Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Critical	27 May 2024	27 May 2024	CPAI-2023-1722	CVE-2023-43187	NodeBB Remote Code Execution (CVE-2023-43187)
Critical	27 May 2024	27 May 2024	CPAI-2020-4166	CVE-2020-24913	QCubed SQL Injection (CVE-2020-24913)
High	27 May 2024	27 May 2024	CPAI-2023-1711	CVE-2023-4355	Google Chrome Heap Corruption (CVE-2023-4355)
Critical	27 May 2024	27 May 2024	CPAI-2024-0323	CVE-2024-34716	PrestaShop Cross-Site Scripting (CVE-2024-34716)
Medium	27 May 2024	27 May 2024	CPAI-2021-2164	CVE-2021-31252	Chiyu Technology Server-Side Request Forgery (CVE-2021-31252)
High	27 May 2024	27 May 2024	CPAI-2023-1704	CVE-2023-33782	D-Link DIR-842V2 Command Injection (CVE-2023-33782)
Critical	27 May 2024	27 May 2024	CPAI-2023-1703	CVE-2023-39367	Peplink Smart Reader Command Injection (CVE-2023-39367)
High	27 May 2024	27 May 2024	CPAI-2024-0309	CVE-2024-22567	Mingsoft MCMS Arbitrary File Upload (CVE-2024-22567)
Medium	27 May 2024	27 May 2024	CPAI-2023-1698	CVE-2023-49231	Stilog Visual Planning Authentication Bypass (CVE-2023-49231)
High	27 May 2024	27 May 2024	CPAI-2024-0265	CVE-2024-0717	D-Link Multiple Products Information Disclosure (CVE-2024-0717)
Critical	23 May 2024	23 May 2024	CPAI-2024-0322	CVE-2024-4671	Google Chrome Use After Free (CVE-2024-4671)
Critical	23 May 2024	23 May 2024	CPAI-2024-0312	CVE-2024-3806 CVE-2024-3807	WordPress Porto Theme Local File Inclusion (CVE-2024-3806; CVE-2024-3807)
High	23 May 2024	23 May 2024	CPAI-2019-3188	CVE-2019-7262	Linear eMerge E3-Series Cross-Site Request Forgery (CVE-2019-7262)
High	23 May 2024	23 May 2024	CPAI-2024-0306	CVE-2024-2449	Kemp LoadMaster Cross-Site Request Forgery (CVE-2024-2449)
High	23 May 2024	23 May 2024	CPAI-2021-2163	CVE-2021-21206	Google Chrome Use After Free (CVE-2021-21206)
High	23 May 2024	23 May 2024	CPAI-2024-0301	CVE-2024-26331	ReCrystallize Server Authentication Bypass (CVE-2024-26331)
High	23 May 2024	23 May 2024	CPAI-2023-1700	CVE-2023-3124	WordPress Elementor Pro Plugin Privilege Escalation (CVE-2023-3124)
Medium	23 May 2024	23 May 2024	CPAI-2020-4165	CVE-2020-13896	Maipu MP1800X-50 Information Disclosure (CVE-2020-13896)
High	22 May 2024	22 May 2024	CPAI-2024-0317	CVE-2024-27130	QNAP QTS Stack Buffer Overflow (CVE-2024-27130)
Medium	22 May 2024	22 May 2024	CPAI-2024-0307	CVE-2024-2756	PHP Authentication Bypass (CVE-2024-2756)
High	22 May 2024	22 May 2024	CPAI-2023-1702	CVE-2023-49294	Asterisk Arbitrary File Read (CVE-2023-49294)
High	22 May 2024	22 May 2024	CPAI-2024-0299		D-Link DIR-X4860 Authentication Bypass
High	22 May 2024	22 May 2024	CPAI-2024-0296		D-Link DIR-X4860 Command Injection
High	22 May 2024	22 May 2024	CPAI-2023-1701	CVE-2023-36144	Intelbras SG 2404 MR Information Disclosure (CVE-2023-36144)
High	21 May 2024	21 May 2024	CPAI-2024-0315	CVE-2024-4761	Google Chromium V8 Out-of-Bounds Memory Write (CVE-2024-4761)
