Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	23 Sep 2024	7 Jul 2025	CPAI-2024-0837	CVE-2024-5009	Progress WhatsUp Gold Improper Access Control (CVE-2024-5009)
High	22 Sep 2024	7 Jul 2025	CPAI-2024-0840	CVE-2024-6893	Journyx XML External Entity Injection (CVE-2024-6893)
Critical	19 Sep 2024	7 Jul 2025	CPAI-2024-0828	CVE-2024-7954	SPIP Remote Code Execution (CVE-2024-7954)
Critical	24 Sep 2024	7 Jul 2025	CPAI-2023-1899	CVE-2023-49785	NextChat Server Side Request Forgery (CVE-2023-49785)
Critical	22 Sep 2024	7 Jul 2025	CPAI-2024-0816	CVE-2024-44466	Comfast CF-XR11 Command Injection (CVE-2024-44466)
Critical	16 Sep 2024	7 Jul 2025	CPAI-2024-0814	CVE-2024-8517	SPIP Remote Code Execution (CVE-2024-8517)
High	22 Sep 2024	7 Jul 2025	CPAI-2024-0808	CVE-2024-1884	PaperCut NG/MF Server-Side Request Forgery (CVE-2024-1884)
High	16 Sep 2024	7 Jul 2025	CPAI-2024-0800	CVE-2024-35181 CVE-2024-35182	Meshery SQL Injection (CVE-2024-35181; CVE-2024-35182)
Critical	15 Sep 2024	7 Jul 2025	CPAI-2023-1895	CVE-2023-51364	QNAP QTS Command Injection (CVE-2023-51364)
Critical	11 Sep 2024	7 Jul 2025	CPAI-2023-1892	CVE-2023-31475	Gl-Inet GL-S20 Buffer Overflow (CVE-2023-31475)
High	9 Sep 2024	7 Jul 2025	CPAI-2024-0777	CVE-2024-7331	Totolink A3300R Buffer Overflow (CVE-2024-7331)
High	9 Sep 2024	7 Jul 2025	CPAI-2023-1889	CVE-2023-3450	Ruijie RG-BCR860 Command Injection (CVE-2023-3450)
High	8 Sep 2024	7 Jul 2025	CPAI-2024-0776	CVE-2024-45528	CodeAstro Membership Management System Cross-Site Scripting (CVE-2024-45528)
Critical	8 Sep 2024	7 Jul 2025	CPAI-2024-0773	CVE-2024-6633	Fortra FileCatalyst Workflow Remote Code Execution (CVE-2024-6633)
Critical	5 Sep 2024	7 Jul 2025	CPAI-2024-0772	CVE-2024-6670 CVE-2024-6671	Progress Software WhatsUp Gold SQL Injection (CVE-2024-6670; CVE-2024-6671)
High	2 Sep 2024	7 Jul 2025	CPAI-2024-0771	CVE-2024-7029	AVTECH AVM1203 Command Injection (CVE-2024-7029)
High	2 Sep 2024	7 Jul 2025	CPAI-2023-1883	CVE-2023-41578	Jeecg Boot Information Disclosure (CVE-2023-41578)
High	9 Sep 2024	7 Jul 2025	CPAI-2024-0727	CVE-2024-37383	RoundCube Webmail Stored Cross-Site Scripting (CVE-2024-37383)
Critical	28 Aug 2024	7 Jul 2025	CPAI-2024-0726	CVE-2024-25830	F-logic DataCube3 Information Disclosure (CVE-2024-25830)
Critical	9 Sep 2024	7 Jul 2025	CPAI-2024-0722	CVE-2024-41660	OpenBMC slpd-lite Heap Buffer Overflow (CVE-2024-41660)
High	27 Aug 2024	7 Jul 2025	CPAI-2023-1879	CVE-2023-50564	Pluck CMS Arbitrary File Upload (CVE-2023-50564)
Critical	21 Aug 2024	7 Jul 2025	CPAI-2020-4195	CVE-2020-23584	OptilinkNetwork OP-XT71000n Command Injection (CVE-2020-23584)
Critical	21 Aug 2024	7 Jul 2025	CPAI-2024-0713	CVE-2024-41468 CVE-2024-41473	Tenda FH1201 Command Injection (CVE-2024-41468; CVE-2024-41473)
High	19 Aug 2024	7 Jul 2025	CPAI-2024-0708	CVE-2024-1222	PaperCut NG Authentication Bypass (CVE-2024-1222)
High	26 Aug 2024	7 Jul 2025	CPAI-2023-1877	CVE-2023-49964	Hyland Alfresco Server-Side Template Injection (CVE-2023-49964)
