Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	11 Feb 2024	12 Feb 2024	CPAI-2024-0055	CVE-2024-22024	Ivanti XML External Entity Injection (CVE-2024-22024)
High	12 Feb 2024	12 Feb 2024	CPAI-2023-1519	CVE-2023-36035	Microsoft Exchange Server Insecure Deserialization (CVE-2023-36035)
Critical	12 Feb 2024	12 Feb 2024	CPAI-2022-2017	CVE-2022-31499	Nortek Linear eMerge E3-Series Command Injection (CVE-2022-31499)
High	12 Feb 2024	12 Feb 2024	CPAI-2009-0613	CVE-2009-4223	KR-Web Content Server Remote Code Execution (CVE-2009-4223)
Critical	12 Feb 2024	12 Feb 2024	CPAI-2023-1516	CVE-2023-6623	WordPress Essential Blocks Plugin Local File Inclusion (CVE-2023-6623)
Medium	11 Feb 2024	11 Feb 2024	CPAI-2017-1802	CVE-2017-9506	Atlassian OAuth Plugin Server Side Request Forgery (CVE-2017-9506)
High	11 Feb 2024	11 Feb 2024	CPAI-2020-4123	CVE-2020-12503	Korenix JetNet Command Injection (CVE-2020-12503)
High	11 Feb 2024	11 Feb 2024	CPAI-2023-1515	CVE-2023-36050	Microsoft Exchange Server Insecure Deserialization (CVE-2023-36050)
Critical	11 Feb 2024	11 Feb 2024	CPAI-2023-1514	CVE-2023-5652	WordPress Hotel Booking Plugin SQL Injection (CVE-2023-5652)
Critical	11 Feb 2024	11 Feb 2024	CPAI-2021-2079	CVE-2021-21345	XStream Insecure Deserialization (CVE-2021-21345)
High	11 Feb 2024	11 Feb 2024	CPAI-2023-0119		HackerOne Security Scanner
High	8 Feb 2024	8 Feb 2024	CPAI-2018-2677	CVE-2018-15704	Advantech WebAccess Buffer Overflow (CVE-2018-15704)
High	8 Feb 2024	8 Feb 2024	CPAI-2020-4106	CVE-2020-12513	Pepperl Fuchs IO-Link Master Command Injection (CVE-2020-12513)
Critical	8 Feb 2024	8 Feb 2024	CPAI-2021-2095	CVE-2021-24472	WordPress QantumThemes Multiple Plugins Server-Side Request Forgery (CVE-2021-24472)
High	8 Feb 2024	8 Feb 2024	CPAI-2018-2655	CVE-2018-7700	DedeCMS Cross-Site Request Forgery (CVE-2018-7700)
High	4 Feb 2024	7 Feb 2024	CPAI-2024-0035	CVE-2024-21893	Ivanti Server-Side Request Forgery (CVE-2024-21893)
Critical	6 Feb 2024	6 Feb 2024	CPAI-2023-1484	CVE-2023-48023	Anyscale Ray Server-Side Request Forgery (CVE-2023-48023)
High	5 Feb 2024	5 Feb 2024	CPAI-2023-1506	CVE-2023-31102	7-Zip Integer Underflow (CVE-2023-31102)
High	5 Feb 2024	5 Feb 2024	CPAI-2024-0022		WordPress Sonaar Music Plugin Cross-Site Scripting
High	5 Feb 2024	5 Feb 2024	CPAI-2023-1494	CVE-2023-27179	GDidees CMS Arbitrary File Download (CVE-2023-27179)
High	4 Feb 2024	4 Feb 2024	CPAI-2023-1507	CVE-2023-36039	Microsoft Exchange Server Spoofing (CVE-2023-36039)
Critical	4 Feb 2024	4 Feb 2024	CPAI-2023-1496	CVE-2023-20073	Cisco RV340 Arbitrary File Upload (CVE-2023-20073)
Critical	4 Feb 2024	4 Feb 2024	CPAI-2023-1491	CVE-2023-4708	Infosoftbd Clcknshop SQL Injection (CVE-2023-4708)
High	4 Feb 2024	4 Feb 2024	CPAI-2024-0028	CVE-2024-0517	Google Chrome Out of Bounds Write (CVE-2024-0517)
Critical	4 Feb 2024	4 Feb 2024	CPAI-2023-1508	CVE-2023-41727 CVE-2023-46216 CVE-2023-46217	Ivanti Avalanche Stack Buffer Overflow (CVE-2023-41727; CVE-2023-46216; CVE-2023-46217)
