Home / 2022 Advisories Archive

2022 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
High	28 Jun 2022	28 Jun 2022	CPAI-2016-1186		CVE-2016-5198	Google Chrome Remote Code Execution (CVE-2016-5198)
Critical	27 Jun 2022	27 Jun 2022	CPAI-2022-0331		CVE-2022-29499	Mitel MiVoice Connect Command Injection (CVE-2022-29499)
Medium	27 Jun 2022	27 Jun 2022	CPAI-2018-1820		CVE-2018-19943	QNAP FileStation Cross Site Scripting (CVE-2018-19943)
High	27 Jun 2022	27 Jun 2022	CPAI-2022-0257		CVE-2022-20759	Cisco Adaptive Security Appliance Privilege Escalation (CVE-2022-20759)
High	26 Jun 2022	26 Jun 2022	CPAI-2019-2544		CVE-2019-7484 CVE-2019-7485	SonicWall SMA100 Multiple Vulnerabilities (CVE-2019-7484; CVE-2019-7485)
Critical	23 Jun 2022	23 Jun 2022	CPAI-2022-0329			TVT CCTV Hardcoded Credentials
Critical	23 Jun 2022	23 Jun 2022	CPAI-2022-0328			TVT CCTV Authentication Bypass
Critical	23 Jun 2022	23 Jun 2022	CPAI-2022-0327			TVT CCTV Stack Overflow
Critical	7 Jun 2022	23 Jun 2022	CPAI-2018-1805		CVE-2018-19949	QNAP QTS Command Injection (CVE-2018-19949)
Critical	21 Jun 2022	21 Jun 2022	CPAI-2022-0305		CVE-2022-26133	Atlassian Bitbucket Data Center Insecure Deserialization (CVE-2022-26133)
Medium	20 Jun 2022	20 Jun 2022	CPAI-2019-2546		CVE-2019-5825	Google Chrome Out-of-Bounds Write (CVE-2019-5825)
High	20 Jun 2022	20 Jun 2022	CPAI-2021-1197		CVE-2021-38163	SAP NetWeaver Unrestricted File Upload (CVE-2021-38163)
Critical	20 Jun 2022	20 Jun 2022	CPAI-2016-1184		CVE-2016-2386	SAP NetWeaver J2EE Engine SQL Injection (CVE-2016-2386)
Critical	20 Jun 2022	20 Jun 2022	CPAI-2017-1279		CVE-2017-6862	Netgear Routers Buffer Overflow (CVE-2017-6862)
Critical	19 Jun 2022	19 Jun 2022	CPAI-2019-2545		CVE-2019-11708	Mozilla Thunderbird Remote Code Execution (CVE-2019-11708)
High	16 Jun 2022	16 Jun 2022	CPAI-2018-1830		CVE-2018-17480	Google Chrome Out-of-Bounds Write (CVE-2018-17480)
Critical	16 Jun 2022	16 Jun 2022	CPAI-2022-0284			Cisco HyperFlex HX Command Injection (CVE-2021-1497)
High	15 Jun 2022	15 Jun 2022	CPAI-2022-0259		CVE-2022-23676	Aruba ArubaOS Memory Corruption (CVE-2022-23676)
High	15 Jun 2022	15 Jun 2022	CPAI-2022-0252		CVE-2022-23677	Aruba ArubaOS Heap Overflow (CVE-2022-23677)
Medium	13 Jun 2022	13 Jun 2022	CPAI-2021-1196		CVE-2021-28113	Okta Access Gateway Command Injection (CVE-2021-28113)
High	13 Jun 2022	13 Jun 2022	CPAI-2019-2541		CVE-2019-18426	WhatsApp Desktop Cross Site Scripting (CVE-2019-18426)
Critical	13 Jun 2022	13 Jun 2022	CPAI-2021-1117		CVE-2021-45420	Emerson Dixell Arbitrary File Write (CVE-2021-45420)
Medium	9 Jun 2022	9 Jun 2022	CPAI-2022-0276		CVE-2022-25106	D-Link DIR-859 Buffer Overflow (CVE-2022-25106)
Medium	7 Jun 2022	7 Jun 2022	CPAI-2018-1819		CVE-2018-19953	QNAP FileStation Cross Site Scripting (CVE-2018-19953)
Critical	7 Jun 2022	7 Jun 2022	CPAI-2017-1239		CVE-2017-18362	ConnectWise ManagedITSync SQL Injection (CVE-2017-18362)
