High
|
13 Aug 2024 |
13 Aug 2024 |
CPAI-2024-0650
|
Microsoft CVE-2024-38196
|
CVE-2024-38196
|
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2024-38196)
|
High
|
13 Aug 2024 |
13 Aug 2024 |
CPAI-2024-0646
|
Microsoft CVE-2024-38125
|
CVE-2024-38125
|
Microsoft Kernel Streaming WOW Thunk Service Driver Elevation of Privilege (CVE-2024-38125)
|
High
|
13 Aug 2024 |
13 Aug 2024 |
CPAI-2024-0645
|
Microsoft CVE-2024-38141
|
CVE-2024-38141
|
Microsoft Windows Ancillary Function Driver for WinSock Elevation of Privilege (CVE-2024-38141)
|
High
|
13 Aug 2024 |
13 Aug 2024 |
CPAI-2024-0644
|
Microsoft CVE-2024-38144
|
CVE-2024-38144
|
Microsoft Kernel Streaming WOW Thunk Service Driver Elevation of Privilege (CVE-2024-38144)
|
High
|
13 Aug 2024 |
13 Aug 2024 |
CPAI-2024-0642
|
Microsoft CVE-2024-38150
|
CVE-2024-38150
|
Microsoft Windows DWM Core Library Elevation of Privilege (CVE-2024-38150)
|
High
|
13 Aug 2024 |
13 Aug 2024 |
CPAI-2024-0641
|
Microsoft CVE-2024-38147
|
CVE-2024-38147
|
Microsoft DWM Core Library Elevation of Privilege (CVE-2024-38147)
|
High
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2024-0672
|
|
CVE-2024-28739
|
Koha ILS Command Injection (CVE-2024-28739)
|
High
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2024-0669
|
|
CVE-2024-6782
|
Calibre Remote Code Execution (CVE-2024-6782)
|
High
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2024-0668
|
|
CVE-2024-7009
|
Calibre SQL Injection (CVE-2024-7009)
|
Medium
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2023-1870
|
|
CVE-2023-2796
|
WordPress EventON Plugin Authentication Bypass (CVE-2023-2796)
|
High
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2024-0666
|
|
CVE-2024-7008
|
Calibre Cross-Site Scripting (CVE-2024-7008)
|
High
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2024-0665
|
|
CVE-2024-6781
|
Calibre Directory Traversal (CVE-2024-6781)
|
Critical
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2024-0657
|
|
CVE-2024-6220
|
WordPress Keydatas Plugin Arbitrary File Upload (CVE-2024-6220)
|
Critical
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2024-0656
|
|
CVE-2024-34102
|
Adobe Multiple Products XML External Entity Injection (CVE-2024-34102)
|
High
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2024-0655
|
|
CVE-2024-32480
|
LibreNMS SQL Injection (CVE-2024-32480)
|
Medium
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2024-0649
|
|
CVE-2024-30043
|
Microsoft SharePoint Server Information Disclosure (CVE-2024-30043)
|
Critical
|
22 Jul 2024 |
12 Aug 2024 |
CPAI-2024-0563
|
|
|
Edge-Side Include Injection
|
Critical
|
27 Jun 2024 |
12 Aug 2024 |
CPAI-2024-0526
|
|
CVE-2024-5806
|
Progress MOVEit Transfer Authentication Bypass (CVE-2024-5806)
|
Critical
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2023-0704
|
|
CVE-2023-20894
|
VMware vCenter Server Memory Corruption (CVE-2023-20894)
|
High
|
12 Aug 2024 |
12 Aug 2024 |
CPAI-2021-1012
|
|
