Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	6 Aug 2024	3 Mar 2025	CPAI-2024-0661		CVE-2024-7593	Ivanti Virtual Traffic Manager Authentication Bypass (CVE-2024-7593)
Critical	24 Jun 2024	3 Mar 2025	CPAI-2024-0409		CVE-2024-29973	Zyxel NAS Command Injection (CVE-2024-29973)
Critical	15 Sep 2024	25 Feb 2025	CPAI-2024-0812		CVE-2024-28986 CVE-2024-28988	SolarWinds Web Help Desk Insecure Deserialization (CVE-2024-28986; CVE-2024-28988)
Critical	12 May 2024	25 Feb 2025	CPAI-2024-0252		CVE-2024-2876	WordPress Icegram Express Plugin SQL Injection (CVE-2024-2876)
Critical	25 Jun 2024	24 Feb 2025	CPAI-2024-0398		CVE-2024-29972	Zyxel NAS Command Injection (CVE-2024-29972)
Critical	9 May 2024	24 Feb 2025	CPAI-2024-0255		CVE-2024-2389	Flowmon Command Injection (CVE-2024-2389)
High	10 Sep 2024	23 Feb 2025	CPAI-2024-1374	Microsoft CVE-2024-38242	CVE-2024-38242	Microsoft Kernel Streaming Service Driver Elevation of Privilege (CVE-2024-38242)
High	10 Sep 2024	23 Feb 2025	CPAI-2024-1373	Microsoft CVE-2024-38243	CVE-2024-38243	Microsoft Kernel Streaming Service Driver Elevation of Privilege (CVE-2024-38243)
High	10 Sep 2024	23 Feb 2025	CPAI-2024-0759	Microsoft CVE-2024-38238	CVE-2024-38238	Microsoft Kernel Streaming Service Driver Elevation of Privilege (CVE-2024-38238)
High	13 Aug 2024	23 Feb 2025	CPAI-2024-0646	Microsoft CVE-2024-38125	CVE-2024-38125	Microsoft Kernel Streaming WOW Thunk Service Driver Elevation of Privilege (CVE-2024-38125)
High	13 Aug 2024	23 Feb 2025	CPAI-2024-0641	Microsoft CVE-2024-38147	CVE-2024-38147	Microsoft DWM Core Library Elevation of Privilege (CVE-2024-38147)
High	13 Feb 2024	23 Feb 2025	CPAI-2024-0060	Adobe APSB24-07	CVE-2024-20731	Adobe Acrobat and Reader Use After Free (APSB24-07: CVE-2024-20731)
High	13 Feb 2024	23 Feb 2025	CPAI-2024-0059	Adobe APSB24-07	CVE-2024-20733	Adobe Acrobat and Reader Improper Input Validation (APSB24-07: CVE-2024-20733)
High	13 Feb 2024	23 Feb 2025	CPAI-2024-0058	Adobe APSB24-07	CVE-2024-20734	Adobe Acrobat and Reader Use After Free (APSB24-07: CVE-2024-20734)
High	13 Feb 2024	23 Feb 2025	CPAI-2024-0052	Adobe APSB24-07	CVE-2024-20729	Adobe Acrobat and Reader Use After Free (APSB24-07: CVE-2024-20729)
High	13 Feb 2024	23 Feb 2025	CPAI-2024-0051	Adobe APSB24-07	CVE-2024-20730	Adobe Acrobat and Reader Integer Overflow or Wraparound (APSB24-07: CVE-2024-20730)
High	13 Feb 2024	23 Feb 2025	CPAI-2024-0050	Adobe APSB24-07	CVE-2024-20727	Adobe Acrobat and Reader Out-of-bounds Write (APSB24-07: CVE-2024-20727)
High	13 Feb 2024	23 Feb 2025	CPAI-2024-0049	Adobe APSB24-07	CVE-2024-20728	Adobe Acrobat and Reader Out-of-bounds Write (APSB24-07: CVE-2024-20728)
Critical	7 Mar 2024	23 Feb 2025	CPAI-2022-2028		CVE-2020-10973 CVE-2020-12127 CVE-2022-31847 CVE-2022-34045 CVE-2022-34046 CVE-2022-34047 CVE-2022-34049 CVE-2022-34576 CVE-2022-48165 CVE-2024-38892	Wavlink Routers Authentication Bypass (CVE-2020-10973; CVE-2020-12127; CVE-2022-31847; CVE-2022-34045; CVE-2022-34046; CVE-2022-34047; CVE-2022-34049; CVE-2022-34576; CVE-2022-48165; CVE-2024-38892)
Critical	21 Feb 2024	23 Feb 2025	CPAI-2023-1538		CVE-2019-10631 CVE-2019-10633 CVE-2023-27992 CVE-2023-37927 CVE-2023-37928 CVE-2023-4473 CVE-2023-4474	Zyxel NAS326 Command Injection (CVE-2019-10631; CVE-2019-10633; CVE-2023-27992; CVE-2023-37927; CVE-2023-37928; CVE-2023-4473; CVE-2023-4474)
Critical	12 Aug 2024	20 Feb 2025	CPAI-2024-0669		CVE-2024-6782	Calibre Remote Code Execution (CVE-2024-6782)
High	6 May 2024	20 Feb 2025	CPAI-2023-1682		CVE-2023-51835 CVE-2024-0920	TRENDnet TEW-822DRE Command Injection (CVE-2023-51835; CVE-2024-0920)
Critical	15 Oct 2024	13 Feb 2025	CPAI-2024-0962		CVE-2024-8963 CVE-2024-9381	Ivanti Cloud Services Appliance Path Traversal (CVE-2024-8963; CVE-2024-9381)
High	20 Aug 2024	12 Feb 2025	CPAI-2024-0707		CVE-2024-38472	Apache HTTP Server Server-Side Request Forgery (CVE-2024-38472)
