Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
High	8 Oct 2024	26 Dec 2024	CPAI-2024-0917	Microsoft CVE-2024-43560	CVE-2024-43560	Microsoft Windows Storage Port Driver Elevation of Privilege (CVE-2024-43560)
Critical	26 Dec 2024	26 Dec 2024	CPAI-2024-1197		CVE-2024-45387	Apache Traffic Control SQL Injection (CVE-2024-45387)
High	26 Dec 2024	26 Dec 2024	CPAI-2023-1959		CVE-2023-28205	Apple Multiple Products Use After Free (CVE-2023-28205)
High	26 Dec 2024	26 Dec 2024	CPAI-2024-1189		CVE-2024-5585	PHP Command Injection (CVE-2024-5585)
High	26 Dec 2024	26 Dec 2024	CPAI-2024-1178		CVE-2024-42327	Zabbix SQL Injection (CVE-2024-42327)
Critical	26 Dec 2024	26 Dec 2024	CPAI-2024-1164		CVE-2024-53677	Apache Struts Remote Code Execution (CVE-2024-53677)
Critical	10 Jul 2024	26 Dec 2024	CPAI-2024-0559		CVE-2024-36401	GeoServer Remote Code Execution (CVE-2024-36401)
Critical	1 May 2024	26 Dec 2024	CPAI-2023-1610		CVE-2023-34993 CVE-2023-48782	Fortinet FortiWLM Command Injection (CVE-2023-34993; CVE-2023-48782)
Medium	26 Dec 2024	26 Dec 2024	CPAI-2024-1177		CVE-2024-50352	LibreNMS Cross-Site Scripting (CVE-2024-50352)
High	25 Dec 2024	25 Dec 2024	CPAI-2024-1183			DigiEver Command Injection
High	25 Dec 2024	25 Dec 2024	CPAI-2024-1172		CVE-2024-47011	Ivanti Avalanche Directory Traversal (CVE-2024-47011)
High	24 Dec 2024	24 Dec 2024	CPAI-2024-1176		CVE-2024-38819	VMware Spring Framework Path Traversal (CVE-2024-38819)
High	9 Dec 2024	24 Dec 2024	CPAI-2024-1130			LLM Prompt Injection
Critical	29 Aug 2024	24 Dec 2024	CPAI-2021-2137		CVE-2021-33044	Dahua Security Multiple Products Authentication Bypass (CVE-2021-33044)
High	23 Dec 2024	23 Dec 2024	CPAI-2019-3245		CVE-2019-11001	Reolink Multiple Products Command Injection (CVE-2019-11001)
Critical	23 Dec 2024	23 Dec 2024	CPAI-2021-2231		CVE-2021-40407	Reolink RLC-410W Command Injection (CVE-2021-40407)
High	23 Dec 2024	23 Dec 2024	CPAI-2024-1171			Ovalsec Security Scanner
Critical	23 Dec 2024	23 Dec 2024	CPAI-2022-2160		CVE-2022-23227	NUUO NVRmini Authentication Bypass (CVE-2022-23227)
Medium	23 Dec 2024	23 Dec 2024	CPAI-2023-1951		CVE-2023-1009	Draytek Vigor2960 Firmware Directory Traversal (CVE-2023-1009)
High	23 Dec 2024	23 Dec 2024	CPAI-2024-1169		CVE-2024-45230	Django Denial of Service (CVE-2024-45230)
High	23 Dec 2024	23 Dec 2024	CPAI-2023-1946		CVE-2023-6909	LF Projects MLflow Directory Traversal (CVE-2023-6909)
High	19 Dec 2024	19 Dec 2024	CPAI-2024-1167		CVE-2024-53376	CyberPanel Command Injection (CVE-2024-53376)
High	19 Dec 2024	19 Dec 2024	CPAI-2024-1158		CVE-2024-39573	Apache HTTP Server Server-Side Request Forgery (CVE-2024-39573)
Medium	19 Dec 2024	19 Dec 2024	CPAI-2024-1162		CVE-2024-43365	Cacti Cross-Site Scripting (CVE-2024-43365)
High	19 Dec 2024	19 Dec 2024	CPAI-2024-1160		CVE-2024-0200	GitHub Enterprise Server Remote Code Execution (CVE-2024-0200)
