Medium
|
15 May 2024 |
6 Jun 2024 |
CPAI-2024-0214
|
|
CVE-2024-28253 CVE-2024-28254 CVE-2024-28847 CVE-2024-28848
|
OpenMetadata SpEL Injection (CVE-2024-28253; CVE-2024-28254; CVE-2024-28847; CVE-2024-28848)
|
Critical
|
17 Apr 2024 |
6 Jun 2024 |
CPAI-2024-0137
|
|
|
PHP Functions Remote Code Execution
|
Critical
|
5 Jun 2024 |
5 Jun 2024 |
CPAI-2023-1725
|
|
CVE-2023-51126
|
FLIR AX8 Command Injection (CVE-2023-51126)
|
High
|
5 Jun 2024 |
5 Jun 2024 |
CPAI-2023-1721
|
|
CVE-2023-33781
|
D-Link DIR-842V2 Information Disclosure (CVE-2023-33781)
|
High
|
5 Jun 2024 |
5 Jun 2024 |
CPAI-2024-0300
|
|
CVE-2024-25735
|
WyreStorm Apollo VX20 Information Disclosure (CVE-2024-25735)
|
Medium
|
4 Jun 2024 |
4 Jun 2024 |
CPAI-2024-0366
|
|
CVE-2024-34032
|
Delta Electronics DIAEnergie SQL Injection (CVE-2024-34032)
|
High
|
4 Jun 2024 |
4 Jun 2024 |
CPAI-2024-0352
|
|
CVE-2024-21683
|
Atlassian Confluence Remote Code Execution (CVE-2024-21683)
|
High
|
3 Jun 2024 |
3 Jun 2024 |
CPAI-2024-0362
|
|
CVE-2024-28736
|
Debezium UI Information Disclosure (CVE-2024-28736)
|
High
|
3 Jun 2024 |
3 Jun 2024 |
CPAI-2024-0358
|
|
CVE-2024-25869
|
CodeAstro Membership Management System Arbitrary File Upload (CVE-2024-25869)
|
High
|
3 Jun 2024 |
3 Jun 2024 |
CPAI-2024-0356
|
|
CVE-2024-22512
|
Allegra Improper Access Control (CVE-2024-22512)
|
High
|
3 Jun 2024 |
3 Jun 2024 |
CPAI-2024-0351
|
|
CVE-2024-25575
|
Foxit Reader Type Confusion (CVE-2024-25575)
|
High
|
3 Jun 2024 |
3 Jun 2024 |
CPAI-2024-0346
|
|
CVE-2024-30491
|
WordPress Metagauss ProfileGrid Plugin SQL Injection (CVE-2024-30491)
|
High
|
3 Jun 2024 |
3 Jun 2024 |
CPAI-2023-1735
|
|
CVE-2022-27286 CVE-2022-27287 CVE-2022-27288 CVE-2022-27289 CVE-2023-43860 CVE-2023-43861 CVE-2023-43862 CVE-2023-43863 CVE-2023-43864 CVE-2023-43865 CVE-2023-43866 CVE-2023-43867 CVE-2023-43868 CVE-2023-43869
|
D-Link Multiple Products Buffer Overflow (CVE-2022-27286; CVE-2022-27287; CVE-2022-27288; CVE-2022-27289; CVE-2023-43860; CVE-2023-43861; CVE-2023-43862; CVE-2023-43863; CVE-2023-43864; CVE-2023-43865; CVE-2023-43866; CVE-2023-43867; CVE-2023-43868; CVE-2023-43869)
|
Critical
|
3 Jun 2024 |
3 Jun 2024 |
CPAI-2023-1731
|
|
CVE-2023-34992
|
Fortinet FortiSIEM Command Injection (CVE-2023-34992)
|
High
|
3 Jun 2024 |
3 Jun 2024 |
CPAI-2023-1705
|
|
CVE-2023-49906 CVE-2023-49907 CVE-2023-49908 CVE-2023-49909 CVE-2023-49910 CVE-2023-49911 CVE-2023-49912 CVE-2023-49913
|
