Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Critical	1 Apr 2024	1 Apr 2024	CPAI-2024-0116		XStream Insecure Deserialization
Critical	31 Mar 2024	31 Mar 2024	CPAI-2023-1618	CVE-2023-37791	D-Link DIR-619L Stack Overflow (CVE-2023-37791)
Critical	31 Mar 2024	31 Mar 2024	CPAI-2023-1615	CVE-2023-44693	D-Link DAR-7000 SQL Injection (CVE-2023-44693)
High	28 Mar 2024	28 Mar 2024	CPAI-2018-2730	CVE-2018-11538	SearchBlox Cross-Site Request Forgery (CVE-2018-11538)
Critical	28 Mar 2024	28 Mar 2024	CPAI-2017-1842	CVE-2017-17736	Kentico CMS Information Disclosure (CVE-2017-17736)
Critical	28 Mar 2024	28 Mar 2024	CPAI-2019-3178	CVE-2019-12583	Zyxel UAG2100 Authentication Bypass (CVE-2019-12583)
Critical	28 Mar 2024	28 Mar 2024	CPAI-2023-1605	CVE-2023-26477	XWiki Remote Code Execution (CVE-2023-26477)
Medium	27 Mar 2024	27 Mar 2024	CPAI-2024-0130	CVE-2024-21726	Joomla! CMS Cross-Site Scripting (CVE-2024-21726)
Medium	27 Mar 2024	27 Mar 2024	CPAI-2010-0738	CVE-2010-3274	Zohocorp ManageEngine ADSelfService Plus Cross-Site Scripting (CVE-2010-3274)
High	27 Mar 2024	27 Mar 2024	CPAI-2011-0748	CVE-2011-1609	Cisco Unified Communications Manager SQL Injection (CVE-2011-1609)
Medium	27 Mar 2024	27 Mar 2024	CPAI-2011-0746	CVE-2011-2179	Icinga Cross-Site Scripting (CVE-2011-2179)
High	26 Mar 2024	26 Mar 2024	CPAI-2023-1621	CVE-2023-48788	Fortinet FortiClientEMS Remote Code Execution (CVE-2023-48788)
High	26 Mar 2024	26 Mar 2024	CPAI-2024-0133	CVE-2024-21762	Fortinet Multiple Products Out of Bounds Write (CVE-2024-21762)
Critical	26 Mar 2024	26 Mar 2024	CPAI-2018-2729	CVE-2018-12634	CirCarLife Scada Information Disclosure (CVE-2018-12634)
Medium	26 Mar 2024	26 Mar 2024	CPAI-2018-2714	CVE-2018-8738	AirTies 5444 Firmware Cross-Site Scripting (CVE-2018-8738)
Medium	26 Mar 2024	26 Mar 2024	CPAI-2019-3165	CVE-2019-13505	WordPress DWBooster Appointment Hour Booking Plugin Cross-Site Scripting (CVE-2019-13505)
High	26 Mar 2024	26 Mar 2024	CPAI-2015-1599	CVE-2015-7297	Joomla! SQL Injection (CVE-2015-7297)
Medium	26 Mar 2024	26 Mar 2024	CPAI-2017-1825	CVE-2017-8514	Microsoft SharePoint Cross-Site Scripting (CVE-2017-8514)
High	25 Mar 2024	25 Mar 2024	CPAI-2024-0135	CVE-2024-27612	Numbas Editor Remote Code Execution (CVE-2024-27612)
High	25 Mar 2024	25 Mar 2024	CPAI-2023-1613	CVE-2023-31472	GL.iNET Devices Command Injection (CVE-2023-31472)
Critical	25 Mar 2024	25 Mar 2024	CPAI-2024-0129	CVE-2024-2044	pgAdmin Directory Traversal (CVE-2024-2044)
Critical	25 Mar 2024	25 Mar 2024	CPAI-2023-1609	CVE-2023-20048	Cisco Firepower Management Center Command Injection (CVE-2023-20048)
High	25 Mar 2024	25 Mar 2024	CPAI-2024-0126	CVE-2024-0692	SolarWinds Security Event Manager Insecure Deserialization (CVE-2024-0692)
Critical	25 Mar 2024	25 Mar 2024	CPAI-2023-1601	CVE-2023-23333	Contec Solarview Compact Firmware Command Injection (CVE-2023-23333)
Medium	25 Mar 2024	25 Mar 2024	CPAI-2023-1591	CVE-2023-50290	Apache Solr Information Disclosure (CVE-2023-50290)