High	4 Feb 2024	4 Feb 2024	CPAI-2023-0501	CVE-2023-25652	Git Remote Code Execution (CVE-2023-25652)
Medium	1 Feb 2024	1 Feb 2024	CPAI-2021-2092	CVE-2021-21402	Jellyfin Directory Traversal (CVE-2021-21402)
Critical	1 Feb 2024	1 Feb 2024	CPAI-2023-1483	CVE-2023-46574	TOTOLINK A3700R Command Injection (CVE-2023-46574)
Medium	31 Jan 2024	31 Jan 2024	CPAI-2019-3141	CVE-2019-19985	WordPress Email Subscribers And Newsletters Plugin Information Disclosure (CVE-2019-19985)
Critical	30 Jan 2024	30 Jan 2024	CPAI-2023-1480	CVE-2023-46977	TOTOLINK LR1200GB Stack Overflow (CVE-2023-46977)
Critical	29 Jan 2024	29 Jan 2024	CPAI-2018-2576	CVE-2018-7836	Schneider Electric IIoT Monitor Unrestricted File Upload (CVE-2018-7836)
Medium	28 Jan 2024	28 Jan 2024	CPAI-2021-2091	CVE-2021-21973	VMware Multiple Products Server-Side Request Forgery (CVE-2021-21973)
High	24 Jan 2024	28 Jan 2024	CPAI-2023-1485	CVE-2023-24580	Django Denial of Service (CVE-2023-24580)
Medium	28 Jan 2024	28 Jan 2024	CPAI-2019-3138	CVE-2019-13396	FlightPath Directory Traversal (CVE-2019-13396)
Medium	25 Jan 2024	25 Jan 2024	CPAI-2023-1488	CVE-2023-0552	WordPress Pie Register Plugin Open Redirect (CVE-2023-0552)
High	25 Jan 2024	25 Jan 2024	CPAI-2023-1467	CVE-2023-25573	Metersphere Improper Access Control (CVE-2023-25573)
Medium	25 Jan 2024	25 Jan 2024	CPAI-2022-1995	CVE-2022-39960	Netic Group Export Authentication Bypass (CVE-2022-39960)
Critical	25 Jan 2024	25 Jan 2024	CPAI-2023-1457	CVE-2023-48022	Anyscale Ray Remote Code Execution (CVE-2023-48022)
Critical	16 Jan 2024	24 Jan 2024	CPAI-2023-1469	CVE-2023-6875	WordPress POST SMTP Mailer Plugin Authentication Bypass (CVE-2023-6875)
Critical	24 Jan 2024	24 Jan 2024	CPAI-2018-2651	CVE-2018-7251	Anchor CMS Information Disclosure (CVE-2018-7251)
Critical	24 Jan 2024	24 Jan 2024	CPAI-2023-1158	CVE-2023-4634	WordPress Media Library Assistant Plugin Remote Code Execution (CVE-2023-4634)
High	22 Jan 2024	22 Jan 2024	CPAI-2023-1479	CVE-2023-46455	GL.iNET GL-AR300M Directory Traversal (CVE-2023-46455)
Critical	22 Jan 2024	22 Jan 2024	CPAI-2023-1474	CVE-2023-5322 CVE-2023-6581	D-Link DAR-7000 SQL Injection (CVE-2023-5322; CVE-2023-6581)
Medium	22 Jan 2024	22 Jan 2024	CPAI-2018-2652	CVE-2018-7662	Couch CMS Information Disclosure (CVE-2018-7662)
Critical	22 Jan 2024	22 Jan 2024	CPAI-2022-2000	CVE-2022-36553	Hytec Inter Command Injection (CVE-2022-36553)
Critical	22 Jan 2024	22 Jan 2024	CPAI-2022-2004	CVE-2022-29383	NETGEAR ProSAFE SSL VPN SQL Injection (CVE-2022-29383)
High	22 Jan 2024	22 Jan 2024	CPAI-2022-2003	CVE-2022-2200	Mozilla Multiple Products Prototype Pollution (CVE-2022-2200)
Critical	22 Jan 2024	22 Jan 2024	CPAI-2022-2002	CVE-2022-32429	Mega System Technologies MSNSwitch Authentication Bypass (CVE-2022-32429)
Medium	22 Jan 2024	22 Jan 2024	CPAI-2019-3144	CVE-2019-17503	Kirona Dynamic Resource Scheduling Information Disclosure (CVE-2019-17503)
High	21 Jan 2024	21 Jan 2024	CPAI-2019-3142	CVE-2019-11248	Kubernetes Authentication Bypass (CVE-2019-11248)