Medium	21 May 2024	21 May 2024	CPAI-2014-2576	CVE-2014-9708	Embedthis Appweb Denial of Service (CVE-2014-9708)
High	21 May 2024	21 May 2024	CPAI-2024-0291	CVE-2024-1451	GitLab Cross-Site Scripting (CVE-2024-1451)
Critical	21 May 2024	21 May 2024	CPAI-2020-4150	CVE-2020-13117	Wavlink WN575A4 Command Injection (CVE-2020-13117)
High	20 May 2024	20 May 2024	CPAI-2019-3186	CVE-2019-7258	Linear eMerge E3-Series Privilege Escalation (CVE-2019-7258)
High	20 May 2024	20 May 2024	CPAI-2024-0297	CVE-2024-20353 CVE-2024-20359	Cisco Multiple Products Remote Code Execution (CVE-2024-20353; CVE-2024-20359)
High	20 May 2024	20 May 2024	CPAI-2024-0287	CVE-2024-0265	SourceCodester Clinic Queuing System Remote Code Execution (CVE-2024-0265)
Critical	20 May 2024	20 May 2024	CPAI-2024-0285	CVE-2024-0264	SourceCodester Clinic Queuing System Authentication Bypass (CVE-2024-0264)
Critical	20 May 2024	20 May 2024	CPAI-2024-0272	CVE-2024-0921	D-Link DIR-816 Command Injection (CVE-2024-0921)
High	20 May 2024	20 May 2024	CPAI-2008-0553	CVE-2008-4128	Cisco IOS Cross-Site Request Forgery (CVE-2008-4128)
High	20 May 2024	20 May 2024	CPAI-2023-1695	CVE-2023-47218	QNAP QTS Command Injection (CVE-2023-47218)
Critical	20 May 2024	20 May 2024	CPAI-2024-0267	CVE-2024-28185 CVE-2024-28189	Judge0 Arbitrary File Read and Write (CVE-2024-28185; CVE-2024-28189)
Critical	20 May 2024	20 May 2024	CPAI-2024-0262	CVE-2024-29021	Judge0 Server-Side Request Forgery (CVE-2024-29021)
High	19 May 2024	19 May 2024	CPAI-2020-4164	CVE-2020-15867	Gogs Remote Code Execution (CVE-2020-15867)
High	19 May 2024	19 May 2024	CPAI-2024-0264		Judge0 Command Injection
Critical	19 May 2024	19 May 2024	CPAI-2023-1683	CVE-2023-2676 CVE-2023-29917	H3C Routers Buffer Overflow (CVE-2023-2676; CVE-2023-29917)
High	19 May 2024	19 May 2024	CPAI-2023-1675	CVE-2023-3206	Feiyuxing VEC40G Denial of Service (CVE-2023-3206)
Critical	16 May 2024	16 May 2024	CPAI-2024-0293	CVE-2024-29895	Cacti Command Injection (CVE-2024-29895)
High	16 May 2024	16 May 2024	CPAI-2024-0290	CVE-2024-31445	Cacti SQL Injection (CVE-2024-31445)
Medium	16 May 2024	16 May 2024	CPAI-2024-0303	CVE-2024-28891	Delta Electronics DIAEnergie SQL Injection (CVE-2024-28891)
High	16 May 2024	16 May 2024	CPAI-2006-0564	CVE-2006-5536	D-Link DSL-G624T Directory Traversal (CVE-2006-5536)
Critical	16 May 2024	16 May 2024	CPAI-2024-0236	CVE-2024-27956	WordPress ValvePress Automatic Plugin SQL Injection (CVE-2024-27956)
Critical	16 May 2024	16 May 2024	CPAI-2021-2132	CVE-2021-23758	AjaxPro Insecure Deserialization (CVE-2021-23758)
High	30 Apr 2024	16 May 2024	CPAI-2023-1444	CVE-2023-49085	Cacti SQL Injection (CVE-2023-49085)
Medium	16 May 2024	16 May 2024	CPAI-2023-1213		EMC Captiva PixTools Distributed Imaging Control File Creation
Critical	16 May 2024	16 May 2024	CPAI-2023-0969	CVE-2023-38096	Netgear ProSAFE NMS300 Authentication Bypass (CVE-2023-38096)