Home / 2023 Advisories Archive

2023 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	24 Oct 2023	24 Oct 2023	CPAI-2023-0900	CVE-2023-37569	ESDS Emagic Data Center Management Suite Command Injection (CVE-2023-37569)
High	23 Oct 2023	23 Oct 2023	CPAI-2017-1702	CVE-2017-5254	Cambium Networks ePMP Authentication Bypass (CVE-2017-5254)
High	23 Oct 2023	23 Oct 2023	CPAI-2017-1701	CVE-2017-5259	Cambium Networks cnPilot Command Injection (CVE-2017-5259)
Critical	23 Oct 2023	23 Oct 2023	CPAI-2023-0778		Metasploit Linux Reverse Shell Payloads
Critical	22 Oct 2023	22 Oct 2023	CPAI-2023-0928	CVE-2023-3710 CVE-2023-3712	Honeywell PM43 Printer Command Injection (CVE-2023-3710; CVE-2023-3712)
High	22 Oct 2023	22 Oct 2023	CPAI-2017-1704	CVE-2017-16709	Crestron AirMedia Command Injection (CVE-2017-16709)
High	19 Oct 2023	19 Oct 2023	CPAI-2014-2513	CVE-2014-4113	Microsoft Windows Privilege Escalation (CVE-2014-4113)
Critical	19 Oct 2023	19 Oct 2023	CPAI-2020-4052	CVE-2020-9294	Fortinet Multiple Products Authentication Bypass (CVE-2020-9294)
High	6 Sep 2023	19 Oct 2023	CPAI-2023-0584		Metasploit Windows Reverse Shell Payloads
Medium	17 Oct 2023	17 Oct 2023	CPAI-2023-0914	CVE-2023-31419	Elasticsearch Stack Overflow (CVE-2023-31419)
High	16 Oct 2023	16 Oct 2023	CPAI-2023-0907	CVE-2023-40492	LG Simple Editor deleteCheckSession Directory Traversal (CVE-2023-40492)
High	16 Oct 2023	16 Oct 2023	CPAI-2023-0902	CVE-2023-38886	Dolibarr ERP CRM Remote Code Execution (CVE-2023-38886)
High	16 Oct 2023	16 Oct 2023	CPAI-2023-0898	CVE-2023-40494	LG Simple Editor deleteFolder Directory Traversal (CVE-2023-40494)
High	16 Oct 2023	16 Oct 2023	CPAI-2023-0895	CVE-2023-32167	D-Link D-View uploadMib Directory Traversal (CVE-2023-32167)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2018-2605	CVE-2018-14667	RedHat RichFaces Code Injection (CVE-2018-14667)
Medium	16 Oct 2023	16 Oct 2023	CPAI-2023-0806	CVE-2023-41249	JetBrains TeamCity Cross-Site Scripting (CVE-2023-41249)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2020-4017	CVE-2020-10220	RConfig SQL Injection (CVE-2020-10220)
High	16 Oct 2023	16 Oct 2023	CPAI-2020-3991	CVE-2020-13158	Articatech Artica Proxy Directory Traversal (CVE-2020-13158)
Medium	16 Oct 2023	16 Oct 2023	CPAI-2020-3985	CVE-2020-12259	RConfig Cross-Site Scripting (CVE-2020-12259)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2020-3983	CVE-2020-17506	Artica Web Proxy SQL Injection (CVE-2020-17506)
High	16 Oct 2023	16 Oct 2023	CPAI-2020-3974	CVE-2020-12255	RConfig Remote Code Execution (CVE-2020-12255)
High	16 Oct 2023	16 Oct 2023	CPAI-2020-3958	CVE-2020-17408	NEC Expresscluster X XML External Entity Injection (CVE-2020-17408)
Medium	16 Oct 2023	16 Oct 2023	CPAI-2020-3957	CVE-2020-12256	RConfig Cross-Site Scripting (CVE-2020-12256)
Medium	16 Oct 2023	16 Oct 2023	CPAI-2020-3937	CVE-2020-2096	Jenkins Gitlab Hook Plugin Cross-Site Scripting (CVE-2020-2096)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2020-3921	CVE-2020-27131	Cisco Security Manager Insecure Deserialization (CVE-2020-27131)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2023-0804	CVE-2023-39361	Cacti SQL Injection (CVE-2023-39361)
