Home / 2023 Advisories Archive

2023 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Critical	26 Nov 2023	25 Jul 2024	CPAI-2023-0972	CVE-2018-13818 CVE-2019-8341 CVE-2021-21479 CVE-2022-34625 CVE-2024-22722 CVE-2024-25624 CVE-2024-27516 CVE-2024-27623 CVE-2024-2952 CVE-2024-29686 CVE-2024-32406	Python Server-Side Template Injection (CVE-2018-13818; CVE-2019-8341; CVE-2021-21479; CVE-2022-34625; CVE-2024-22722; CVE-2024-25624; CVE-2024-27516; CVE-2024-27623; CVE-2024-2952; CVE-2024-29686; CVE-2024-32406)
Critical	13 Dec 2023	23 Jul 2024	CPAI-2023-1377	CVE-2023-41265 CVE-2023-48365	Qlik Sense HTTP Request Smuggling (CVE-2023-41265; CVE-2023-48365)
Critical	14 Aug 2023	22 Jul 2024	CPAI-2023-0476	CVE-2023-27163	Malicious Encoded Payloads Over HTTP (CVE-2023-27163)
High	25 Jul 2023	22 Jul 2024	CPAI-2023-0229		HTTP Vulnerability Scanner
Critical	12 Mar 2023	18 Jul 2024	CPAI-2022-1331	CVE-2022-45025	Markdown Preview Enhanced Command Injection (CVE-2022-45025)
Critical	15 Nov 2023	16 Jul 2024	CPAI-2023-0976	CVE-2018-14716 CVE-2021-26119 CVE-2022-2073 CVE-2023-3393 CVE-2023-34448 CVE-2024-28116	PHP Server-Side Template Injection (CVE-2018-14716; CVE-2021-26119; CVE-2022-2073; CVE-2023-3393; CVE-2023-34448; CVE-2024-28116)
Medium	4 Dec 2023	15 Jul 2024	CPAI-2023-1179		Mythic HTTP C2 Communication
Critical	14 Dec 2023	15 Jul 2024	CPAI-2023-0802		File Type Mismatch
Critical	18 Jul 2023	15 Jul 2024	CPAI-2014-2505	CVE-2014-3791	Easy File Sharing Buffer Overflow (CVE-2014-3791)
High	9 Jul 2023	15 Jul 2024	CPAI-2022-1683	CVE-2022-30216	Microsoft Windows Server Service Authentication Bypass (CVE-2022-30216)
Critical	18 Jan 2023	14 Jul 2024	CPAI-2022-1130	CVE-2022-44877	CentOS Web Panel Command Injection (CVE-2022-44877)
High	25 Jun 2023	10 Jul 2024	CPAI-2021-1759	CVE-2021-21017 CVE-2021-28550	PDF Malicious JavaScript Obfuscations (CVE-2021-21017; CVE-2021-28550)
Critical	13 Sep 2023	4 Jul 2024	CPAI-2023-0694	CVE-2023-38646	Metabase Remote Code Execution (CVE-2023-38646)
High	18 Jan 2023	4 Jul 2024	CPAI-2022-1107		Assetnote Security Scanner
High	26 Feb 2023	1 Jul 2024	CPAI-2021-1666	CVE-2021-34527	Microsoft Windows Print Spooler Remote Code Execution (CVE-2021-34527)
High	29 Jan 2023	1 Jul 2024	CPAI-2021-1567	CVE-2021-44142	Samba Out-Of-Bounds Read and Write (CVE-2021-44142)
Critical	21 Sep 2023	27 Jun 2024	CPAI-2022-1744	CVE-2022-24816	GeoSolutionsGroup JAI-EXT Remote Code Execution (CVE-2022-24816)
Critical	18 Oct 2023	25 Jun 2024	CPAI-2023-0927	CVE-2023-20198	Cisco IOS XE Authentication Bypass (CVE-2023-20198)
