Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	25 Feb 2024	16 Dec 2024	CPAI-2021-2111		CVE-2021-22962	Ivanti Avalanche Denial of Service (CVE-2021-22962)
High	18 Feb 2024	16 Dec 2024	CPAI-2021-2108		CVE-2021-42125	Ivanti Avalanche Arbitrary File Upload (CVE-2021-42125)
High	11 Feb 2024	16 Dec 2024	CPAI-2024-0055		CVE-2024-22024	Ivanti XML External Entity Injection (CVE-2024-22024)
Critical	18 Feb 2024	16 Dec 2024	CPAI-2023-1527		CVE-2023-46264	Ivanti Avalanche Unrestricted File Upload (CVE-2023-46264)
High	4 Feb 2024	16 Dec 2024	CPAI-2024-0035		CVE-2024-21893	Ivanti Server-Side Request Forgery (CVE-2024-21893)
Critical	5 Feb 2024	16 Dec 2024	CPAI-2023-1509		CVE-2023-46263	Ivanti Avalanche Arbitrary File Upload (CVE-2023-46263)
Critical	4 Feb 2024	16 Dec 2024	CPAI-2023-1508		CVE-2023-41727 CVE-2023-46216 CVE-2023-46217	Ivanti Avalanche Stack Buffer Overflow (CVE-2023-41727; CVE-2023-46216; CVE-2023-46217)
Critical	18 Jan 2024	16 Dec 2024	CPAI-2024-0016		CVE-2024-21887	Ivanti Command Injection (CVE-2024-21887)
Medium	15 Dec 2024	15 Dec 2024	CPAI-2024-1153		CVE-2024-32501	Centreon Project Centreon Web SQL Injection (CVE-2024-32501)
Medium	1 Jul 2024	15 Dec 2024	CPAI-2020-4187		CVE-2020-13965	Roundcube Webmail Cross-Site Scripting (CVE-2020-13965)
Medium	11 Dec 2024	11 Dec 2024	CPAI-2024-1149		CVE-2024-8785	Progress WhatsUp Gold Remote Code Execution (CVE-2024-8785)
High	10 Dec 2024	11 Dec 2024	CPAI-2024-1114	Microsoft CVE-2024-49138	CVE-2024-49138	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2024-49138)
Medium	11 Dec 2024	11 Dec 2024	CPAI-2014-2637		CVE-2014-2269	vTiger CRM Improper Access Control (CVE-2014-2269)
Critical	2 Dec 2024	11 Dec 2024	CPAI-2024-1062		CVE-2024-8191	Ivanti Endpoint Manager SQL Injection (CVE-2024-8191)
High	10 Dec 2024	10 Dec 2024	CPAI-2024-1147	Microsoft CVE-2024-49122	CVE-2024-49122	Microsoft Message Queuing Remote Code Execution (CVE-2024-49122)
High	10 Dec 2024	10 Dec 2024	CPAI-2024-1138			Trickbot Cobalt Strike Command and Control Campaign
High	9 Dec 2024	9 Dec 2024	CPAI-2024-1136			Word Macro HTTP Exfiltration Command and Control
High	9 Dec 2024	9 Dec 2024	CPAI-2024-1125			Sunburst Teardrop and Raindrop HTTP IoC
High	9 Dec 2024	9 Dec 2024	CPAI-2016-1340		CVE-2016-4510	Trihedral VTScada Authentication Bypass (CVE-2016-4510)
Critical	8 Dec 2024	8 Dec 2024	CPAI-2024-1141		CVE-2024-35286	Mitel MiCollab SQL Injection (CVE-2024-35286)
Medium	8 Dec 2024	8 Dec 2024	CPAI-2024-1133		CVE-2024-43451	Microsoft Windows Spoofing (CVE-2024-43451)
Medium	8 Dec 2024	8 Dec 2024	CPAI-2024-1124		CVE-2024-50599	Zimbra Collaboration Server Cross-Site Scripting (CVE-2024-50599)
High	8 Dec 2024	8 Dec 2024	CPAI-2023-1943		CVE-2023-32315	Ignite Realtime Openfire Directory Traversal (CVE-2023-32315)
High	8 Dec 2024	8 Dec 2024	CPAI-2020-4216		CVE-2020-5410	VMware Spring Cloud Config Directory Traversal (CVE-2020-5410)
