Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Medium	8 Dec 2024	8 Dec 2024	CPAI-2024-1124	CVE-2024-50599	Zimbra Collaboration Server Cross-Site Scripting (CVE-2024-50599)
High	8 Dec 2024	8 Dec 2024	CPAI-2023-1943	CVE-2023-32315	Ignite Realtime Openfire Directory Traversal (CVE-2023-32315)
High	8 Dec 2024	8 Dec 2024	CPAI-2020-4216	CVE-2020-5410	VMware Spring Cloud Config Directory Traversal (CVE-2020-5410)
Critical	8 Dec 2024	8 Dec 2024	CPAI-2015-1674	CVE-2015-7919	SearchBlox Authentication Bypass (CVE-2015-7919)
High	8 Dec 2024	8 Dec 2024	CPAI-2015-1673	CVE-2015-6946	Borland AccuRev Buffer Overflow (CVE-2015-6946)
Medium	8 Dec 2024	8 Dec 2024	CPAI-2024-1131		Electric Sheep Fencing pfSense Remote Code Execution
High	17 Sep 2024	8 Dec 2024	CPAI-2024-0831	CVE-2024-8190	Ivanti Cloud Services Appliance Command Injection (CVE-2024-8190)
High	8 Dec 2024	8 Dec 2024	CPAI-2015-1589	CVE-2015-1605	Dell Asset Manager SQL Injection (CVE-2015-1605)
Critical	7 Aug 2024	5 Dec 2024	CPAI-2024-0663	CVE-2024-38856	Apache OFBiz Remote Code Execution (CVE-2024-38856)
Critical	25 Mar 2024	5 Dec 2024	CPAI-2024-0121		Server-Side Include Injection
Critical	3 Jan 2024	5 Dec 2024	CPAI-2023-1422	CVE-2023-51467	Apache OFBiz Authentication Bypass (CVE-2023-51467)
Critical	5 Dec 2024	5 Dec 2024	CPAI-2014-2552	CVE-2014-7883	HP Universal CMDB Server Authentication Bypass (CVE-2014-7883)
High	4 Dec 2024	4 Dec 2024	CPAI-2014-2639	CVE-2014-9013	WordPress Marketplace Plugin Privilege Escalation (CVE-2014-9013)
High	4 Dec 2024	4 Dec 2024	CPAI-2024-1107		macOS GateKeeper Notarization and File Quarantine Command and Control Bypass
Critical	2 Dec 2024	4 Dec 2024	CPAI-2024-1108	CVE-2024-11680	ProjectSend Authentication Bypass (CVE-2024-11680)
Critical	4 Dec 2024	4 Dec 2024	CPAI-2024-1100	CVE-2024-39226	GL-iNet Multiple Products Command Injection (CVE-2024-39226)
Critical	4 Dec 2024	4 Dec 2024	CPAI-2024-1093	CVE-2024-42812	D-Link DIR-860L Buffer Overflow (CVE-2024-42812)
High	4 Dec 2024	4 Dec 2024	CPAI-2023-1025		WebUI Arbitrary Command Injection
High	2 Dec 2024	2 Dec 2024	CPAI-2024-1090	CVE-2024-42948	Tenda FH1201 Buffer Overflow (CVE-2024-42948)
High	2 Dec 2024	2 Dec 2024	CPAI-2023-1937	CVE-2023-32007	Apache Spark Command Injection (CVE-2023-32007)
High	2 Dec 2024	2 Dec 2024	CPAI-2009-0623	CVE-2009-2754	Informix Storage Manager Buffer Overflow (CVE-2009-2754)
High	24 Apr 2024	2 Dec 2024	CPAI-2024-0144	CVE-2024-25617	Squid Denial of Service (CVE-2024-25617)
High	1 Dec 2024	1 Dec 2024	CPAI-2024-1089	CVE-2024-46938	Sitecore Directory Traversal (CVE-2024-46938)
High	1 Dec 2024	1 Dec 2024	CPAI-2024-1071	CVE-2024-2398	Haxx Libcurl Memory Corruption (CVE-2024-2398)
Critical	28 Nov 2024	28 Nov 2024	CPAI-2024-1091	CVE-2024-38812	VMWare VCenter Server Buffer Overflow (CVE-2024-38812)
High	28 Nov 2024	28 Nov 2024	CPAI-2023-1938	CVE-2023-0126	SonicWall SMA1000 firmware Directory Traversal (CVE-2023-0126)
