Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	7 Apr 2024	30 Jun 2025	CPAI-2024-0160	CVE-2024-24724	Gibbon Server-Side Template Injection (CVE-2024-24724)
Critical	8 Apr 2024	30 Jun 2025	CPAI-2021-2152	CVE-2021-44427	RosarioSIS SQL Injection (CVE-2021-44427)
High	4 Apr 2024	30 Jun 2025	CPAI-2023-1630	CVE-2023-37474	Copyparty Project Path Traversal (CVE-2023-37474)
Medium	8 Apr 2024	30 Jun 2025	CPAI-2021-2151	CVE-2021-36450	Verint Workforce Optimization Cross-Site Scripting (CVE-2021-36450)
High	30 Apr 2024	30 Jun 2025	CPAI-2024-0155	CVE-2024-2053	Artica Proxy Arbitrary File Read (CVE-2024-2053)
High	15 Aug 2024	30 Jun 2025	CPAI-2024-0154	CVE-2024-2054	Artica Web Proxy Insecure Deserialization (CVE-2024-2054)
High	4 Apr 2024	30 Jun 2025	CPAI-2021-2143	CVE-2021-40149 CVE-2021-40150	Reolink E1 Zoom Information Disclosure (CVE-2021-40149; CVE-2021-40150)
High	2 Apr 2024	30 Jun 2025	CPAI-2021-2145	CVE-2021-40856	Auerswald COMfortel Authentication Bypass (CVE-2021-40856)
High	1 Apr 2024	30 Jun 2025	CPAI-2021-2144	CVE-2021-3017	Intelbras Multiple Products Information Disclosure (CVE-2021-3017)
High	28 Mar 2024	30 Jun 2025	CPAI-2018-2730	CVE-2018-11538	SearchBlox Cross-Site Request Forgery (CVE-2018-11538)
High	25 Mar 2024	30 Jun 2025	CPAI-2024-0135	CVE-2024-27612	Numbas Editor Remote Code Execution (CVE-2024-27612)
High	21 Mar 2024	30 Jun 2025	CPAI-2024-0131	CVE-2024-25153	Fortra FileCatalyst Workflow Directory Traversal (CVE-2024-25153)
Critical	7 Apr 2024	30 Jun 2025	CPAI-2021-2141	CVE-2021-27651	Pega Infinity Authentication Bypass (CVE-2021-27651)
High	25 Mar 2024	30 Jun 2025	CPAI-2023-1604	CVE-2023-3368	Chamilo Command Injection (CVE-2023-3368)
Medium	28 Nov 2024	30 Jun 2025	CPAI-2023-1602	CVE-2023-5702	Viessmann Vitogate 300 Authentication Bypass (CVE-2023-5702)
Critical	20 Mar 2024	30 Jun 2025	CPAI-2021-2140	CVE-2021-40859	Auerswald COMpact 5500R Authentication Bypass (CVE-2021-40859)
Critical	20 Mar 2024	30 Jun 2025	CPAI-2014-2570	CVE-2014-9618	Netsweeper Client Filter Authentication Bypass (CVE-2014-9618)
Critical	20 Mar 2024	30 Jun 2025	CPAI-2014-2569	CVE-2014-9614	Netsweeper Hardcoded Credentials (CVE-2014-9614)
Critical	21 Mar 2024	30 Jun 2025	CPAI-2021-2139	CVE-2021-33221	CommScope Ruckus IoT Improper Access Control (CVE-2021-33221)
Medium	25 Nov 2024	30 Jun 2025	CPAI-2018-2726	CVE-2018-12905	Joyplus-CMS Project Joyplus-Cms Cross-Site Scripting (CVE-2018-12905)
Medium	27 Mar 2024	30 Jun 2025	CPAI-2011-0746	CVE-2011-2179	Icinga Cross-Site Scripting (CVE-2011-2179)
Critical	20 Mar 2024	30 Jun 2025	CPAI-2018-2718	CVE-2018-15534	Geutebrueck re_porter 16 Information Disclosure (CVE-2018-15534)
Medium	17 Mar 2024	30 Jun 2025	CPAI-2022-2039	CVE-2022-46300	VISAM VBASE Automation Base XML External Entity Injection (CVE-2022-46300)
High	20 Mar 2024	30 Jun 2025	CPAI-2023-1587	CVE-2023-51587	Voltronic Power ViewPower Information Disclosure (CVE-2023-51587)
High	17 Mar 2024	30 Jun 2025	CPAI-2023-1582	CVE-2023-50071	Sourcecodester Customer Support System SQL Injection (CVE-2023-50071)
