Home / 2023 Advisories Archive

2023 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	12 Nov 2023	12 Nov 2023	CPAI-2020-4073	CVE-2020-13383	OpenSIS Remote Code Execution (CVE-2020-13383)
Critical	12 Nov 2023	12 Nov 2023	CPAI-2020-4071	CVE-2020-13381	OpenSIS SQL Injection (CVE-2020-13381)
Critical	12 Nov 2023	12 Nov 2023	CPAI-2017-1716	CVE-2017-8835	Peplink Balance Routers SQL Injection (CVE-2017-8835)
High	12 Nov 2023	12 Nov 2023	CPAI-2019-3120	CVE-2019-10867	Pimcore Remote Code Execution (CVE-2019-10867)
High	12 Nov 2023	12 Nov 2023	CPAI-2021-2050	CVE-2021-32706	Pi-hole Command Injection (CVE-2021-32706)
Critical	12 Nov 2023	12 Nov 2023	CPAI-2017-1715	CVE-2017-9080 CVE-2017-9101	PlaySMS Remote Code Execution (CVE-2017-9080; CVE-2017-9101)
Medium	12 Nov 2023	12 Nov 2023	CPAI-2023-1119		Zoho ManageEngine Applications Manager getAssociateMonitors SQL Injection
High	12 Nov 2023	12 Nov 2023	CPAI-2020-4070	CVE-2020-7351	NetFortris Trixbox Command Injection (CVE-2020-7351)
Critical	12 Nov 2023	12 Nov 2023	CPAI-2020-4069	CVE-2020-10915	Veeam ONE Remote Code Execution (CVE-2020-10915)
Medium	12 Nov 2023	12 Nov 2023	CPAI-2023-1114	CVE-2023-4137	WordPress AYS Popup Box Plugin Cross-Site Scripting (CVE-2023-4137)
Medium	12 Nov 2023	12 Nov 2023	CPAI-2023-1113	CVE-2023-40176	XWiki Cross-Site Scripting (CVE-2023-40176)
High	12 Nov 2023	12 Nov 2023	CPAI-2023-1085		Microsoft Windows wab32res.dll Insecure Library Loading
High	12 Nov 2023	12 Nov 2023	CPAI-2023-0874	CVE-2023-3486	PaperCut MF/NG Directory Traversal (CVE-2023-3486)
High	12 Nov 2023	12 Nov 2023	CPAI-2018-2446	CVE-2018-2992	Oracle Outside In Technology Out-Of-Bounds Read (CVE-2018-2992)
Critical	8 Nov 2023	8 Nov 2023	CPAI-2023-1022	CVE-2023-4548	SPA-Cart eCommerce CMS SQL Injection (CVE-2023-4548)
High	8 Nov 2023	8 Nov 2023	CPAI-2023-0975	CVE-2023-38836	BoidCMS Arbitrary File Upload (CVE-2023-38836)
Critical	7 Nov 2023	7 Nov 2023	CPAI-2023-1093	CVE-2023-28502	Rocket Software Buffer Overflow (CVE-2023-28502)
Medium	7 Nov 2023	7 Nov 2023	CPAI-2018-2617	CVE-2018-1189	Dell EMC Isilon Cross-Site Scripting (CVE-2018-1189)
Critical	7 Nov 2023	7 Nov 2023	CPAI-2019-3118	CVE-2019-7214	SmarterTools SmarterMail Remote Code Execution (CVE-2019-7214)
Medium	7 Nov 2023	7 Nov 2023	CPAI-2023-1061	CVE-2023-4547	SPA-Cart eCommerce CMS Cross-Site Scripting (CVE-2023-4547)
Medium	7 Nov 2023	7 Nov 2023	CPAI-2023-1029		FreePBX Framework remotemod Remote Command Execution
Critical	7 Nov 2023	7 Nov 2023	CPAI-2023-1021	CVE-2023-28503	Rocket Software Authentication Bypass (CVE-2023-28503)
Critical	7 Nov 2023	7 Nov 2023	CPAI-2019-3116	CVE-2019-9194	Studio42 elFinder Remote Code Execution (CVE-2019-9194)
High	7 Nov 2023	7 Nov 2023	CPAI-2023-1018		MailEnable IMAP Service APPEND Command Handling Buffer Overflow
Critical	7 Nov 2023	7 Nov 2023	CPAI-2023-1016	CVE-2023-27372	SPIP Remote Code Execution (CVE-2023-27372)
High	7 Nov 2023	7 Nov 2023	CPAI-2023-0998		Cisco Nexus Dashboard Fabric Controller AMF External Entity Injection