Critical	7 Jun 2022	7 Jun 2022	CPAI-2021-1188		CVE-2021-43503	Laravel Remote Code Execution (CVE-2021-43503)
High	7 Jun 2022	7 Jun 2022	CPAI-2022-0258		CVE-2022-28108	Selenium Grid Cross-Site Request Forgery (CVE-2022-28108)
Medium	7 Jun 2022	7 Jun 2022	CPAI-2022-0230		CVE-2021-21983	VMware vRealize Operations Manager API Arbitrary File Write (CVE-2021-21983)
High	31 May 2022	31 May 2022	CPAI-2022-0260			Oracle E-Business Information Disclosure
High	30 May 2022	30 May 2022	CPAI-2013-3793		CVE-2013-4710	Google Android Denial Of Service (CVE-2013-4710)
Critical	30 May 2022	30 May 2022	CPAI-2022-0256		CVE-2022-30453	ShopWind Remote Code Execution (CVE-2022-30453)
Critical	30 May 2022	30 May 2022	CPAI-2020-3467		CVE-2020-19213	Piwigo SQL Injection (CVE-2020-19213)
Critical	30 May 2022	30 May 2022	CPAI-2022-0248		CVE-2022-0773	WordPress Documentor Plugin SQL Injection (CVE-2022-0773)
High	30 May 2022	30 May 2022	CPAI-2022-0232			Multiple Websites Distributed Denial of Service
Critical	29 May 2022	29 May 2022	CPAI-2022-0247		CVE-2022-20777	Cisco NFVIS Improper Access Control (CVE-2022-20777)
Critical	24 May 2022	24 May 2022	CPAI-2021-1183		CVE-2021-46441 CVE-2021-46442	D-Link DIR-825 OS Command Injection (CVE-2021-46441; CVE-2021-46442)
High	24 May 2022	24 May 2022	CPAI-2021-1175		CVE-2021-1789	Apple Multiple Products Type Confusion (CVE-2021-1789)
Critical	24 May 2022	24 May 2022	CPAI-2021-1174		CVE-2021-27852	Checkbox Survey Remote Code Execution (CVE-2021-27852)
High	24 May 2022	24 May 2022	CPAI-2022-0211		CVE-2022-27226	IRZ Mobile Router Remote Code Execution (CVE-2022-27226)
Critical	23 May 2022	23 May 2022	CPAI-2022-0244		CVE-2022-29904	MediaWiki Semantic Drilldown SQL Injection (CVE-2022-29904)
Medium	23 May 2022	23 May 2022	CPAI-2018-1802		CVE-2018-6882	Zimbra Collaboration Suite Cross Site Scripting (CVE-2018-6882)
Critical	19 May 2022	19 May 2022	CPAI-2022-0246		CVE-2022-29081	Zoho Multiple Products Authentication Bypass (CVE-2022-29081)
High	17 May 2022	17 May 2022	CPAI-2022-0233		CVE-2022-0415	Gogs File Upload Command Injection (CVE-2022-0415)
High	17 May 2022	17 May 2022	CPAI-2017-1224		CVE-2017-18640	Develar SnakeYAML Entity Expansion (CVE-2017-18640)
Critical	15 May 2022	15 May 2022	CPAI-2021-1171		CVE-2021-23450	Dojo Prototype Pollution (CVE-2021-23450)
Critical	15 May 2022	15 May 2022	CPAI-2019-2528		CVE-2019-1003029	Jenkins Script Security Plugin Remote Code Execution (CVE-2019-1003029)
Medium	12 May 2022	12 May 2022	CPAI-2022-0217		CVE-2022-24248	RiteCMS Directory Traversal (CVE-2022-24248)
High	11 May 2022	11 May 2022	CPAI-2022-0231		CVE-2022-21449	Oracle Java SE Authentication Bypass (CVE-2022-21449)
High	10 May 2022	10 May 2022	CPAI-2022-0236	Adobe APSB22-22	CVE-2022-28818	Adobe ColdFusion Cross-site Scripting (APSB22-22: CVE-2022-28818)
Critical	10 May 2022	10 May 2022	CPAI-2022-0225	Microsoft CVE-2022-22017	CVE-2022-22017	Microsoft Remote Desktop Client Remote Code Execution (CVE-2022-22017)