High	9 Jul 2023	25 Jun 2024	CPAI-2021-1798	CVE-2021-37200	Siemens SINEC Network Management System Arbitrary File Download (CVE-2021-37200)
Medium	7 May 2023	25 Jun 2024	CPAI-2021-1735	CVE-2021-35590	Oracle MySQL Cluster Remote Code Execution (CVE-2021-35590)
Critical	4 May 2023	25 Jun 2024	CPAI-2021-1724	CVE-2021-37926	Zoho Corp ManageEngine ADManager Plus Unrestricted File Upload (CVE-2021-37926)
Critical	30 Apr 2023	25 Jun 2024	CPAI-2021-1713	CVE-2021-38294	Apache Storm Nimbus Server Remote Code Execution (CVE-2021-38294)
Critical	8 Mar 2023	25 Jun 2024	CPAI-2022-1241	CVE-2022-43781	Atlassian Bitbucket Command Injection (CVE-2022-43781)
Critical	29 Aug 2023	24 Jun 2024	CPAI-2023-0686	CVE-2022-28491 CVE-2022-28495 CVE-2022-40847 CVE-2023-1457 CVE-2023-1458 CVE-2023-24154 CVE-2023-24159 CVE-2023-31569 CVE-2023-31856 CVE-2023-33486 CVE-2023-36457 CVE-2023-38862 CVE-2023-38863 CVE-2023-38864	Generic HTTP Command Injection (CVE-2022-28491; CVE-2022-28495; CVE-2022-40847; CVE-2023-1457; CVE-2023-1458; CVE-2023-24154; CVE-2023-24159; CVE-2023-31569; CVE-2023-31856; CVE-2023-33486; CVE-2023-36457; CVE-2023-38862; CVE-2023-38863; CVE-2023-38864)
High	7 May 2023	24 Jun 2024	CPAI-2021-1736	CVE-2021-27276	NETGEAR ProSAFE Network Management System Denial of Service (CVE-2021-27276)
Critical	6 Sep 2023	23 Jun 2024	CPAI-2023-0664	CVE-2018-20676 CVE-2018-20677 CVE-2019-8331 CVE-2020-11110 CVE-2020-35946 CVE-2022-0963 CVE-2022-42141 CVE-2022-44957 CVE-2023-27008 CVE-2023-33408 CVE-2023-36287 CVE-2023-4636 CVE-2024-30989 CVE-2024-3378	Cross-Site Scripting Over HTTP (CVE-2018-20676; CVE-2018-20677; CVE-2019-8331; CVE-2020-11110; CVE-2020-35946; CVE-2022-0963; CVE-2022-42141; CVE-2022-44957; CVE-2023-27008; CVE-2023-33408; CVE-2023-36287; CVE-2023-4636; CVE-2024-30989; CVE-2024-3378)
High	14 Aug 2023	23 Jun 2024	CPAI-2021-1817	CVE-2021-23138	WECON LeviStudioU Buffer Overflow (CVE-2021-23138)
Medium	7 May 2023	23 Jun 2024	CPAI-2021-1730	CVE-2021-25919	OpenEMR Cross-Site Scripting (CVE-2021-25919)
High	4 May 2023	23 Jun 2024	CPAI-2021-1717	CVE-2021-27272	NETGEAR ProSAFE Network Management System Denial of Service (CVE-2021-27272)
Critical	24 Jul 2023	20 Jun 2024	CPAI-2023-0568	CVE-2023-3519	Citrix NetScaler Remote Code Execution (CVE-2023-3519)
Critical	5 Feb 2023	20 Jun 2024	CPAI-2019-2754	CVE-2019-0230	Apache Struts OGNL Remote Code Execution (CVE-2019-0230)
High	8 Mar 2023	19 Jun 2024	CPAI-2022-1242	CVE-2022-37958	Microsoft Windows NEGOEX Buffer Overflow (CVE-2022-37958)
