Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Critical	31 May 2024	31 May 2024	CPAI-2021-2104	CVE-2021-21985	VMware vCenter Server Command Injection (CVE-2021-21985)
High	30 May 2024	30 May 2024	CPAI-2023-1738	CVE-2023-30253	Dolibarr ERP CRM Remote Code Execution (CVE-2023-30253)
High	30 May 2024	30 May 2024	CPAI-2023-1737	CVE-2023-43477	Telstra Smart Modem Gen 2 Command Injection (CVE-2023-43477)
Critical	30 May 2024	30 May 2024	CPAI-2023-1736	CVE-2023-43478	Telstra Smart Modem Gen 2 Arbitrary File Upload (CVE-2023-43478)
Critical	30 May 2024	30 May 2024	CPAI-2023-1726	CVE-2023-31546	DedeBIZ Cross-Site Scripting (CVE-2023-31546)
High	29 May 2024	29 May 2024	CPAI-2024-0313	CVE-2024-29059	Microsoft .NET Framework Authentication Bypass (CVE-2024-29059)
Critical	29 May 2024	29 May 2024	CPAI-2022-2063	CVE-2022-45715 CVE-2022-45720	IP-COM M50 Buffer Overflow (CVE-2022-45715; CVE-2022-45720)
Critical	29 May 2024	29 May 2024	CPAI-2021-2168	CVE-2021-34646	WordPress Booster for WooCommerce Plugin Authentication Bypass (CVE-2021-34646)
Medium	29 May 2024	29 May 2024	CPAI-2024-0329	CVE-2024-1208 CVE-2024-1209 CVE-2024-1210	WordPress LearnDash LMS Plugin Information Disclosure (CVE-2024-1208; CVE-2024-1209; CVE-2024-1210)
Critical	29 May 2024	29 May 2024	CPAI-2024-0326	CVE-2024-1021	Ruifang Technology Rebuild Server-Side Request Forgery (CVE-2024-1021)
High	8 May 2024	29 May 2024	CPAI-2024-0122	CVE-2024-25065	Apache OFBiz Authentication Bypass (CVE-2024-25065)
Critical	29 May 2024	29 May 2024	CPAI-2023-1456	CVE-2023-46727	GLPI SQL Injection (CVE-2023-46727)
Critical	28 May 2024	28 May 2024	CPAI-2023-1727	CVE-2023-44353	Adobe ColdFusion Insecure Deserialization (CVE-2023-44353)
High	28 May 2024	28 May 2024	CPAI-2024-0328	CVE-2024-25228	Vinchin Backup and Recovery Command Injection (CVE-2024-25228)
Critical	28 May 2024	28 May 2024	CPAI-2024-0330	CVE-2024-4323	Fluent Bit HTTP Server Memory Corruption (CVE-2024-4323)
High	28 May 2024	28 May 2024	CPAI-2024-0316		Microsoft Exchange Server Insecure Deserialization
High	28 May 2024	28 May 2024	CPAI-2019-3187	CVE-2019-19642	Supermicro X8STi-F Command Injection (CVE-2019-19642)
Medium	28 Mar 2024	28 May 2024	CPAI-2023-1617	CVE-2023-5591	LibreNMS SQL Injection (CVE-2023-5591)
Medium	28 Feb 2024	28 May 2024	CPAI-2023-1443	CVE-2023-42325	Netgate pfSense Cross-Site Scripting (CVE-2023-42325)
High	28 May 2024	28 May 2024	CPAI-2023-1409	CVE-2023-48123	Netgate pfSense Remote Code Execution (CVE-2023-48123)
High	28 May 2024	28 May 2024	CPAI-2022-1604	CVE-2022-43396	Apache Kylin Command Injection (CVE-2022-43396)
Critical	27 May 2024	27 May 2024	CPAI-2024-0336	CVE-2024-4701	Netflix Genie Path Traversal (CVE-2024-4701)
Critical	27 May 2024	27 May 2024	CPAI-2023-1722	CVE-2023-43187	NodeBB Remote Code Execution (CVE-2023-43187)
Critical	27 May 2024	27 May 2024	CPAI-2020-4166	CVE-2020-24913	QCubed SQL Injection (CVE-2020-24913)
