Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	9 May 2024	27 May 2024	CPAI-2024-0255		CVE-2024-2389	Flowmon Command Injection (CVE-2024-2389)
Critical	23 May 2024	23 May 2024	CPAI-2024-0322		CVE-2024-4671	Google Chrome Use After Free (CVE-2024-4671)
Critical	23 May 2024	23 May 2024	CPAI-2024-0312		CVE-2024-3806 CVE-2024-3807	WordPress Porto Theme Local File Inclusion (CVE-2024-3806; CVE-2024-3807)
High	23 May 2024	23 May 2024	CPAI-2019-3188		CVE-2019-7262	Linear eMerge E3-Series Cross-Site Request Forgery (CVE-2019-7262)
High	23 May 2024	23 May 2024	CPAI-2024-0306		CVE-2024-2449	Kemp LoadMaster Cross-Site Request Forgery (CVE-2024-2449)
High	23 May 2024	23 May 2024	CPAI-2021-2163		CVE-2021-21206	Google Chrome Use After Free (CVE-2021-21206)
High	23 May 2024	23 May 2024	CPAI-2024-0301		CVE-2024-26331	ReCrystallize Server Authentication Bypass (CVE-2024-26331)
High	23 May 2024	23 May 2024	CPAI-2023-1700		CVE-2023-3124	WordPress Elementor Pro Plugin Privilege Escalation (CVE-2023-3124)
Medium	23 May 2024	23 May 2024	CPAI-2020-4165		CVE-2020-13896	Maipu MP1800X-50 Information Disclosure (CVE-2020-13896)
High	22 May 2024	22 May 2024	CPAI-2024-0317		CVE-2024-27130	QNAP QTS Stack Buffer Overflow (CVE-2024-27130)
Medium	22 May 2024	22 May 2024	CPAI-2024-0307		CVE-2024-2756	PHP Authentication Bypass (CVE-2024-2756)
High	22 May 2024	22 May 2024	CPAI-2023-1702		CVE-2023-49294	Asterisk Arbitrary File Read (CVE-2023-49294)
High	22 May 2024	22 May 2024	CPAI-2024-0299			D-Link DIR-X4860 Authentication Bypass
High	22 May 2024	22 May 2024	CPAI-2024-0296			D-Link DIR-X4860 Command Injection
High	22 May 2024	22 May 2024	CPAI-2023-1701		CVE-2023-36144	Intelbras SG 2404 MR Information Disclosure (CVE-2023-36144)
High	21 May 2024	21 May 2024	CPAI-2024-0315		CVE-2024-4761	Google Chromium V8 Out-of-Bounds Memory Write (CVE-2024-4761)
Medium	21 May 2024	21 May 2024	CPAI-2014-2576		CVE-2014-9708	Embedthis Appweb Denial of Service (CVE-2014-9708)
High	21 May 2024	21 May 2024	CPAI-2024-0291		CVE-2024-1451	GitLab Cross-Site Scripting (CVE-2024-1451)
Critical	21 May 2024	21 May 2024	CPAI-2020-4150		CVE-2020-13117	Wavlink WN575A4 Command Injection (CVE-2020-13117)
High	20 May 2024	20 May 2024	CPAI-2019-3186		CVE-2019-7258	Linear eMerge E3-Series Privilege Escalation (CVE-2019-7258)
High	20 May 2024	20 May 2024	CPAI-2024-0297		CVE-2024-20353 CVE-2024-20359	Cisco Multiple Products Remote Code Execution (CVE-2024-20353; CVE-2024-20359)
High	20 May 2024	20 May 2024	CPAI-2024-0287		CVE-2024-0265	SourceCodester Clinic Queuing System Remote Code Execution (CVE-2024-0265)
Critical	20 May 2024	20 May 2024	CPAI-2024-0285		CVE-2024-0264	SourceCodester Clinic Queuing System Authentication Bypass (CVE-2024-0264)
Critical	20 May 2024	20 May 2024	CPAI-2024-0272		CVE-2024-0921	D-Link DIR-816 Command Injection (CVE-2024-0921)
High	20 May 2024	20 May 2024	CPAI-2008-0553		CVE-2008-4128	Cisco IOS Cross-Site Request Forgery (CVE-2008-4128)
