Home / 2023 Advisories Archive

2023 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Critical	2 Nov 2023	2 Nov 2023	CPAI-2022-1572	CVE-2022-26245	Open-Falcon Falcon-Plus SQL Injection (CVE-2022-26245)
High	2 Nov 2023	2 Nov 2023	CPAI-2023-0974	CVE-2023-46370	Tenda W18E Command Injection (CVE-2023-46370)
High	1 Nov 2023	1 Nov 2023	CPAI-2018-2615	CVE-2018-18982	NUUO CMS SQL Injection (CVE-2018-18982)
Critical	1 Nov 2023	1 Nov 2023	CPAI-2018-2614	CVE-2018-17934 CVE-2018-17936	NUUO CMS Information Disclosure (CVE-2018-17934; CVE-2018-17936)
Critical	30 Oct 2023	30 Oct 2023	CPAI-2021-2040	CVE-2020-28653 CVE-2021-3287	Zoho Corp ManageEngine OpManager Remote Code Execution (CVE-2020-28653; CVE-2021-3287)
High	30 Oct 2023	30 Oct 2023	CPAI-2023-0905		WordPress Forminator Plugin Remote Code Execution
Critical	23 Aug 2023	30 Oct 2023	CPAI-2023-0697	CVE-2023-2868	Barracuda Email Security Gateway Command Injection (CVE-2023-2868)
Critical	29 Oct 2023	29 Oct 2023	CPAI-2020-4065	CVE-2020-11698	TitanHQ SpamTitan Remote Code Execution (CVE-2020-11698)
High	29 Oct 2023	29 Oct 2023	CPAI-2017-1706	CVE-2017-16806	Ulterius Server Directory Traversal (CVE-2017-16806)
High	29 Oct 2023	29 Oct 2023	CPAI-2021-2039	CVE-2021-24917	WordPress WPS Hide Login Plugin Authentication Bypass (CVE-2021-24917)
High	29 Oct 2023	29 Oct 2023	CPAI-2023-0944	CVE-2023-39362	Cacti Command Injection (CVE-2023-39362)
Critical	29 Oct 2023	29 Oct 2023	CPAI-2023-0940		Ivanti Avalanche Certificate Management Server Insecure Deserialization
Critical	29 Oct 2023	29 Oct 2023	CPAI-2017-1705	CVE-2017-2741	HP Printers Path Traversal (CVE-2017-2741)
Critical	29 Oct 2023	29 Oct 2023	CPAI-2023-0915	CVE-2023-40497	LG Simple Editor saveXml Directory Traversal (CVE-2023-40497)
High	29 Oct 2023	29 Oct 2023	CPAI-2023-0813	CVE-2023-40496	LG Simple Editor copyStickerContent Directory Traversal (CVE-2023-40496)
Critical	13 Jun 2023	26 Oct 2023	CPAI-2023-0422	CVE-2023-27997	Fortinet Multiple Products Heap-Based Buffer Overflow (CVE-2023-27997)
Critical	25 Oct 2023	25 Oct 2023	CPAI-2022-1933	CVE-2022-39379	Fluentd Oj Parser Command Injection (CVE-2022-39379)
Critical	25 Oct 2023	25 Oct 2023	CPAI-2020-4060	CVE-2020-36239	Atlassian Jira Insecure Deserialization (CVE-2020-36239)
Critical	25 Oct 2023	25 Oct 2023	CPAI-2020-4059	CVE-2020-13957	Apache Solr Remote Code Execution (CVE-2020-13957)
High	25 Oct 2023	25 Oct 2023	CPAI-2020-4058	CVE-2020-27386	FlexDotnetCMS Unrestricted File Upload (CVE-2020-27386)
High	24 Oct 2023	24 Oct 2023	CPAI-2023-0943	CVE-2023-34051	VMware vRealize Log Insight Authentication Bypass (CVE-2023-34051)
High	24 Oct 2023	24 Oct 2023	CPAI-2016-1245	CVE-2016-6367	Cisco Adaptive Security Appliance Privilege Escalation (CVE-2016-6367)
Medium	24 Oct 2023	24 Oct 2023	CPAI-2023-0919		Nagios XI CCM admin_views.inc.php Arbitrary File Overwrite
Critical	24 Oct 2023	24 Oct 2023	CPAI-2023-0918		Ivanti Avalanche Notification Server Insecure Deserialization