Critical	8 Dec 2024	8 Dec 2024	CPAI-2015-1674		CVE-2015-7919	SearchBlox Authentication Bypass (CVE-2015-7919)
High	8 Dec 2024	8 Dec 2024	CPAI-2015-1673		CVE-2015-6946	Borland AccuRev Buffer Overflow (CVE-2015-6946)
Medium	8 Dec 2024	8 Dec 2024	CPAI-2024-1131			Electric Sheep Fencing pfSense Remote Code Execution
High	17 Sep 2024	8 Dec 2024	CPAI-2024-0831		CVE-2024-8190	Ivanti Cloud Services Appliance Command Injection (CVE-2024-8190)
High	8 Dec 2024	8 Dec 2024	CPAI-2015-1589		CVE-2015-1605	Dell Asset Manager SQL Injection (CVE-2015-1605)
Critical	7 Aug 2024	5 Dec 2024	CPAI-2024-0663		CVE-2024-38856	Apache OFBiz Remote Code Execution (CVE-2024-38856)
Critical	25 Mar 2024	5 Dec 2024	CPAI-2024-0121			Server-Side Include Injection
Critical	3 Jan 2024	5 Dec 2024	CPAI-2023-1422		CVE-2023-51467	Apache OFBiz Authentication Bypass (CVE-2023-51467)
Critical	5 Dec 2024	5 Dec 2024	CPAI-2014-2552		CVE-2014-7883	HP Universal CMDB Server Authentication Bypass (CVE-2014-7883)
High	4 Dec 2024	4 Dec 2024	CPAI-2014-2639		CVE-2014-9013	WordPress Marketplace Plugin Privilege Escalation (CVE-2014-9013)
High	4 Dec 2024	4 Dec 2024	CPAI-2024-1107			macOS GateKeeper Notarization and File Quarantine Command and Control Bypass
Critical	4 Dec 2024	4 Dec 2024	CPAI-2024-1100		CVE-2024-39226	GL-iNet Multiple Products Command Injection (CVE-2024-39226)
Critical	4 Dec 2024	4 Dec 2024	CPAI-2024-1093		CVE-2024-42812	D-Link DIR-860L Buffer Overflow (CVE-2024-42812)
High	4 Dec 2024	4 Dec 2024	CPAI-2023-1025			WebUI Arbitrary Command Injection
High	2 Dec 2024	2 Dec 2024	CPAI-2024-1090		CVE-2024-42948	Tenda FH1201 Buffer Overflow (CVE-2024-42948)
High	2 Dec 2024	2 Dec 2024	CPAI-2023-1937		CVE-2023-32007	Apache Spark Command Injection (CVE-2023-32007)
High	2 Dec 2024	2 Dec 2024	CPAI-2009-0623		CVE-2009-2754	Informix Storage Manager Buffer Overflow (CVE-2009-2754)
High	24 Apr 2024	2 Dec 2024	CPAI-2024-0144		CVE-2024-25617	Squid Denial of Service (CVE-2024-25617)
High	1 Dec 2024	1 Dec 2024	CPAI-2024-1089		CVE-2024-46938	Sitecore Directory Traversal (CVE-2024-46938)
High	1 Dec 2024	1 Dec 2024	CPAI-2024-1071		CVE-2024-2398	Haxx Libcurl Memory Corruption (CVE-2024-2398)
Critical	28 Nov 2024	28 Nov 2024	CPAI-2024-1091		CVE-2024-38812	VMWare VCenter Server Buffer Overflow (CVE-2024-38812)
High	28 Nov 2024	28 Nov 2024	CPAI-2023-1938		CVE-2023-0126	SonicWall SMA1000 firmware Directory Traversal (CVE-2023-0126)
Critical	28 Nov 2024	28 Nov 2024	CPAI-2024-1083		CVE-2024-41730	SAP BusinessObjects Business Intelligence Platform Authentication Bypass (CVE-2024-41730)
Medium	6 Oct 2024	28 Nov 2024	CPAI-2024-0881		CVE-2024-5040	LAquis SCADA Arbitrary File Write (CVE-2024-5040)
Medium	28 Nov 2024	28 Nov 2024	CPAI-2023-1602		CVE-2023-5702	Viessmann Vitogate 300 Authentication Bypass (CVE-2023-5702)
Critical	27 Nov 2024	27 Nov 2024	CPAI-2023-1939		CVE-2023-28461	Array Networks ArrayOS Directory Traversal (CVE-2023-28461)