Arbitrary File Write (CVE-2022-27593)
High	15 Sep 2022	15 Sep 2022	CPAI-2022-0512			SQL Injection Obfuscation Techniques
Medium	14 Sep 2022	14 Sep 2022	CPAI-2020-3591		CVE-2020-15299	WordPress KingComposer Plugin Cross-site Scripting (CVE-2020-15299)
Medium	14 Sep 2022	14 Sep 2022	CPAI-2018-2104		CVE-2018-15712	Nagios Xi Cross-site Scripting (CVE-2018-15712)
High	14 Sep 2022	14 Sep 2022	CPAI-2018-2097		CVE-2018-5006	Adobe Experience Manager Server Side Request Forgery (CVE-2018-5006)
High	13 Sep 2022	13 Sep 2022	CPAI-2022-0564	Microsoft CVE-2022-34725	CVE-2022-34725	Microsoft Windows ALPC Elevation of Privilege (CVE-2022-34725)
High	13 Sep 2022	13 Sep 2022	CPAI-2022-0563	Microsoft CVE-2022-37954	CVE-2022-37954	Microsoft DirectX Graphics Kernel Elevation of Privilege (CVE-2022-37954)
High	13 Sep 2022	13 Sep 2022	CPAI-2022-0562	Microsoft CVE-2022-37957	CVE-2022-37957	Microsoft Windows Kernel Elevation of Privilege (CVE-2022-37957)
High	13 Sep 2022	13 Sep 2022	CPAI-2022-0561	Microsoft CVE-2022-34729	CVE-2022-34729	Microsoft Windows GDI Elevation of Privilege (CVE-2022-34729)
High	13 Sep 2022	13 Sep 2022	CPAI-2022-0560	Microsoft CVE-2022-35803	CVE-2022-35803	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2022-35803)
High	12 Sep 2022	12 Sep 2022	CPAI-2022-0578		CVE-2022-31474	WordPress BackupBuddy Plugin Arbitrary File Read (CVE-2022-31474)
Critical	4 Sep 2022	4 Sep 2022	CPAI-2021-1271		CVE-2021-4119	BookStackApp BookStack Improper Access Control (CVE-2021-4119)
Critical	1 Sep 2022	1 Sep 2022	CPAI-2022-0536		CVE-2022-27255	Realtek eCos Stack Buffer Overflow (CVE-2022-27255)
High	31 Aug 2022	31 Aug 2022	CPAI-2022-0528		CVE-2022-1401	Device42 CMDB Improper Access Control (CVE-2022-1401)
High	31 Aug 2022	31 Aug 2022	CPAI-2021-1262		CVE-2021-3060	Palo Alto Networks Multiple Products Command Injection (CVE-2021-3060)
High	30 Aug 2022	30 Aug 2022	CPAI-2022-0522		CVE-2022-31659	VMWare Workspace One Access Remote Code Execution (CVE-2022-31659)
Critical	30 Aug 2022	30 Aug 2022	CPAI-2021-1233		CVE-2021-31932	Nokia BTS TRS Web Console Authentication Bypass (CVE-2021-31932)
High	29 Aug 2022	29 Aug 2022	CPAI-2022-0455		CVE-2022-32036	Tenda M3 Router Buffer Overflow (CVE-2022-32036)
High	28 Aug 2022	28 Aug 2022	CPAI-2022-0499		CVE-2022-32034	Tenda M3 Router Buffer Overflow (CVE-2022-32034)
High	21 Aug 2022	21 Aug 2022	CPAI-2021-1258		CVE-2021-1384	Cisco IOx Command Injection Command Injection (CVE-2021-1384)
High	21 Aug 2022	21 Aug 2022	CPAI-2020-3569		CVE-2020-2038	Palo Alto Networks PAN-OS Command Injection (CVE-2020-2038)
Medium	21 Aug 2022	21 Aug 2022	CPAI-2018-1829		CVE-2018-13380	Fortinet FortiOS Cross Site Scripting (CVE-2018-13380)
Medium	21 Aug 2022	21 Aug 2022	CPAI-2021-1170		CVE-2021-35616	Oracle Transportation Management Privilege Escalation (CVE-2021-35616)
Critical	16 Aug 2022	16 Aug 2022	CPAI-2022-0509		CVE-2022-32548	DrayTek Routers Buffer Overflow (CVE-2022-32548)
Critical	16 Aug 2022	16 Aug 2022	CPAI-2019-2649		CVE-2019-17602	Zoho ManageEngine OpManager SQL Injection (CVE-2019-17602)
High	15 Aug 2022	15 Aug 2022	CPAI-2022-0511		CVE-2022-35650	Moodle Directory Traversal (CVE-2022-35650)
Critical	15 Aug 2022	15 Aug 2022	CPAI-2022-0505		CVE-2022-25236	Expat XML Parser Remote Code Execution (CVE-2022-25236)