TP-Link AC1350 Buffer Overflow (CVE-2023-49906; CVE-2023-49907; CVE-2023-49908; CVE-2023-49909; CVE-2023-49910; CVE-2023-49911; CVE-2023-49912; CVE-2023-49913)
|
Critical
|
18 Apr 2024 |
3 Jun 2024 |
CPAI-2024-0186
|
|
CVE-2024-23759
|
Gambio Insecure Deserialization (CVE-2024-23759)
|
High
|
2 Jun 2024 |
2 Jun 2024 |
CPAI-2024-0363
|
|
CVE-2024-4978
|
Justice AV Solutions Viewer Setup Remote Code Execution (CVE-2024-4978)
|
Medium
|
2 Jun 2024 |
2 Jun 2024 |
CPAI-2022-2073
|
|
CVE-2022-29034
|
Siemens SINEMA Remote Connect Cross-Site Scripting (CVE-2022-29034)
|
Critical
|
2 Jun 2024 |
2 Jun 2024 |
CPAI-2024-0354
|
|
CVE-2024-23108
|
Fortinet FortiSIEM Command Injection (CVE-2024-23108)
|
Critical
|
2 Jun 2024 |
2 Jun 2024 |
CPAI-2024-0350
|
|
CVE-2024-4999
|
Ligowave Devices Command Injection (CVE-2024-4999)
|
Critical
|
2 Jun 2024 |
2 Jun 2024 |
CPAI-2021-2169
|
|
CVE-2021-26747
|
Netis Systems Command Injection (CVE-2021-26747)
|
High
|
2 Jun 2024 |
2 Jun 2024 |
CPAI-2023-1729
|
|
CVE-2023-4197
|
Dolibarr ERP CRM Remote Code Execution (CVE-2023-4197)
|
Critical
|
2 Jun 2024 |
2 Jun 2024 |
CPAI-2024-0337
|
|
CVE-2024-4547 CVE-2024-4548
|
Delta Electronics DIAEnergie SQL Injection (CVE-2024-4547; CVE-2024-4548)
|
Critical
|
2 Jun 2024 |
2 Jun 2024 |
CPAI-2023-1724
|
|
CVE-2023-47307 CVE-2023-50469
|
Shenzhen Libituo Technology LBT-T300-T310 Buffer Overflow (CVE-2023-50469; CVE-2023-47307)
|
High
|
2 Jun 2024 |
2 Jun 2024 |
CPAI-2005-0379
|
|
CVE-2005-2611
|
Symantec Veritas Multiple Products Information Disclosure (CVE-2005-2611)
|
High
|
2 Jun 2024 |
2 Jun 2024 |
CPAI-2015-1541
|
|
CVE-2015-7766
|
ZohoCorp ManageEngine OpManager SQL Code Execution (CVE-2015-7766)
|
High
|
2 Jun 2024 |
2 Jun 2024 |
CPAI-2020-3848
|
|
CVE-2020-26258
|
XStream Remote Code Execution (CVE-2020-26258)
|
Medium
|
31 May 2024 |
31 May 2024 |
CPAI-2022-2069
|
|
CVE-2022-25305
|
WordPress VeronaLabs WP Statistics Plugin Cross-Site Scripting (CVE-2022-25305)
|
Medium
|
31 May 2024 |
31 May 2024 |
CPAI-2023-1730
|
|
CVE-2023-50260
|
Wazuh Command Injection (CVE-2023-50260)
|
Medium
|
31 May 2024 |
31 May 2024 |
CPAI-2024-0339
|
|
CVE-2024-28075
|
SolarWinds Access Rights Manager Insecure Deserialization (CVE-2024-28075)
|
High
|
31 May 2024 |
31 May 2024 |
CPAI-2024-0304
|
|
CVE-2024-23478
|
SolarWinds Access Rights Manager Remote Code Execution (CVE-2024-23478)
|
Medium
|
31 May 2024 |
31 May 2024 |
CPAI-2024-0288
|
|
CVE-2024-23115
|
Centreon Project Centreon Web SQL Injection (CVE-2024-23115)
|
Medium
|
31 May 2024 |
31 May 2024 |
