|
Critical
|
11 Mar 2024 |
11 Mar 2024 |
CPAI-2024-0109
|
|
|
Stored Cross-Site Scripting in SVG Upload
|
|
High
|
11 Mar 2024 |
11 Mar 2024 |
CPAI-2022-2033
|
|
CVE-2022-35870
|
Inductive Automation Ignition Insecure Deserialization (CVE-2022-35870)
|
|
High
|
11 Mar 2024 |
11 Mar 2024 |
CPAI-2024-0079
|
|
|
watchTowr Security Scanner
|
|
Critical
|
10 Mar 2024 |
10 Mar 2024 |
CPAI-2021-2135
|
|
CVE-2021-38540
|
Apache Airflow Authentication Bypass (CVE-2021-38540)
|
|
Critical
|
29 Feb 2024 |
10 Mar 2024 |
CPAI-2023-1564
|
|
CVE-2023-46453
CVE-2023-50919
|
GL.iNet Devices SQL Injection (CVE-2023-46453; CVE-2023-50919)
|
|
Critical
|
10 Mar 2024 |
10 Mar 2024 |
CPAI-2018-2684
|
|
CVE-2018-1207
|
Dell EMC Remote Code Execution (CVE-2018-1207)
|
|
Critical
|
7 Mar 2024 |
7 Mar 2024 |
CPAI-2022-2034
|
|
CVE-2022-45933
|
KubeView Information Disclosure (CVE-2022-45933)
|
|
High
|
7 Mar 2024 |
7 Mar 2024 |
CPAI-2023-1568
|
|
CVE-2023-40000
|
WordPress LiteSpeed Cache Plugin Authentication Bypass (CVE-2023-40000)
|
|
Critical
|
7 Mar 2024 |
7 Mar 2024 |
CPAI-2023-1567
|
|
CVE-2023-30261
|
OpenWB Command Injection (CVE-2023-30261)
|
|
Critical
|
7 Mar 2024 |
7 Mar 2024 |
CPAI-2023-1565
|
|
CVE-2023-25279
|
D-Link DIR-820L Command Injection (CVE-2023-25279)
|
|
Critical
|
11 Jan 2024 |
7 Mar 2024 |
CPAI-2024-0013
|
|
|
UTA0178 Webshell Activity
|
|
Critical
|
18 Jan 2024 |
6 Mar 2024 |
CPAI-2021-2078
|
|
CVE-2019-13101
CVE-2021-42627
|
D-Link Routers Authentication Bypass (CVE-2019-13101; CVE-2021-42627)
|
|
High
|
26 Feb 2024 |
6 Mar 2024 |
CPAI-2020-4091
|
|
CVE-2020-9490
|
Apache HTTP Server Request Smuggling (CVE-2020-9490)
|
|
Medium
|
6 Mar 2024 |
6 Mar 2024 |
CPAI-2011-0743
|
|
CVE-2011-1610
|
Cisco Unified Communications Manager SQL Injection (CVE-2011-1610)
|
|
Critical
|
6 Mar 2024 |
6 Mar 2024 |
CPAI-2020-4142
|
|
CVE-2020-35951
|
WordPress Quiz and Survey Master Plugin Arbitrary File Deletion (CVE-2020-35951)
|
|
Critical
|
6 Mar 2024 |
6 Mar 2024 |
CPAI-2022-2026
|
|
CVE-2022-26148
|
Grafana Information Disclosure (CVE-2022-26148)
|
|
High
|
13 Feb 2024 |
6 Mar 2024 |
CPAI-2024-0029
|
Microsoft CVE-2024-21338
|
CVE-2024-21338
|
Microsoft Windows Kernel Elevation of Privilege (CVE-2024-21338)
|
|
Critical
|
5 Mar 2024 |
5 Mar 2024 |
CPAI-2020-4145
|
|
CVE-2020-8771
|
WordPress Time Capsule Plugin Authentication Bypass (CVE-2020-8771)
|
|
Critical
|
5 Mar 2024 |
5 Mar 2024 |
CPAI-2020-4144
|
|
CVE-2020-7136
|
HPE Smart Update Manager Remote Unauthorized Access (CVE-2020-7136)
|
|
High
|
4 Mar 2024 |
4 Mar 2024 |
CPAI-2017-1834
|
|
CVE-2017-3599
|
Oracle MySQL Integer Overflow (CVE-2017-3599)
|
|
High
|
4 Mar 2024 |
4 Mar 2024 |
CPAI-2023-1548
|
|
CVE-2023-5482
|
Google Chrome Out of Bounds Write (CVE-2023-5482)
|
|
High
|
29 Feb 2024 |
29 Feb 2024 |
CPAI-2023-1563
|
|
CVE-2023-50445
|
GL.iNet Devices Command Injection (CVE-2023-50445)
|
|
Critical
|
29 Feb 2024 |
29 Feb 2024 |
CPAI-2023-1555
|
|
CVE-2023-24138
CVE-2023-24139
CVE-2023-24140
CVE-2023-24141
CVE-2023-24142
CVE-2023-24143
CVE-2023-24144
CVE-2023-24145
CVE-2023-24146
CVE-2023-24148
CVE-2023-24160
CVE-2023-24161
|
TOTOLINK CA300-PoE Command Injection (CVE-2023-24138; CVE-2023-24139; CVE-2023-24140; CVE-2023-24141; CVE-2023-24142; CVE-2023-24143; CVE-2023-24144; CVE-2023-24145; CVE-2023-24146; CVE-2023-24148; CVE-2023-24160; CVE-2023-24161)
|
|
High
|
29 Feb 2024 |
29 Feb 2024 |
CPAI-2024-0069
|
|
|
TOTOLINK LR1200GB Authentication Bypass
|
|
Critical
|
29 Feb 2024 |
29 Feb 2024 |
CPAI-2021-2110
|
|
CVE-2021-22707
|
Schneider Electric Multiple Products Hardcoded Credentials (CVE-2021-22707)
|
|
Medium