Critical	24 Mar 2024	24 Mar 2024	CPAI-2024-0134		Generic Webshell Activity
High	24 Mar 2024	24 Mar 2024	CPAI-2015-1604	CVE-2015-0554	ADB P.DGA4001N Authentication Bypass (CVE-2015-0554)
High	24 Mar 2024	24 Mar 2024	CPAI-2024-0123		Neo-reGeorg Webshell
Critical	24 Mar 2024	24 Mar 2024	CPAI-2023-1595	CVE-2023-29665 CVE-2023-43235 CVE-2023-43241	D-Link DIR-823G Stack Overflow (CVE-2023-29665; CVE-2023-43235; CVE-2023-43241)
Critical	24 Mar 2024	24 Mar 2024	CPAI-2023-1594	CVE-2023-40041 CVE-2023-40042	TOTOLINK T10 Stack Overflow (CVE-2023-40041; CVE-2023-40042)
Critical	24 Mar 2024	24 Mar 2024	CPAI-2023-1588	CVE-2023-33735	D-Link DIR-846 Command Injection (CVE-2023-33735)
High	21 Mar 2024	21 Mar 2024	CPAI-2024-0131	CVE-2024-25153	Fortra FileCatalyst Workflow Directory Traversal (CVE-2024-25153)
Critical	21 Mar 2024	21 Mar 2024	CPAI-2023-1608	CVE-2023-4542	D-Link DAR-8000-10 SQL Injection (CVE-2023-4542)
Critical	21 Mar 2024	21 Mar 2024	CPAI-2021-2139	CVE-2021-33221	CommScope Ruckus IoT Improper Access Control (CVE-2021-33221)
High	20 Mar 2024	20 Mar 2024	CPAI-2023-1607	CVE-2023-7137	Client Details System SQL Injection (CVE-2023-7137)
Critical	20 Mar 2024	20 Mar 2024	CPAI-2021-2140	CVE-2021-40859	Auerswald COMpact 5500R Authentication Bypass (CVE-2021-40859)
Critical	20 Mar 2024	20 Mar 2024	CPAI-2014-2570	CVE-2014-9618	Netsweeper Client Filter Authentication Bypass (CVE-2014-9618)
Critical	20 Mar 2024	20 Mar 2024	CPAI-2014-2569	CVE-2014-9614	Netsweeper Hardcoded Credentials (CVE-2014-9614)
Medium	20 Mar 2024	20 Mar 2024	CPAI-2024-0125	CVE-2024-2123	WordPress Ultimate Member Plugin Cross-Site Scripting (CVE-2024-2123)
Medium	20 Mar 2024	20 Mar 2024	CPAI-2020-4153	CVE-2020-6308	SAP BusinessObjects Business Intelligence Platform Server-Side Request Forgery (CVE-2020-6308)
Critical	20 Mar 2024	20 Mar 2024	CPAI-2018-2718	CVE-2018-15534	Geutebrueck re_porter 16 Information Disclosure (CVE-2018-15534)
High	20 Mar 2024	20 Mar 2024	CPAI-2023-1587	CVE-2023-51587	Voltronic Power ViewPower Information Disclosure (CVE-2023-51587)
Critical	20 Mar 2024	20 Mar 2024	CPAI-2023-1585	CVE-2023-48085	Nagios XI Remote Code Execution (CVE-2023-48085)
Critical	20 Mar 2024	20 Mar 2024	CPAI-2024-0111	CVE-2024-21650	XWiki Remote Code Execution (CVE-2024-21650)
Critical	20 Mar 2024	20 Mar 2024	CPAI-2016-1292	CVE-2016-2345	DameWare Mini Remote Control Buffer Overflow (CVE-2016-2345)
Medium	20 Mar 2024	20 Mar 2024	CPAI-2022-1582	CVE-2022-30547	WWBN AVideo unzipDirectory ZIP Directory Traversal (CVE-2022-30547)
Medium	19 Mar 2024	19 Mar 2024	CPAI-2011-0745	CVE-2011-0959	Cisco Unified Operations Manager Cross-Site Scripting (CVE-2011-0959)
High	19 Mar 2024	19 Mar 2024	CPAI-2010-0734	CVE-2010-4367	Awstats Command Injection (CVE-2010-4367)
Critical	19 Mar 2024	19 Mar 2024	CPAI-2023-1583	CVE-2023-26612 CVE-2023-26616	D-Link DIR-823G Buffer Overflow (CVE-2023-26612; CVE-2023-26616)
Medium	19 Mar 2024	19 Mar 2024	CPAI-2023-1572	CVE-2023-22361	Seiko Skybridge MB-A110 Firmware Directory Traversal (CVE-2023-22361)