Critical	19 Aug 2024	7 Jul 2025	CPAI-2023-1876	CVE-2023-30145	Camaleon CMS Server-Side Template Injection (CVE-2023-30145)
Critical	11 Sep 2024	7 Jul 2025	CPAI-2023-1873	CVE-2023-5222	Viessmann Vitogate 300 Hardcoded Credentials (CVE-2023-5222)
High	20 Aug 2024	7 Jul 2025	CPAI-2018-2785	CVE-2018-12543	Eclipse Mosquitto Denial-of-Service (CVE-2018-12543)
Medium	15 Aug 2024	7 Jul 2025	CPAI-2024-0674	CVE-2024-31204	Mailcow Cross-Site Scripting (CVE-2024-31204)
Medium	15 Aug 2024	7 Jul 2025	CPAI-2024-0673	CVE-2024-30270	Mailcow Directory Traversal (CVE-2024-30270)
High	12 Aug 2024	7 Jul 2025	CPAI-2024-0672	CVE-2024-28739	Koha ILS Command Injection (CVE-2024-28739)
Critical	8 Aug 2024	7 Jul 2025	CPAI-2021-2201	CVE-2021-21887 CVE-2021-21889 CVE-2021-21890 CVE-2021-21891 CVE-2021-21892	Lantronix PremierWave 2050 Buffer Overflow (CVE-2021-21887; CVE-2021-21889; CVE-2021-21890; CVE-2021-21891; CVE-2021-21892)
High	8 Aug 2024	7 Jul 2025	CPAI-2023-1867	CVE-2023-2928	DedeCMS Command Injection (CVE-2023-2928)
High	9 Sep 2024	7 Jul 2025	CPAI-2024-0648	CVE-2024-1167	SEW-EURODRIVE MOVITOOLS MotionStudio External Entity Injection (CVE-2024-1167)
High	5 Aug 2024	7 Jul 2025	CPAI-2024-0628	CVE-2024-34051	Dolibarr ERP and CRM Suite Reflected Cross-Site Scripting (CVE-2024-34051)
Critical	1 Aug 2024	7 Jul 2025	CPAI-2023-1857	CVE-2023-30194	Prestashop Posthemes SQL Injection (CVE-2023-30194)
High	5 Aug 2024	7 Jul 2025	CPAI-2024-0612	CVE-2024-21518	Opencart Code Injection (CVE-2024-21518)
Critical	25 Jul 2024	7 Jul 2025	CPAI-2024-0614	CVE-2024-41110	Docker Engine Authentication Bypass (CVE-2024-41110)
Critical	30 Jul 2024	7 Jul 2025	CPAI-2023-1850	CVE-2023-27076	Tenda G103 Command Injection (CVE-2023-27076)
High	28 Jul 2024	7 Jul 2025	CPAI-2023-1849	CVE-2023-36212	Total CMS Arbitrary File Upload (CVE-2023-36212)
Critical	28 Jul 2024	7 Jul 2025	CPAI-2024-0606	CVE-2024-1651	Torrentpier Insecure Deserialization (CVE-2024-1651)
Critical	23 Jul 2024	7 Jul 2025	CPAI-2024-0602	CVE-2024-0986	Issabel PBX Command Injection (CVE-2024-0986)
High	27 Aug 2024	7 Jul 2025	CPAI-2024-0598	CVE-2024-5276	Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)
High	22 Jul 2024	7 Jul 2025	CPAI-2024-0597	CVE-2024-4884	Progress Software WhatsUp Gold Unrestricted File Upload (CVE-2024-4884)
High	8 Aug 2024	7 Jul 2025	CPAI-2024-0594	CVE-2024-3799	Phoniebox Project Command Injection (CVE-2024-3799)
High	28 Jul 2024	7 Jul 2025	CPAI-2024-0595	CVE-2024-39943	Rejetto HTTP File Server Remote Code Execution (CVE-2024-39943)
Critical	21 Jul 2024	7 Jul 2025	CPAI-2023-1845	CVE-2023-1715 CVE-2023-1716 CVE-2023-1717	Bitrix24 Cross-Site Scripting (CVE-2023-1715; CVE-2023-1716; CVE-2023-1717)
Medium	21 Jul 2024	7 Jul 2025	CPAI-2024-0583	CVE-2024-29510	Artifex Ghostscript Memory Corruption (CVE-2024-29510)
High	18 Jul 2024	7 Jul 2025	CPAI-2023-1842	CVE-2023-1713 CVE-2023-1714	Bitrix24 Remote Code Execution (CVE-2023-1713; CVE-2023-1714)
High	18 Jul 2024	7 Jul 2025	CPAI-2024-0580	CVE-2024-39309	Parse Server SQL Injection (CVE-2024-39309)