Critical	28 Nov 2024	28 Nov 2024	CPAI-2024-1083	CVE-2024-41730	SAP BusinessObjects Business Intelligence Platform Authentication Bypass (CVE-2024-41730)
Medium	6 Oct 2024	28 Nov 2024	CPAI-2024-0881	CVE-2024-5040	LAquis SCADA Arbitrary File Write (CVE-2024-5040)
Medium	28 Nov 2024	28 Nov 2024	CPAI-2023-1602	CVE-2023-5702	Viessmann Vitogate 300 Authentication Bypass (CVE-2023-5702)
Critical	27 Nov 2024	27 Nov 2024	CPAI-2023-1939	CVE-2023-28461	Array Networks ArrayOS Directory Traversal (CVE-2023-28461)
Critical	29 May 2024	27 Nov 2024	CPAI-2023-1456	CVE-2023-46727	GLPI SQL Injection (CVE-2023-46727)
Medium	26 Nov 2024	26 Nov 2024	CPAI-2024-1067		Digium Asterisk PJSIP Channel Driver REGISTER Denial-of-Service
High	11 Jul 2024	26 Nov 2024	CPAI-2024-0557	CVE-2024-36104	Apache OFBiz Directory Traversal (CVE-2024-36104)
Critical	21 Feb 2024	26 Nov 2024	CPAI-2023-1538	CVE-2019-10631 CVE-2023-27992 CVE-2023-4473 CVE-2023-4474	Zyxel NAS326 Command Injection (CVE-2019-10631; CVE-2023-27992; CVE-2023-4473; CVE-2023-4474)
Critical	25 Nov 2024	25 Nov 2024	CPAI-2020-4214	CVE-2020-3657	Qualcomm APQ8009 Firmware Remote Code Execution (CVE-2020-3657)
High	25 Nov 2024	25 Nov 2024	CPAI-2011-0791	CVE-2011-1966	Microsoft Windows Server 2008 Remote Code Execution (CVE-2011-1966)
Medium	25 Nov 2024	25 Nov 2024	CPAI-2024-1045	CVE-2024-46538	Netgate Pfsense Cross-Site Scripting (CVE-2024-46538)
Medium	25 Nov 2024	25 Nov 2024	CPAI-2018-2726	CVE-2018-12905	Joyplus-CMS Project Joyplus-Cms Cross-Site Scripting (CVE-2018-12905)
High	25 Nov 2024	25 Nov 2024	CPAI-2018-2722	CVE-2018-12589	Polarisoffice Polaris Office 2017 Remote Code Execution (CVE-2018-12589)
Medium	25 Nov 2024	25 Nov 2024	CPAI-2019-3175	CVE-2019-5533	VMware SD-WAN by VeloCloud Information Disclosure (CVE-2019-5533)
High	25 Nov 2024	25 Nov 2024	CPAI-2021-2129	CVE-2021-20043	SonicWall Sma 200 Firmware Buffer Overflow (CVE-2021-20043)
Critical	25 Nov 2024	25 Nov 2024	CPAI-2018-2582	CVE-2018-17246	Elastic Kibana Command Injection (CVE-2018-17246)
Critical	24 Nov 2024	24 Nov 2024	CPAI-2024-1073	CVE-2024-47575	Fortinet FortiManager Command Injection (CVE-2024-47575)
Critical	24 Nov 2024	24 Nov 2024	CPAI-2018-2854	CVE-2018-0125	Cisco RV132W Command Injection (CVE-2018-0125)
Critical	19 Nov 2024	24 Nov 2024	CPAI-2024-1076	CVE-2024-0012	Palo Alto Networks PAN-OS Authentication Bypass (CVE-2024-0012)
High	19 Nov 2024	24 Nov 2024	CPAI-2024-1075	CVE-2024-9474	Palo Alto Networks PAN-OS Command Injection (CVE-2024-9474)
Critical	24 Nov 2024	24 Nov 2024	CPAI-2009-0631	CVE-2009-1930	Microsoft Telnet Protocol Authentication Bypass (CVE-2009-1930)
High	20 Nov 2024	24 Nov 2024	CPAI-2024-1070	CVE-2024-10924	WordPress Really Simple Security Plugin Authentication Bypass (CVE-2024-10924)
Medium	24 Nov 2024	24 Nov 2024	CPAI-2009-0629	CVE-2009-3295	Mit Kerberos 5 Denial of Service (CVE-2009-3295)
High	10 Jul 2024	24 Nov 2024	CPAI-2024-0560	CVE-2024-36991	Splunk Enterprise Path Traversal (CVE-2024-36991)