High	27 May 2024	27 May 2024	CPAI-2023-1711	CVE-2023-4355	Google Chrome Heap Corruption (CVE-2023-4355)
Critical	27 May 2024	27 May 2024	CPAI-2024-0323	CVE-2024-34716	PrestaShop Cross-Site Scripting (CVE-2024-34716)
Medium	27 May 2024	27 May 2024	CPAI-2021-2164	CVE-2021-31252	Chiyu Technology Server-Side Request Forgery (CVE-2021-31252)
High	27 May 2024	27 May 2024	CPAI-2023-1704	CVE-2023-33782	D-Link DIR-842V2 Command Injection (CVE-2023-33782)
Critical	27 May 2024	27 May 2024	CPAI-2023-1703	CVE-2023-39367	Peplink Smart Reader Command Injection (CVE-2023-39367)
High	27 May 2024	27 May 2024	CPAI-2024-0309	CVE-2024-22567	Mingsoft MCMS Arbitrary File Upload (CVE-2024-22567)
Medium	27 May 2024	27 May 2024	CPAI-2023-1698	CVE-2023-49231	Stilog Visual Planning Authentication Bypass (CVE-2023-49231)
High	27 May 2024	27 May 2024	CPAI-2024-0265	CVE-2024-0717	D-Link Multiple Products Information Disclosure (CVE-2024-0717)
Critical	9 May 2024	27 May 2024	CPAI-2024-0255	CVE-2024-2389	Flowmon Command Injection (CVE-2024-2389)
Critical	23 May 2024	23 May 2024	CPAI-2024-0322	CVE-2024-4671	Google Chrome Use After Free (CVE-2024-4671)
Critical	23 May 2024	23 May 2024	CPAI-2024-0312	CVE-2024-3806 CVE-2024-3807	WordPress Porto Theme Local File Inclusion (CVE-2024-3806; CVE-2024-3807)
High	23 May 2024	23 May 2024	CPAI-2019-3188	CVE-2019-7262	Linear eMerge E3-Series Cross-Site Request Forgery (CVE-2019-7262)
High	23 May 2024	23 May 2024	CPAI-2024-0306	CVE-2024-2449	Kemp LoadMaster Cross-Site Request Forgery (CVE-2024-2449)
High	23 May 2024	23 May 2024	CPAI-2021-2163	CVE-2021-21206	Google Chrome Use After Free (CVE-2021-21206)
High	23 May 2024	23 May 2024	CPAI-2024-0301	CVE-2024-26331	ReCrystallize Server Authentication Bypass (CVE-2024-26331)
High	23 May 2024	23 May 2024	CPAI-2023-1700	CVE-2023-3124	WordPress Elementor Pro Plugin Privilege Escalation (CVE-2023-3124)
Medium	23 May 2024	23 May 2024	CPAI-2020-4165	CVE-2020-13896	Maipu MP1800X-50 Information Disclosure (CVE-2020-13896)
High	22 May 2024	22 May 2024	CPAI-2024-0317	CVE-2024-27130	QNAP QTS Stack Buffer Overflow (CVE-2024-27130)
Medium	22 May 2024	22 May 2024	CPAI-2024-0307	CVE-2024-2756	PHP Authentication Bypass (CVE-2024-2756)
High	22 May 2024	22 May 2024	CPAI-2023-1702	CVE-2023-49294	Asterisk Arbitrary File Read (CVE-2023-49294)
High	22 May 2024	22 May 2024	CPAI-2024-0299		D-Link DIR-X4860 Authentication Bypass
High	22 May 2024	22 May 2024	CPAI-2024-0296		D-Link DIR-X4860 Command Injection
High	22 May 2024	22 May 2024	CPAI-2023-1701	CVE-2023-36144	Intelbras SG 2404 MR Information Disclosure (CVE-2023-36144)
High	21 May 2024	21 May 2024	CPAI-2024-0315	CVE-2024-4761	Google Chromium V8 Out-of-Bounds Memory Write (CVE-2024-4761)
Medium	21 May 2024	21 May 2024	CPAI-2014-2576	CVE-2014-9708	Embedthis Appweb Denial of Service (CVE-2014-9708)
High	21 May 2024	21 May 2024	CPAI-2024-0291	CVE-2024-1451	GitLab Cross-Site Scripting (CVE-2024-1451)