Critical	14 Mar 2024	30 Jun 2025	CPAI-2023-1578	CVE-2023-22480	FIT2CLOUD KubePi Information Disclosure (CVE-2023-22480)
Critical	14 Mar 2024	30 Jun 2025	CPAI-2021-2138	CVE-2021-20157 CVE-2021-20158	TRENDnet TEW-827DRU Authentication Bypass (CVE-2021-20157; CVE-2021-20158)
Critical	11 Mar 2024	30 Jun 2025	CPAI-2023-1579	CVE-2023-22463	FIT2CLOUD KubePi Authentication Bypass (CVE-2023-22463)
Critical	14 Mar 2024	30 Jun 2025	CPAI-2017-1835	CVE-2017-8229	Amcrest IPM-721S Authentication Bypass (CVE-2017-8229)
Medium	13 Mar 2024	30 Jun 2025	CPAI-2024-0103	CVE-2024-22530	Allegra Directory Traversal (CVE-2024-22530)
Critical	13 Mar 2024	30 Jun 2025	CPAI-2023-1574	CVE-2023-46454	GL.iNET GL-AR300M Command Injection (CVE-2023-46454)
High	12 Mar 2024	30 Jun 2025	CPAI-2023-1576	CVE-2023-47464	GL.iNET GL-AX1800 Directory Traversal (CVE-2023-47464)
Critical	12 Mar 2024	30 Jun 2025	CPAI-2023-1575	CVE-2023-46456	GL.iNET GL-AR300M Command Injection (CVE-2023-46456)
Critical	12 Mar 2024	30 Jun 2025	CPAI-2018-2708	CVE-2018-16167	JPCERT LogonTracer Command Injection (CVE-2018-16167)
Medium	12 Mar 2024	30 Jun 2025	CPAI-2024-0097	CVE-2024-22506	Allegra Insecure Deserialization (CVE-2024-22506)
Critical	14 Mar 2024	30 Jun 2025	CPAI-2018-2707	CVE-2018-9161	Prisma Industriale Checkweigher PrismaWEB Information Disclosure (CVE-2018-9161)
High	11 Mar 2024	30 Jun 2025	CPAI-2022-2033	CVE-2022-35870	Inductive Automation Ignition Insecure Deserialization (CVE-2022-35870)
Critical	7 Mar 2024	30 Jun 2025	CPAI-2022-2034	CVE-2022-45933	KubeView Information Disclosure (CVE-2022-45933)
Medium	25 Nov 2024	30 Jun 2025	CPAI-2019-3175	CVE-2019-5533	VMware SD-WAN by VeloCloud Information Disclosure (CVE-2019-5533)
Critical	20 Mar 2024	30 Jun 2025	CPAI-2016-1292	CVE-2016-2345	DameWare Mini Remote Control Buffer Overflow (CVE-2016-2345)
Critical	13 Mar 2024	30 Jun 2025	CPAI-2022-2031	CVE-2022-3184	Dataprobe iBoot-PDU Directory Traversal (CVE-2022-3184)
High	13 Mar 2024	30 Jun 2025	CPAI-2021-2130	CVE-2021-26828	OpenPLC ScadaBR Arbitrary File Upload (CVE-2021-26828)
Critical	7 Mar 2024	30 Jun 2025	CPAI-2023-1567	CVE-2023-30261	OpenWB Command Injection (CVE-2023-30261)
High	26 Feb 2024	30 Jun 2025	CPAI-2024-0074	CVE-2024-1708	ConnectWise ScreenConnect Remote Code Execution (CVE-2024-1708)
High	26 Feb 2024	30 Jun 2025	CPAI-2024-0073	CVE-2024-1709	ConnectWise ScreenConnect Authentication Bypass (CVE-2024-1709)
Critical	28 Feb 2024	30 Jun 2025	CPAI-2023-1549	CVE-2023-32564	Ivanti Avalanche Unrestricted File Upload (CVE-2023-32564)
High	28 Feb 2024	30 Jun 2025	CPAI-2024-0071	CVE-2024-24824	Graylog Remote Code Execution (CVE-2024-24824)
Critical	28 Feb 2024	30 Jun 2025	CPAI-2020-4140	CVE-2020-24391	Mongo-Express Remote Code Execution (CVE-2020-24391)
High	26 Feb 2024	30 Jun 2025	CPAI-2022-2024	CVE-2022-28080	Royal Event Management System SQL Injection (CVE-2022-28080)
High	26 Feb 2024	30 Jun 2025	CPAI-2023-1546	CVE-2023-27034	PrestaShop Joommasters Jms Blog SQL Injection (CVE-2023-27034)