Critical	24 Oct 2023	24 Oct 2023	CPAI-2017-1700	CVE-2017-18044	Commvault Remote Code Execution (CVE-2017-18044)
Critical	24 Oct 2023	24 Oct 2023	CPAI-2023-0904	CVE-2023-29689	PyroCMS Server-Side Template Injection (CVE-2023-29689)
High	24 Oct 2023	24 Oct 2023	CPAI-2023-0901	CVE-2023-28709	Apache Tomcat Denial of Service (CVE-2023-28709)
High	24 Oct 2023	24 Oct 2023	CPAI-2023-0900	CVE-2023-37569	ESDS Emagic Data Center Management Suite Command Injection (CVE-2023-37569)
High	23 Oct 2023	23 Oct 2023	CPAI-2017-1702	CVE-2017-5254	Cambium Networks ePMP Authentication Bypass (CVE-2017-5254)
High	23 Oct 2023	23 Oct 2023	CPAI-2017-1701	CVE-2017-5259	Cambium Networks cnPilot Command Injection (CVE-2017-5259)
Critical	23 Oct 2023	23 Oct 2023	CPAI-2023-0778		Metasploit Linux Reverse Shell Payloads
Critical	22 Oct 2023	22 Oct 2023	CPAI-2023-0928	CVE-2023-3710 CVE-2023-3712	Honeywell PM43 Printer Command Injection (CVE-2023-3710; CVE-2023-3712)
High	22 Oct 2023	22 Oct 2023	CPAI-2017-1704	CVE-2017-16709	Crestron AirMedia Command Injection (CVE-2017-16709)
Critical	22 Feb 2023	22 Oct 2023	CPAI-2020-3423	CVE-2020-25223	Sophos SG UTM Command Injection (CVE-2020-25223)
High	19 Oct 2023	19 Oct 2023	CPAI-2014-2513	CVE-2014-4113	Microsoft Windows Privilege Escalation (CVE-2014-4113)
Critical	19 Oct 2023	19 Oct 2023	CPAI-2020-4052	CVE-2020-9294	Fortinet Multiple Products Authentication Bypass (CVE-2020-9294)
High	6 Sep 2023	19 Oct 2023	CPAI-2023-0584		Metasploit Windows Reverse Shell Payloads
Medium	17 Oct 2023	17 Oct 2023	CPAI-2023-0914	CVE-2023-31419	Elasticsearch Stack Overflow (CVE-2023-31419)
High	16 Oct 2023	16 Oct 2023	CPAI-2023-0907	CVE-2023-40492	LG Simple Editor deleteCheckSession Directory Traversal (CVE-2023-40492)
High	16 Oct 2023	16 Oct 2023	CPAI-2023-0902	CVE-2023-38886	Dolibarr ERP CRM Remote Code Execution (CVE-2023-38886)
High	16 Oct 2023	16 Oct 2023	CPAI-2023-0898	CVE-2023-40494	LG Simple Editor deleteFolder Directory Traversal (CVE-2023-40494)
High	16 Oct 2023	16 Oct 2023	CPAI-2023-0895	CVE-2023-32167	D-Link D-View uploadMib Directory Traversal (CVE-2023-32167)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2018-2605	CVE-2018-14667	RedHat RichFaces Code Injection (CVE-2018-14667)
Medium	16 Oct 2023	16 Oct 2023	CPAI-2023-0806	CVE-2023-41249	JetBrains TeamCity Cross-Site Scripting (CVE-2023-41249)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2019-3106	CVE-2019-15976	Cisco Data Center Network Manager Authentication Bypass (CVE-2019-15976)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2020-4017	CVE-2020-10220	RConfig SQL Injection (CVE-2020-10220)
High	16 Oct 2023	16 Oct 2023	CPAI-2020-3991	CVE-2020-13158	Articatech Artica Proxy Directory Traversal (CVE-2020-13158)
Medium	16 Oct 2023	16 Oct 2023	CPAI-2020-3985	CVE-2020-12259	RConfig Cross-Site Scripting (CVE-2020-12259)
Critical	16 Oct 2023	16 Oct 2023	CPAI-2020-3983	CVE-2020-17506	Artica Web Proxy SQL Injection (CVE-2020-17506)
High	16 Oct 2023	16 Oct 2023	CPAI-2020-3974	CVE-2020-12255	RConfig Remote Code Execution (CVE-2020-12255)