Critical	5 Nov 2024	19 Dec 2024	CPAI-2024-1036		CVE-2024-51567 CVE-2024-51568	CyberPanel Command Injection (CVE-2024-51567; CVE-2024-51568)
High	18 Dec 2024	18 Dec 2024	CPAI-2015-1675		CVE-2015-5371	SolarWinds Storage Manager Path Traversal (CVE-2015-5371)
High	17 Dec 2024	17 Dec 2024	CPAI-2024-1148			Fortra Alert Logic MDR Security Scanner
High	11 Jun 2024	17 Dec 2024	CPAI-2024-0371	Microsoft CVE-2024-35250	CVE-2024-35250	Microsoft Windows Kernel-Mode Driver Elevation of Privilege (CVE-2024-35250)
High	14 Apr 2024	17 Dec 2024	CPAI-2024-0187		CVE-2024-20767	Adobe ColdFusion Information Disclosure (CVE-2024-20767)
High	28 Nov 2024	16 Dec 2024	CPAI-2024-1087		CVE-2024-47010	Ivanti Avalanche Directory Traversal (CVE-2024-47010)
High	13 Nov 2024	16 Dec 2024	CPAI-2024-1051		CVE-2024-36136	Ivanti Avalanche Denial of Service (CVE-2024-36136)
High	10 Nov 2024	16 Dec 2024	CPAI-2024-1039		CVE-2024-34785	Ivanti Endpoint Manager SQL Injection (CVE-2024-34785)
High	29 Oct 2024	16 Dec 2024	CPAI-2024-0999		CVE-2024-9379	Ivanti Cloud Services Appliance SQL Injection (CVE-2024-9379)
High	27 Oct 2024	16 Dec 2024	CPAI-2024-0992		CVE-2024-32845	Ivanti Endpoint Manager SQL Injection (CVE-2024-32845)
High	20 Oct 2024	16 Dec 2024	CPAI-2024-0957		CVE-2024-37397	Ivanti Endpoint Manager XML External Entity Injection (CVE-2024-37397)
Critical	10 Oct 2024	16 Dec 2024	CPAI-2024-0945		CVE-2024-37404	Ivanti Remote Code Execution (CVE-2024-37404)
Critical	13 Oct 2024	16 Dec 2024	CPAI-2024-0923		CVE-2024-29847	Ivanti Endpoint Manager Insecure Deserialization (CVE-2024-29847)
Critical	16 Dec 2024	16 Dec 2024	CPAI-2024-0901		CVE-2024-38476	Apache HTTP Server Server-Side Request Forgery (CVE-2024-38476)
High	1 Oct 2024	16 Dec 2024	CPAI-2024-0861		CVE-2024-37399	Ivanti Avalanche Denial of Service (CVE-2024-37399)
Critical	3 Sep 2024	16 Dec 2024	CPAI-2024-0750		CVE-2024-38652	Ivanti Avalanche Directory Traversal (CVE-2024-38652)
Medium	3 Sep 2024	16 Dec 2024	CPAI-2024-0736		CVE-2024-29830	Ivanti Endpoint Manager SQL Injection (CVE-2024-29830)
High	19 Aug 2024	16 Dec 2024	CPAI-2024-0685		CVE-2024-29826 CVE-2024-29827	Ivanti Endpoint Manager SQL Injection (CVE-2024-29826; CVE-2024-29827)
High	14 Jul 2024	16 Dec 2024	CPAI-2024-0566		CVE-2024-29823	Ivanti Endpoint Manager SQL Injection (CVE-2024-29823)
High	15 Jul 2024	16 Dec 2024	CPAI-2024-0551		CVE-2024-29825	Ivanti Endpoint Manager SQL Injection (CVE-2024-29825)
High	1 Jul 2024	16 Dec 2024	CPAI-2024-0509		CVE-2024-29848	Ivanti Avalanche Arbitrary File Upload (CVE-2024-29848)
High	20 Jun 2024	16 Dec 2024	CPAI-2024-0405		CVE-2024-23535	Ivanti Avalanche Directory Traversal (CVE-2024-23535)
High	23 May 2024	16 Dec 2024	CPAI-2024-0310		CVE-2024-24992	Ivanti Avalanche Directory Traversal (CVE-2024-24992)
High	16 May 2024	16 Dec 2024	CPAI-2024-0302		CVE-2024-24994	Ivanti Avalanche Directory Traversal (CVE-2024-24994)
Medium	18 Mar 2024	16 Dec 2024	CPAI-2023-1596		CVE-2023-41474	Ivanti Avalanche Directory Traversal (CVE-2023-41474)