High	12 Dec 2024	9 Feb 2025	CPAI-2024-1155		CVE-2024-50623	Cleo Arbitrary File Upload (CVE-2024-50623)
Critical	2 Dec 2024	9 Feb 2025	CPAI-2024-1108		CVE-2024-11680	ProjectSend Authentication Bypass (CVE-2024-11680)
Critical	19 Nov 2024	9 Feb 2025	CPAI-2024-1076		CVE-2024-0012	Palo Alto Networks PAN-OS Authentication Bypass (CVE-2024-0012)
High	19 Nov 2024	9 Feb 2025	CPAI-2024-1075		CVE-2024-9474	Palo Alto Networks PAN-OS Command Injection (CVE-2024-9474)
High	13 Oct 2024	9 Feb 2025	CPAI-2024-0954		CVE-2024-9463	Palo Alto Networks Expedition Command Injection (CVE-2024-9463)
Critical	12 Aug 2024	9 Feb 2025	CPAI-2024-0656		CVE-2024-34102	Adobe Multiple Products XML External Entity Injection (CVE-2024-34102)
Critical	1 Jul 2024	9 Feb 2025	CPAI-2024-0531		CVE-2024-0769	D-Link DIR-859 Directory Traversal (CVE-2024-0769)
Critical	17 Jun 2024	9 Feb 2025	CPAI-2024-0406		CVE-2024-29824	Ivanti Endpoint Manager SQL Injection (CVE-2024-29824)
High	29 May 2024	9 Feb 2025	CPAI-2024-0313		CVE-2024-29059	Microsoft .NET Framework Authentication Bypass (CVE-2024-29059)
High	6 Mar 2024	9 Feb 2025	CPAI-2024-0106		CVE-2024-27199	JetBrains TeamCity Path Traversal (CVE-2024-27199)
Critical	2 May 2024	9 Feb 2025	CPAI-2022-1731		CVE-2022-22965	Vmware Spring Framework Remote Code Execution (CVE-2022-22965)
High	9 Sep 2024	6 Feb 2025	CPAI-2024-0788		CVE-2024-45195	Apache OFBiz Remote Code Execution (CVE-2024-45195)
Medium	29 Jul 2024	2 Feb 2025	CPAI-2020-4190		CVE-2020-1464	Microsoft Windows File Signature Spoofing (CVE-2020-1464)
Critical	11 Dec 2024	29 Jan 2025	CPAI-2024-1150		CVE-2024-45216	Apache Solr Authentication Bypass (CVE-2024-45216)
High	20 Oct 2024	29 Jan 2025	CPAI-2024-0939		CVE-2024-9566 CVE-2024-9567 CVE-2024-9568 CVE-2024-9569 CVE-2024-9570 CVE-2024-9782 CVE-2024-9783 CVE-2024-9784 CVE-2024-9785 CVE-2024-9786 CVE-2024-9909 CVE-2024-9910 CVE-2024-9911 CVE-2024-9912	D-Link Multiple Routers Buffer Overflow (CVE-2024-9566; CVE-2024-9567; CVE-2024-9568; CVE-2024-9569; CVE-2024-9570; CVE-2024-9782; CVE-2024-9783; CVE-2024-9784; CVE-2024-9785; CVE-2024-9786; CVE-2024-9909; CVE-2024-9910; CVE-2024-9911; CVE-2024-9912)
High	8 Oct 2024	28 Jan 2025	CPAI-2024-0896	Microsoft CVE-2024-43502	CVE-2024-43502	Microsoft Windows Kernel Elevation of Privilege (CVE-2024-43502)
High	10 Sep 2024	28 Jan 2025	CPAI-2024-0765	Microsoft CVE-2024-38244	CVE-2024-38244	Microsoft Kernel Streaming Service Driver Elevation of Privilege (CVE-2024-38244)
High	10 Sep 2024	28 Jan 2025	CPAI-2024-0760	Microsoft CVE-2024-38237	CVE-2024-38237	Microsoft Kernel Streaming WOW Thunk Service Driver Elevation of Privilege (CVE-2024-38237)
High	10 Sep 2024	28 Jan 2025	CPAI-2024-1329	Microsoft CVE-2024-38241	CVE-2024-38241	Microsoft Kernel Streaming Service Driver Elevation of Privilege (CVE-2024-38241)
High	13 Aug 2024	28 Jan 2025	CPAI-2024-0650	Microsoft CVE-2024-38196	CVE-2024-38196	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2024-38196)
High	13 Aug 2024	28 Jan 2025	CPAI-2024-0645	Microsoft CVE-2024-38141	CVE-2024-38141	Microsoft Windows Ancillary Function Driver for WinSock Elevation of Privilege (CVE-2024-38141)
High	13 Aug 2024	28 Jan 2025	CPAI-2024-0642	Microsoft CVE-2024-38150	CVE-2024-38150	Microsoft Windows DWM Core Library Elevation of Privilege (CVE-2024-38150)
High	13 Feb 2024	28 Jan 2025	CPAI-2024-0046	Adobe APSB24-07	CVE-2024-20726	Adobe Acrobat and Reader Out-of-bounds Write (APSB24-07: CVE-2024-20726)
Critical	26 Dec 2024	20 Jan 2025	CPAI-2020-4220		CVE-2020-8657	EyesOfNetwork Hardcoded Credentials (CVE-2020-8657)
High	3 Sep 2024	20 Jan 2025	CPAI-2018-2791		CVE-2018-16855	PowerDNS Recursor Out-of-Bounds Read (CVE-2018-16855)
High	16 Sep 2024	16 Jan 2025	CPAI-2024-0704			HTML Entity Encoding Multiple Vulnerabilities