Home / 2022 Advisories Archive

2022 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	4 Sep 2022	4 Sep 2022	CPAI-2021-1271		CVE-2021-4119	BookStackApp BookStack Improper Access Control (CVE-2021-4119)
Critical	1 Sep 2022	1 Sep 2022	CPAI-2022-0536		CVE-2022-27255	Realtek eCos Stack Buffer Overflow (CVE-2022-27255)
High	31 Aug 2022	31 Aug 2022	CPAI-2022-0528		CVE-2022-1401	Device42 CMDB Improper Access Control (CVE-2022-1401)
High	31 Aug 2022	31 Aug 2022	CPAI-2021-1262		CVE-2021-3060	Palo Alto Networks Multiple Products Command Injection (CVE-2021-3060)
High	30 Aug 2022	30 Aug 2022	CPAI-2022-0522		CVE-2022-31659	VMWare Workspace One Access Remote Code Execution (CVE-2022-31659)
Critical	30 Aug 2022	30 Aug 2022	CPAI-2021-1233		CVE-2021-31932	Nokia BTS TRS Web Console Authentication Bypass (CVE-2021-31932)
High	29 Aug 2022	29 Aug 2022	CPAI-2022-0455		CVE-2022-32036	Tenda M3 Router Buffer Overflow (CVE-2022-32036)
High	28 Aug 2022	28 Aug 2022	CPAI-2022-0499		CVE-2022-32034	Tenda M3 Router Buffer Overflow (CVE-2022-32034)
High	21 Aug 2022	21 Aug 2022	CPAI-2021-1258		CVE-2021-1384	Cisco IOx Command Injection Command Injection (CVE-2021-1384)
High	21 Aug 2022	21 Aug 2022	CPAI-2020-3569		CVE-2020-2038	Palo Alto Networks PAN-OS Command Injection (CVE-2020-2038)
Medium	21 Aug 2022	21 Aug 2022	CPAI-2018-1829		CVE-2018-13380	Fortinet FortiOS Cross Site Scripting (CVE-2018-13380)
Medium	21 Aug 2022	21 Aug 2022	CPAI-2021-1170		CVE-2021-35616	Oracle Transportation Management Privilege Escalation (CVE-2021-35616)
Critical	16 Aug 2022	16 Aug 2022	CPAI-2022-0509		CVE-2022-32548	DrayTek Routers Buffer Overflow (CVE-2022-32548)
Critical	16 Aug 2022	16 Aug 2022	CPAI-2019-2649		CVE-2019-17602	Zoho ManageEngine OpManager SQL Injection (CVE-2019-17602)
High	15 Aug 2022	15 Aug 2022	CPAI-2022-0511		CVE-2022-35650	Moodle Directory Traversal (CVE-2022-35650)
Critical	15 Aug 2022	15 Aug 2022	CPAI-2022-0505		CVE-2022-25236	Expat XML Parser Remote Code Execution (CVE-2022-25236)
High	15 Aug 2022	15 Aug 2022	CPAI-2019-2646		CVE-2019-19597	D-Link DAP-1860 Command Injection (CVE-2019-19597)
Critical	11 Aug 2022	11 Aug 2022	CPAI-2018-2061		CVE-2018-19986	D-Link DIR-818LW Command Injection (CVE-2018-19986)
High	10 Aug 2022	10 Aug 2022	CPAI-2022-0472			PHP Zerodium Backdoor
Critical	8 Aug 2022	10 Aug 2022	CPAI-2022-0467		CVE-2022-26138	Atlassian Questions for Confluence App Hardcoded Credentials (CVE-2022-26138)
High	9 Aug 2022	9 Aug 2022	CPAI-2022-0501	Adobe APSB22-39	CVE-2022-35666	Adobe Acrobat and Reader Improper Input Validation (APSB22-39: CVE-2022-35666)
High	9 Aug 2022	9 Aug 2022	CPAI-2022-0481	Microsoft CVE-2022-35761	CVE-2022-35761	Microsoft Windows Kernel Elevation of Privilege (CVE-2022-35761)
High	9 Aug 2022	9 Aug 2022	CPAI-2022-0480	Microsoft CVE-2022-35748	CVE-2022-35748	Microsoft HTTP.sys Denial of Service (CVE-2022-35748)
High	9 Aug 2022	9 Aug 2022	CPAI-2022-0476	Microsoft CVE-2022-35756	CVE-2022-35756	Microsoft Windows Kerberos Elevation of Privilege (CVE-2022-35756)