Critical	7 Feb 2023	16 Jun 2024	CPAI-2022-1161	CVE-2022-46552 CVE-2022-46641 CVE-2022-46642 CVE-2023-43284	D-Link DIR-846 Command Injection (CVE-2022-46552; CVE-2022-46641; CVE-2022-46642; CVE-2023-43284)
Critical	4 Dec 2023	13 Jun 2024	CPAI-2018-2634	CVE-2018-7584	PHP Stack Buffer Overflow (CVE-2018-7584)
High	28 May 2023	13 Jun 2024	CPAI-2022-1536	CVE-2022-24627 CVE-2022-24628	Audiocodes Device Manager Express SQL Injection (CVE-2022-24627; CVE-2022-24628)
Critical	29 Jan 2023	10 Jun 2024	CPAI-2021-1561	CVE-2021-46422 CVE-2024-29269	Telesquare Multiple Products Command Injection (CVE-2021-46422; CVE-2024-29269)
Medium	21 Nov 2023	9 Jun 2024	CPAI-2018-2629	CVE-2018-8831	Kodi Cross-Site Scripting (CVE-2018-8831)
High	7 May 2023	9 Jun 2024	CPAI-2023-0295	CVE-2023-27253	Netgate pfSense Command Injection (CVE-2023-27253)
Critical	12 Mar 2023	9 Jun 2024	CPAI-2019-2839	CVE-2019-16119	WordPress 10Web Photo Gallery Plugin SQL Injection (CVE-2019-16119)
High	11 Dec 2023	6 Jun 2024	CPAI-2023-1367	CVE-2023-24955	Microsoft SharePoint Remote Code Execution (CVE-2023-24955)
Critical	5 Nov 2023	5 Jun 2024	CPAI-2023-1080	CVE-2023-46604	Apache ActiveMQ Remote Code Execution (CVE-2023-46604)
High	18 Apr 2023	5 Jun 2024	CPAI-2023-0168	CVE-2023-28432 CVE-2023-28434	MinIO Information Disclosure (CVE-2023-28432; CVE-2023-28434)
Critical	5 Feb 2023	5 Jun 2024	CPAI-2022-1155	CVE-2022-21587	Oracle E-Business Suite Arbitrary File Upload (CVE-2022-21587)
Critical	23 Feb 2023	4 Jun 2024	CPAI-2022-1233	CVE-2022-24697	Apache Kylin Command Injection (CVE-2022-24697)
Critical	29 Jan 2023	4 Jun 2024	CPAI-2022-1142	CVE-2021-39352 CVE-2022-3416 CVE-2022-3912 CVE-2022-3982 CVE-2022-3989 CVE-2022-4047 CVE-2022-4061 CVE-2023-2068 CVE-2023-3342 CVE-2023-4596 CVE-2023-48777 CVE-2023-5601 CVE-2024-5084	WordPress Multiple Plugins Arbitrary File Upload (CVE-2021-39352; CVE-2022-3416; CVE-2022-3912; CVE-2022-3982; CVE-2022-3989; CVE-2022-4047; CVE-2022-4061; CVE-2023-2068; CVE-2023-3342; CVE-2023-4596; CVE-2023-48777; CVE-2023-5601; CVE-2024-5084)
Critical	9 Oct 2023	3 Jun 2024	CPAI-2023-0805	CVE-2023-32563	Ivanti Avalanche Remote Code Execution (CVE-2023-32563)
Critical	7 May 2023	3 Jun 2024	CPAI-2022-1498	CVE-2022-26013	Delta DIAEnergie SQL Injection (CVE-2022-26013)
Medium	4 May 2023	3 Jun 2024	CPAI-2022-1463	CVE-2022-27166	Apache JSPWiki Cross-Site Scripting (CVE-2022-27166)
Critical	13 Dec 2023	2 Jun 2024	CPAI-2023-1393	CVE-2023-50164	Apache Struts Directory Traversal (CVE-2023-50164)
Critical	16 Oct 2023	2 Jun 2024	CPAI-2023-0917	CVE-2023-22515	Atlassian Confluence Authentication Bypass (CVE-2023-22515)