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2023-1553
|
|
CVE-2023-0050
|
GitLab Cross-Site Scripting (CVE-2023-0050)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2023-1549
|
|
CVE-2023-32564
|
Ivanti Avalanche Unrestricted File Upload (CVE-2023-32564)
|
|
High
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2024-0071
|
|
CVE-2024-24824
|
Graylog Remote Code Execution (CVE-2024-24824)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2022-2025
|
|
CVE-2022-0349
|
WordPress WPDeveloper NotificationX Plugin SQL Injection (CVE-2022-0349)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2021-2126
|
|
CVE-2021-42887
|
TOTOLINK EX1200T Authentication Bypass (CVE-2021-42887)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2020-4140
|
|
CVE-2020-24391
|
Mongo-Express Remote Code Execution (CVE-2020-24391)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2021-2124
|
|
CVE-2021-35064
|
KramerAV VIAWare Privilege Escalation (CVE-2021-35064)
|
|
Medium
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2022-2023
|
|
CVE-2022-27665
|
Progress Server Cross-Site Scripting (CVE-2022-27665)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2022-2022
|
|
CVE-2022-48323
|
Sunlogin Sunflower Directory Traversal (CVE-2022-48323)
|
|
Medium
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2020-4139
|
|
CVE-2020-3984
|
VMware SD-WAN Orchestrator SQL Injection (CVE-2020-3984)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2023-1544
|
|
CVE-2023-39143
|
PaperCut Directory Traversal (CVE-2023-39143)
|
|
High
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2020-4138
|
|
CVE-2020-4000
|
VMware SD-WAN Orchestrator Directory Traversal (CVE-2020-4000)
|
|
High
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2019-3162
|
|
CVE-2019-16997
|
Metinfo SQL Injection (CVE-2019-16997)
|
|
High
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2020-4137
|
|
CVE-2020-17143
|
Microsoft Exchange Server Information Disclosure (CVE-2020-17143)
|
|
Medium
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2023-1542
|
|
CVE-2023-42327
|
Netgate pfSense Cross-Site Scripting (CVE-2023-42327)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2021-2122
|
|
CVE-2021-41163
|
Discourse Remote Code Execution (CVE-2021-41163)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2018-2682
|
|
CVE-2018-3810
|
WordPress Oturia Smart Google Code Inserter Plugin Authentication Bypass (CVE-2018-3810)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2017-1804
|
|
CVE-2017-6079
|
Ribbon Communications EdgeMarc Firmware Command Injection (CVE-2017-6079)
|
|
High
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2021-2120
|
|
CVE-2021-27513
|
EyesOfNetwork Arbitrary File Upload (CVE-2021-27513)
|
|
High
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2021-2119
|
|
CVE-2021-42671
|
Engineers Online Portal Improper Access Control (CVE-2021-42671)
|
|
Medium
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2021-2116
|
|
CVE-2021-26812
|
Jitsi Meet Cross-Site Scripting (CVE-2021-26812)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2020-4135
|
|
CVE-2020-14092
|
WordPress iThemes PayPal Pro Plugin SQL Injection (CVE-2020-14092)
|
|
Critical
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2021-2115
|
|
CVE-2021-42669
|
Engineers Online Portal Command Injection (CVE-2021-42669)
|
|
Medium
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2021-2114
|
|
CVE-2021-43788
|
Nodebb Directory Traversal (CVE-2021-43788)
|
|
High
|
28 Feb 2024 |
28 Feb 2024 |
CPAI-2020-4134
|
|
CVE-2020-36197
|
QNAP Music Station Improper Access Control (CVE-2020-36197)
|
Feedback