High	20 May 2024	20 May 2024	CPAI-2023-1695		CVE-2023-47218	QNAP QTS Command Injection (CVE-2023-47218)
Critical	20 May 2024	20 May 2024	CPAI-2024-0267		CVE-2024-28185 CVE-2024-28189	Judge0 Arbitrary File Read and Write (CVE-2024-28185; CVE-2024-28189)
Critical	20 May 2024	20 May 2024	CPAI-2024-0262		CVE-2024-29021	Judge0 Server-Side Request Forgery (CVE-2024-29021)
High	19 May 2024	19 May 2024	CPAI-2020-4164		CVE-2020-15867	Gogs Remote Code Execution (CVE-2020-15867)
High	19 May 2024	19 May 2024	CPAI-2024-0264			Judge0 Command Injection
Critical	19 May 2024	19 May 2024	CPAI-2023-1683		CVE-2023-2676 CVE-2023-29917	H3C Routers Buffer Overflow (CVE-2023-2676; CVE-2023-29917)
High	19 May 2024	19 May 2024	CPAI-2023-1675		CVE-2023-3206	Feiyuxing VEC40G Denial of Service (CVE-2023-3206)
Critical	16 May 2024	16 May 2024	CPAI-2024-0293		CVE-2024-29895	Cacti Command Injection (CVE-2024-29895)
High	16 May 2024	16 May 2024	CPAI-2024-0290		CVE-2024-31445	Cacti SQL Injection (CVE-2024-31445)
Medium	16 May 2024	16 May 2024	CPAI-2024-0303		CVE-2024-28891	Delta Electronics DIAEnergie SQL Injection (CVE-2024-28891)
High	16 May 2024	16 May 2024	CPAI-2006-0564		CVE-2006-5536	D-Link DSL-G624T Directory Traversal (CVE-2006-5536)
High	16 May 2024	16 May 2024	CPAI-2024-0254		CVE-2024-3721	TBK DVR Devices Command Injection (CVE-2024-3721)
Critical	16 May 2024	16 May 2024	CPAI-2024-0236		CVE-2024-27956	WordPress ValvePress Automatic Plugin SQL Injection (CVE-2024-27956)
Critical	16 May 2024	16 May 2024	CPAI-2021-2132		CVE-2021-23758	AjaxPro Insecure Deserialization (CVE-2021-23758)
High	30 Apr 2024	16 May 2024	CPAI-2023-1444		CVE-2023-49085	Cacti SQL Injection (CVE-2023-49085)
Medium	16 May 2024	16 May 2024	CPAI-2023-1213			EMC Captiva PixTools Distributed Imaging Control File Creation
Critical	16 May 2024	16 May 2024	CPAI-2023-0969		CVE-2023-38096	Netgear ProSAFE NMS300 Authentication Bypass (CVE-2023-38096)
High	15 May 2024	15 May 2024	CPAI-2023-1699		CVE-2023-31478	GL.iNET GL-S20 Information Disclosure (CVE-2023-31478)
Critical	15 May 2024	15 May 2024	CPAI-2024-0268		CVE-2024-1512	WordPress MasterStudy LMS Plugin SQL Injection (CVE-2024-1512)
High	15 May 2024	15 May 2024	CPAI-2022-2062		CVE-2022-34538 CVE-2022-34539	Digital Watchdog MEGApix Command Injection (CVE-2022-34538; CVE-2022-34539)
High	29 Jan 2024	15 May 2024	CPAI-2022-1997		CVE-2022-1802	Mozilla Multiple Products Prototype Pollution (CVE-2022-1802)
High	14 May 2024	15 May 2024	CPAI-2024-0282			Adobe Acrobat and Reader Out-of-bounds Write
High	14 May 2024	15 May 2024	CPAI-2024-0279			Adobe Acrobat and Reader Out-of-bounds Read
Critical	24 Apr 2024	15 May 2024	CPAI-2024-0216		CVE-2024-4040	CrushFTP Information Disclosure (CVE-2024-4040)
High	14 May 2024	14 May 2024	CPAI-2024-0284	Adobe APSB24-29	CVE-2024-30311	Adobe Acrobat and Reader Out-of-bounds Read (APSB24-29: CVE-2024-30311)