Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
High	18 Dec 2024	18 Dec 2024	CPAI-2015-1675		CVE-2015-5371	SolarWinds Storage Manager Path Traversal (CVE-2015-5371)
Critical	15 Oct 2024	18 Dec 2024	CPAI-2024-0962		CVE-2024-8963	Ivanti Cloud Services Appliance Path Traversal (CVE-2024-8963)
High	17 Dec 2024	17 Dec 2024	CPAI-2024-1148			Fortra Alert Logic MDR Security Scanner
High	11 Jun 2024	17 Dec 2024	CPAI-2024-0371	Microsoft CVE-2024-35250	CVE-2024-35250	Microsoft Windows Kernel-Mode Driver Elevation of Privilege (CVE-2024-35250)
High	14 Apr 2024	17 Dec 2024	CPAI-2024-0187		CVE-2024-20767	Adobe ColdFusion Information Disclosure (CVE-2024-20767)
High	28 Nov 2024	16 Dec 2024	CPAI-2024-1087		CVE-2024-47010	Ivanti Avalanche Directory Traversal (CVE-2024-47010)
High	13 Nov 2024	16 Dec 2024	CPAI-2024-1051		CVE-2024-36136	Ivanti Avalanche Denial of Service (CVE-2024-36136)
High	10 Nov 2024	16 Dec 2024	CPAI-2024-1039		CVE-2024-34785	Ivanti Endpoint Manager SQL Injection (CVE-2024-34785)
High	29 Oct 2024	16 Dec 2024	CPAI-2024-0999		CVE-2024-9379	Ivanti Cloud Services Appliance SQL Injection (CVE-2024-9379)
High	27 Oct 2024	16 Dec 2024	CPAI-2024-0992		CVE-2024-32845	Ivanti Endpoint Manager SQL Injection (CVE-2024-32845)
High	20 Oct 2024	16 Dec 2024	CPAI-2024-0957		CVE-2024-37397	Ivanti Endpoint Manager XML External Entity Injection (CVE-2024-37397)
Critical	10 Oct 2024	16 Dec 2024	CPAI-2024-0945		CVE-2024-37404	Ivanti Remote Code Execution (CVE-2024-37404)
Critical	13 Oct 2024	16 Dec 2024	CPAI-2024-0923		CVE-2024-29847	Ivanti Endpoint Manager Insecure Deserialization (CVE-2024-29847)
Critical	16 Dec 2024	16 Dec 2024	CPAI-2024-0901		CVE-2024-38476	Apache HTTP Server Server-Side Request Forgery (CVE-2024-38476)
High	1 Oct 2024	16 Dec 2024	CPAI-2024-0861		CVE-2024-37399	Ivanti Avalanche Denial of Service (CVE-2024-37399)
Critical	3 Sep 2024	16 Dec 2024	CPAI-2024-0750		CVE-2024-38652	Ivanti Avalanche Directory Traversal (CVE-2024-38652)
Medium	3 Sep 2024	16 Dec 2024	CPAI-2024-0736		CVE-2024-29830	Ivanti Endpoint Manager SQL Injection (CVE-2024-29830)
High	19 Aug 2024	16 Dec 2024	CPAI-2024-0685		CVE-2024-29826 CVE-2024-29827	Ivanti Endpoint Manager SQL Injection (CVE-2024-29826; CVE-2024-29827)
Critical	6 Aug 2024	16 Dec 2024	CPAI-2024-0661		CVE-2024-7593	Ivanti Virtual Traffic Manager Authentication Bypass (CVE-2024-7593)
High	14 Jul 2024	16 Dec 2024	CPAI-2024-0566		CVE-2024-29823	Ivanti Endpoint Manager SQL Injection (CVE-2024-29823)
High	15 Jul 2024	16 Dec 2024	CPAI-2024-0551		CVE-2024-29825	Ivanti Endpoint Manager SQL Injection (CVE-2024-29825)
High	1 Jul 2024	16 Dec 2024	CPAI-2024-0509		CVE-2024-29848	Ivanti Avalanche Arbitrary File Upload (CVE-2024-29848)
Critical	17 Jun 2024	16 Dec 2024	CPAI-2024-0406		CVE-2024-29824	Ivanti Endpoint Manager SQL Injection (CVE-2024-29824)
High	20 Jun 2024	16 Dec 2024	CPAI-2024-0405		CVE-2024-23535	Ivanti Avalanche Directory Traversal (CVE-2024-23535)