Medium	16 Oct 2023	16 Oct 2023	CPAI-2018-2537	CVE-2018-5712	PHP Cross-Site Scripting (CVE-2018-5712)
High	16 Oct 2023	16 Oct 2023	CPAI-2018-2466	CVE-2018-4019 CVE-2018-4020 CVE-2018-4021	Netgate pfSense Command Injection (CVE-2018-4021; CVE-2018-4019; CVE-2018-4020)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2019-2950	CVE-2019-7276	Optergy Multiple Products Remote Code Execution (CVE-2019-7276)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2023-0706	CVE-2023-36934	Progress MOVEit Transfer SQL Injection (CVE-2023-36934)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2022-1569	CVE-2022-0412	WordPress TemplateInvaders TI WooCommerce Wishlist Plugin SQL Injection (CVE-2022-0412)
High	15 Oct 2023	15 Oct 2023	CPAI-2023-0923	CVE-2023-44487	HTTP/2 Denial of Service (CVE-2023-44487)
High	15 Oct 2023	15 Oct 2023	CPAI-2023-0881	CVE-2023-4169	Ruijie RG-EW1200G Improper Access Control (CVE-2023-4169)
High	12 Oct 2023	15 Oct 2023	CPAI-2023-0892	CVE-2023-27121	Pleasant Password Server Cross Site Scripting (CVE-2023-27121)
High	15 Oct 2023	15 Oct 2023	CPAI-2023-0877	CVE-2023-24998	Apache Commons FileUpload Denial of Service (CVE-2023-24998)
High	12 Oct 2023	12 Oct 2023	CPAI-2022-1745	CVE-2022-24834	Redis Buffer Overflow (CVE-2022-24834)
High	21 Sep 2023	12 Oct 2023	CPAI-2023-0803	CVE-2023-39108 CVE-2023-39109 CVE-2023-39110	rConfig Server-Side Request Forgery (CVE-2023-39108; CVE-2023-39109; CVE-2023-39110)
High	7 Aug 2023	4 Oct 2023	CPAI-2017-1680	CVE-2017-5637	Apache ZooKeeper Denial Of Service (CVE-2017-5637)
Critical	3 Oct 2023	3 Oct 2023	CPAI-2021-2027	CVE-2021-44228	Apache Log4j Remote Code Execution over Non-Standard Ports (CVE-2021-44228)
High	3 Oct 2023	3 Oct 2023	CPAI-2023-0812	CVE-2023-34133	SonicWall SQL Injection (CVE-2023-34133)
High	21 Mar 2023	3 Oct 2023	CPAI-2023-0134		Emotet UPS Phishing Email Campaign
Critical	2 Oct 2023	2 Oct 2023	CPAI-2018-2604	CVE-2018-14364	GitLab Arbitrary File Write (CVE-2018-14364)
Medium	1 Oct 2023	1 Oct 2023	CPAI-2023-0875	CVE-2023-2164	GitLab Cross-Site Scripting (CVE-2023-2164)
High	1 Oct 2023	1 Oct 2023	CPAI-2023-0824	CVE-2023-32150	D-Link DIR-2640 HNAP PrefixLen Command Injection (CVE-2023-32150)
Critical	1 Oct 2023	1 Oct 2023	CPAI-2022-1865	CVE-2022-26887	Delta DIAEnergie SQL Injection (CVE-2022-26887)
Critical	1 Oct 2023	1 Oct 2023	CPAI-2022-1861	CVE-2022-31061	GLPI SQL Injection (CVE-2022-31061)
Critical	1 Oct 2023	1 Oct 2023	CPAI-2022-1859	CVE-2022-1905	WordPress E-Dynamics Events Made Easy Plugin SQL Injection (CVE-2022-1905)
Critical	1 Oct 2023	1 Oct 2023	CPAI-2022-1823	CVE-2022-34265	Django SQL Injection (CVE-2022-34265)
High	1 Oct 2023	1 Oct 2023	CPAI-2021-1996	CVE-2021-41843	OpenEMR Calendar Search SQL Injection (CVE-2021-41843)
Medium	1 Oct 2023	1 Oct 2023	CPAI-2022-1762	CVE-2022-1476	WordPress ServMask All-in-One WP Migration Plugin Directory Traversal (CVE-2022-1476)