Medium	7 Aug 2022	7 Aug 2022	CPAI-2022-0459		CVE-2022-33098	Magnolia CMS Cross-Site Scripting (CVE-2022-33098)
High	7 Aug 2022	7 Aug 2022	CPAI-2022-0426			BitTorrent Protocol
Critical	7 Aug 2022	7 Aug 2022	CPAI-2018-1804		CVE-2018-3991	WibuKey Network Server Management Heap Overflow (CVE-2018-3991)
Critical	2 Aug 2022	2 Aug 2022	CPAI-2022-0403		CVE-2022-24562	IOBit IOTransfer Arbitrary File Write (CVE-2022-24562)
Medium	20 Jul 2022	31 Jul 2022	CPAI-2022-0280		CVE-2022-21280	Oracle MySQL Cluster Stack Buffer Overflow (CVE-2022-21280)
High	28 Jul 2022	28 Jul 2022	CPAI-2022-0433			HTTP Payload Email Header Injection
Critical	28 Jul 2022	28 Jul 2022	CPAI-2022-0432		CVE-2022-25237	Bonitasoft Bonita Web Authorization Bypass (CVE-2022-25237)
High	28 Jul 2022	28 Jul 2022	CPAI-2022-0425		CVE-2022-32035	Tenda M3 Router Buffer Overflow (CVE-2022-32035)
High	28 Jul 2022	28 Jul 2022	CPAI-2022-0373			HTTP Payload CRLF Injection
High	27 Jul 2022	27 Jul 2022	CPAI-2022-0458		CVE-2022-36408	PrestaShop Command Injection (CVE-2022-36408)
High	26 Jul 2022	26 Jul 2022	CPAI-2020-3543		CVE-2020-4280	IBM QRadar SIEM Insecure Deserialization (CVE-2020-4280)
Critical	26 Jul 2022	26 Jul 2022	CPAI-2020-3466		CVE-2020-11117	Qualcomm Snapdragon Remote Code Execution (CVE-2020-11117)
Critical	25 Jul 2022	25 Jul 2022	CPAI-2021-1223		CVE-2021-41403	FlatCore CMS Server-Side Request Forgery (CVE-2021-41403)
High	20 Jul 2022	20 Jul 2022	CPAI-2022-0324		CVE-2022-31460	Owl Labs Meeting Owl Authentication Bypass (CVE-2022-31460)
High	20 Jul 2022	20 Jul 2022	CPAI-2017-1304		CVE-2017-5030	Google Chrome Browser V8 Memory Corruption (CVE-2017-5030)
Medium	20 Jul 2022	20 Jul 2022	CPAI-2016-1185		CVE-2016-2388	SAP NetWeaver Information Disclosure (CVE-2016-2388)
Medium	11 Jul 2022	11 Jul 2022	CPAI-2022-0358		CVE-2022-29036	Jenkins Credentials Plugin Cross-site Scripting (CVE-2022-29036)
Critical	11 Jul 2022	11 Jul 2022	CPAI-2022-0338		CVE-2022-31279	Laravel Remote Code Execution (CVE-2022-31279)
Medium	11 Jul 2022	11 Jul 2022	CPAI-2022-0330		CVE-2022-1190	GitLab Cross-site Scripting (CVE-2022-1190)
High	10 Jul 2022	10 Jul 2022	CPAI-2022-0370		CVE-2022-31362	Docebo Community Edition Arbitrary File Upload (CVE-2022-31362)
Medium	10 Jul 2022	10 Jul 2022	CPAI-2021-1201		CVE-2021-30533	Google Chrome Authentication Bypass (CVE-2021-30533)
High	7 Jul 2022	7 Jul 2022	CPAI-2022-0336		CVE-2022-21993	Microsoft Windows NFS ONCRPC XDR Driver Information Disclosure (CVE-2022-21993)
Critical	6 Jul 2022	6 Jul 2022	CPAI-2017-1310		CVE-2017-20029 CVE-2017-20032	PHPList SQL Injection (CVE-2017-20029; CVE-2017-20032)
High	30 Jun 2022	30 Jun 2022	CPAI-2022-0325		CVE-2022-22620	Apple OS Use After Free (CVE-2022-22620)
High	29 Jun 2022	29 Jun 2022	CPAI-2016-1187		CVE-2016-1646	Google Chrome Out-of-Bounds Read (CVE-2016-1646)
Medium	29 Jun 2022	29 Jun 2022	CPAI-2022-0229		CVE-2022-24463	Microsoft Exchange Server Spoofing (CVE-2022-24463)