CPAI-2024-0276
|
|
CVE-2024-23116
|
Centreon Project Centreon Web SQL Injection (CVE-2024-23116)
|
High
|
31 May 2024 |
31 May 2024 |
CPAI-2023-1696
|
|
CVE-2023-51595
|
Voltronic Power ViewPower Pro SQL Injection (CVE-2023-51595)
|
Medium
|
31 May 2024 |
31 May 2024 |
CPAI-2024-0250
|
|
CVE-2024-25937
|
Delta Electronics DIAEnergie SQL Injection (CVE-2024-25937)
|
Critical
|
31 May 2024 |
31 May 2024 |
CPAI-2021-2104
|
|
CVE-2021-21985
|
VMware vCenter Server Command Injection (CVE-2021-21985)
|
High
|
30 May 2024 |
30 May 2024 |
CPAI-2023-1738
|
|
CVE-2023-30253
|
Dolibarr ERP CRM Remote Code Execution (CVE-2023-30253)
|
High
|
30 May 2024 |
30 May 2024 |
CPAI-2023-1737
|
|
CVE-2023-43477
|
Telstra Smart Modem Gen 2 Command Injection (CVE-2023-43477)
|
Critical
|
30 May 2024 |
30 May 2024 |
CPAI-2023-1736
|
|
CVE-2023-43478
|
Telstra Smart Modem Gen 2 Arbitrary File Upload (CVE-2023-43478)
|
Critical
|
30 May 2024 |
30 May 2024 |
CPAI-2023-1726
|
|
CVE-2023-31546
|
DedeBIZ Cross-Site Scripting (CVE-2023-31546)
|
High
|
10 Apr 2024 |
30 May 2024 |
CPAI-2024-0179
|
|
CVE-2024-3272 CVE-2024-3273
|
D-Link DNS Series Command Injection (CVE-2024-3273; CVE-2024-3272)
|
High
|
29 May 2024 |
29 May 2024 |
CPAI-2024-0313
|
|
CVE-2024-29059
|
Microsoft .NET Framework Authentication Bypass (CVE-2024-29059)
|
Critical
|
29 May 2024 |
29 May 2024 |
CPAI-2022-2063
|
|
CVE-2022-45715 CVE-2022-45720
|
IP-COM M50 Buffer Overflow (CVE-2022-45715; CVE-2022-45720)
|
Critical
|
29 May 2024 |
29 May 2024 |
CPAI-2021-2168
|
|
CVE-2021-34646
|
WordPress Booster for WooCommerce Plugin Authentication Bypass (CVE-2021-34646)
|
Medium
|
29 May 2024 |
29 May 2024 |
CPAI-2024-0329
|
|
CVE-2024-1208 CVE-2024-1209 CVE-2024-1210
|
WordPress LearnDash LMS Plugin Information Disclosure (CVE-2024-1208; CVE-2024-1209; CVE-2024-1210)
|
Critical
|
29 May 2024 |
29 May 2024 |
CPAI-2024-0326
|
|
CVE-2024-1021
|
Ruifang Technology Rebuild Server-Side Request Forgery (CVE-2024-1021)
|
High
|
8 May 2024 |
29 May 2024 |
CPAI-2024-0122
|
|
CVE-2024-25065
|
Apache OFBiz Authentication Bypass (CVE-2024-25065)
|
Critical
|
29 May 2024 |
29 May 2024 |
CPAI-2023-1456
|
|
CVE-2023-46727
|
GLPI SQL Injection (CVE-2023-46727)
|
Critical
|
28 May 2024 |
28 May 2024 |
CPAI-2023-1727
|
|
CVE-2023-44353
|
Adobe ColdFusion Insecure Deserialization (CVE-2023-44353)
|
High
|
28 May 2024 |
28 May 2024 |
CPAI-2024-0328
|
|
CVE-2024-25228
|
Vinchin Backup and Recovery Command Injection (CVE-2024-25228)
|