Critical	7 Nov 2023	7 Nov 2023	CPAI-2020-4066	CVE-2020-5723 CVE-2020-5724 CVE-2020-5725	Grandstream UCM6200 SQL Injection (CVE-2020-5723; CVE-2020-5724; CVE-2020-5725)
High	16 Oct 2023	7 Nov 2023	CPAI-2015-1538	CVE-2015-4068	Arcserve Unified Data Protection Directory Traversal (CVE-2015-4068)
High	16 Feb 2023	7 Nov 2023	CPAI-2022-1217	CVE-2021-45839 CVE-2021-45841 CVE-2021-45842 CVE-2022-24990	TerraMaster TOS Information Disclosure (CVE-2021-45839; CVE-2021-45841; CVE-2021-45842; CVE-2022-24990)
High	6 Nov 2023	6 Nov 2023	CPAI-2023-1117	CVE-2023-36745	Microsoft Exchange Server Remote Code Execution (CVE-2023-36745)
High	5 Nov 2023	5 Nov 2023	CPAI-2023-1010	CVE-2023-27363	Foxit PDF Remote Code Execution (CVE-2023-27363)
High	5 Nov 2023	5 Nov 2023	CPAI-2023-1007		Advantech WebAccess SCADA IOCTL 10001 BwPSLink.exe Arbitrary File Deletion
High	5 Nov 2023	5 Nov 2023	CPAI-2023-1004		Nagios Log Server Mail Settings Stored Cross-Site Scripting
Medium	5 Nov 2023	5 Nov 2023	CPAI-2023-1001		OpenEMR Usergroup_admin.php Stored Cross-Site Scripting
Medium	5 Nov 2023	5 Nov 2023	CPAI-2023-1000		Zoho ManageEngine Applications Manager showMonitorGroupView SQL Injection
High	5 Nov 2023	5 Nov 2023	CPAI-2023-0997		Centreon graph-split.php chartId SQL Injection
High	5 Nov 2023	5 Nov 2023	CPAI-2023-0996	CVE-2023-40502	LG Simple Editor cropImage Directory Traversal (CVE-2023-40502)
High	5 Nov 2023	5 Nov 2023	CPAI-2023-0995	CVE-2023-43661	All-Three Cachet Remote Code Execution (CVE-2023-43661)
Medium	5 Nov 2023	5 Nov 2023	CPAI-2017-1714	CVE-2017-6973 CVE-2017-7241 CVE-2017-7309	MantisBT Cross-Site Scripting (CVE-2017-7309; CVE-2017-6973; CVE-2017-7241)
High	5 Nov 2023	5 Nov 2023	CPAI-2023-0978		vBulletin routestring Local File Inclusion
Medium	5 Nov 2023	5 Nov 2023	CPAI-2021-2044	CVE-2021-24891	WordPress Elementor Website Builder Plugin Cross-Site Scripting (CVE-2021-24891)
High	5 Nov 2023	5 Nov 2023	CPAI-2022-1936	CVE-2022-34876 CVE-2022-34877 CVE-2022-34878	VICIdial SQL Injection (CVE-2022-34876; CVE-2022-34877; CVE-2022-34878)
High	5 Nov 2023	5 Nov 2023	CPAI-2021-2042	CVE-2021-35401	Prolink PRC2402M Command Injection (CVE-2021-35401)
Medium	5 Nov 2023	5 Nov 2023	CPAI-2020-3988	CVE-2020-10821	Nagios XI Cross-Site Scripting (CVE-2020-10821)
High	2 Nov 2023	2 Nov 2023	CPAI-2023-0970	CVE-2023-43261	Milesight Multiple Products Information Disclosure (CVE-2023-43261)
High	2 Nov 2023	2 Nov 2023	CPAI-2023-0968	CVE-2023-32153	D-Link DIR-2640 HNAP EmailFrom Command Injection (CVE-2023-32153)
High	2 Nov 2023	2 Nov 2023	CPAI-2023-0964		Nagios XI utils-rrdexport.inc.php get_rrd_data Command Injection
High	2 Nov 2023	2 Nov 2023	CPAI-2023-0963		Cisco UCS Director AMF External Entity Injection
High	2 Nov 2023	2 Nov 2023	CPAI-2023-0962		Centreon hostGroupDependency.php dep_id SQL Injection
High	2 Nov 2023	2 Nov 2023	CPAI-2023-0961		Delta Industrial Automation DIAEnergie AM_Handler tp SQL Injection