High	23 May 2024	16 Dec 2024	CPAI-2024-0310		CVE-2024-24992	Ivanti Avalanche Directory Traversal (CVE-2024-24992)
High	16 May 2024	16 Dec 2024	CPAI-2024-0302		CVE-2024-24994	Ivanti Avalanche Directory Traversal (CVE-2024-24994)
Medium	18 Mar 2024	16 Dec 2024	CPAI-2023-1596		CVE-2023-41474	Ivanti Avalanche Directory Traversal (CVE-2023-41474)
Critical	25 Feb 2024	16 Dec 2024	CPAI-2021-2111		CVE-2021-22962	Ivanti Avalanche Denial of Service (CVE-2021-22962)
High	18 Feb 2024	16 Dec 2024	CPAI-2021-2108		CVE-2021-42125	Ivanti Avalanche Arbitrary File Upload (CVE-2021-42125)
High	11 Feb 2024	16 Dec 2024	CPAI-2024-0055		CVE-2024-22024	Ivanti XML External Entity Injection (CVE-2024-22024)
Critical	18 Feb 2024	16 Dec 2024	CPAI-2023-1527		CVE-2023-46264	Ivanti Avalanche Unrestricted File Upload (CVE-2023-46264)
High	4 Feb 2024	16 Dec 2024	CPAI-2024-0035		CVE-2024-21893	Ivanti Server-Side Request Forgery (CVE-2024-21893)
Critical	5 Feb 2024	16 Dec 2024	CPAI-2023-1509		CVE-2023-46263	Ivanti Avalanche Arbitrary File Upload (CVE-2023-46263)
Critical	4 Feb 2024	16 Dec 2024	CPAI-2023-1508		CVE-2023-41727 CVE-2023-46216 CVE-2023-46217	Ivanti Avalanche Stack Buffer Overflow (CVE-2023-41727; CVE-2023-46216; CVE-2023-46217)
Critical	18 Jan 2024	16 Dec 2024	CPAI-2024-0016		CVE-2024-21887	Ivanti Command Injection (CVE-2024-21887)
Medium	15 Dec 2024	15 Dec 2024	CPAI-2024-1153		CVE-2024-32501	Centreon Project Centreon Web SQL Injection (CVE-2024-32501)
High	12 Dec 2024	15 Dec 2024	CPAI-2024-1155		CVE-2024-50623	Cleo Arbitrary File Upload (CVE-2024-50623)
Medium	1 Jul 2024	15 Dec 2024	CPAI-2020-4187		CVE-2020-13965	Roundcube Webmail Cross-Site Scripting (CVE-2020-13965)
Critical	11 Dec 2024	11 Dec 2024	CPAI-2024-1150		CVE-2024-45216	Apache Solr Authentication Bypass (CVE-2024-45216)
Medium	11 Dec 2024	11 Dec 2024	CPAI-2024-1149		CVE-2024-8785	Progress WhatsUp Gold Remote Code Execution (CVE-2024-8785)
High	10 Dec 2024	11 Dec 2024	CPAI-2024-1114	Microsoft CVE-2024-49138	CVE-2024-49138	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2024-49138)
Medium	11 Dec 2024	11 Dec 2024	CPAI-2014-2637		CVE-2014-2269	vTiger CRM Improper Access Control (CVE-2014-2269)
Critical	2 Dec 2024	11 Dec 2024	CPAI-2024-1062		CVE-2024-8191	Ivanti Endpoint Manager SQL Injection (CVE-2024-8191)
High	10 Dec 2024	10 Dec 2024	CPAI-2024-1147	Microsoft CVE-2024-49122	CVE-2024-49122	Microsoft Message Queuing Remote Code Execution (CVE-2024-49122)
High	10 Dec 2024	10 Dec 2024	CPAI-2024-1138			Trickbot Cobalt Strike Command and Control Campaign
High	9 Dec 2024	9 Dec 2024	CPAI-2024-1136			Word Macro HTTP Exfiltration Command and Control
High	9 Dec 2024	9 Dec 2024	CPAI-2024-1125			Sunburst Teardrop and Raindrop HTTP IoC
High	9 Dec 2024	9 Dec 2024	CPAI-2016-1340		CVE-2016-4510	Trihedral VTScada Authentication Bypass (CVE-2016-4510)
Critical	8 Dec 2024	8 Dec 2024	CPAI-2024-1141		CVE-2024-35286	Mitel MiCollab SQL Injection (CVE-2024-35286)
Medium	8 Dec 2024	8 Dec 2024	CPAI-2024-1133		CVE-2024-43451	Microsoft Windows Spoofing (CVE-2024-43451)