CVE-2021-35215
|
Solarwinds Orion Platform Insecure Deserialization (CVE-2021-35215)
|
Medium
|
8 Aug 2024 |
8 Aug 2024 |
CPAI-2023-1869
|
|
CVE-2023-22232
|
Adobe Connect Improper Access Control (CVE-2023-22232)
|
Critical
|
8 Aug 2024 |
8 Aug 2024 |
CPAI-2024-0659
|
|
CVE-2024-7314
|
Anji-plus AJ-Report Authentication Bypass (CVE-2024-7314)
|
High
|
8 Aug 2024 |
8 Aug 2024 |
CPAI-2023-1867
|
|
CVE-2023-2928
|
DedeCMS Command Injection (CVE-2023-2928)
|
High
|
8 Aug 2024 |
8 Aug 2024 |
CPAI-2024-0651
|
|
CVE-2024-7339
|
Multiple DVR Products Information Disclosure (CVE-2024-7339)
|
High
|
8 Aug 2024 |
8 Aug 2024 |
CPAI-2024-0594
|
|
CVE-2024-3799
|
Phoniebox Project Command Injection (CVE-2024-3799)
|
Critical
|
23 May 2024 |
8 Aug 2024 |
CPAI-2024-0320
|
|
CVE-2024-32113
|
Apache OFBiz Path Traversal (CVE-2024-32113)
|
Critical
|
2 Apr 2024 |
8 Aug 2024 |
CPAI-2023-1598
|
|
CVE-2023-37170 CVE-2023-37171 CVE-2023-37172 CVE-2023-37173 CVE-2023-46976 CVE-2023-46993 CVE-2024-23057 CVE-2024-23058 CVE-2024-23059 CVE-2024-23060 CVE-2024-23061 CVE-2024-24325 CVE-2024-24326 CVE-2024-24327
|
TOTOLINK A3300R Command Injection (CVE-2023-37170; CVE-2023-37171; CVE-2023-37172; CVE-2023-37173; CVE-2023-46976; CVE-2023-46993; CVE-2024-23057; CVE-2024-23058; CVE-2024-23059; CVE-2024-23060; CVE-2024-23061; CVE-2024-24325; CVE-2024-24326; CVE-2024-24327)
|
Critical
|
22 Jan 2024 |
8 Aug 2024 |
CPAI-2023-1472
|
|
CVE-2023-49417 CVE-2023-49418 CVE-2024-7212 CVE-2024-7213
|
TOTOLINK A7000R Stack Overflow (CVE-2023-49417; CVE-2023-49418; CVE-2024-7212; CVE-2024-7213)
|
High
|
8 Aug 2024 |
8 Aug 2024 |
CPAI-2023-0695
|
|
CVE-2023-23836
|
SolarWinds Orion Platform Insecure Deserialization (CVE-2023-23836)
|
High
|
7 Aug 2024 |
7 Aug 2024 |
CPAI-2024-0654
|
|
CVE-2024-7334 CVE-2024-7335 CVE-2024-7336 CVE-2024-7337 CVE-2024-7338
|
TOTOLINK EX Buffer Overflow (CVE-2024-7334; CVE-2024-7335; CVE-2024-7336; CVE-2024-7337; CVE-2024-7338)
|
High
|
7 Aug 2024 |
7 Aug 2024 |
CPAI-2024-0626
|
|
CVE-2024-4885
|
WhatsUp Gold Remote Code Execution (CVE-2024-4885)
|
High
|
7 Aug 2024 |
7 Aug 2024 |
CPAI-2024-0568
|
|
CVE-2024-27136
|
Apache JSPWiki Cross-Site Scripting (CVE-2024-27136)
|
High
|
4 Jul 2024 |
7 Aug 2024 |
CPAI-2023-1785
|
|
CVE-2023-0104
|
Weintek EasyBuilder Pro Directory Traversal (CVE-2023-0104)
|
High
|
6 Aug 2024 |
6 Aug 2024 |
CPAI-2023-1860
|
|
CVE-2023-1549
|
WordPress Ad Inserter Plugin PHP Object Injection (CVE-2023-1549)
|
High
|
6 Aug 2024 |
6 Aug 2024 |
CPAI-2024-0615
|
|
CVE-2024-6962 CVE-2024-6963 CVE-2024-6964 CVE-2024-6965 CVE-2024-7151 CVE-2024-7152
|
Tenda O3 Stack Overflow (CVE-2024-6962; CVE-2024-6963; CVE-2024-6964; CVE-2024-6965; CVE-2024-7151; CVE-2024-7152)
|
Critical
|
5 Aug 2024 |
5 Aug 2024 |
CPAI-2023-1866
|
|
CVE-2023-28398 CVE-2023-28718
|
Osprey Pump Controller Authentication Bypass (CVE-2023-28398; CVE-2023-28718)
|
Medium
|
5 Aug 2024 |
5 Aug 2024 |
CPAI-2024-0633
|
|
CVE-2024-4474
|
WordPress oneTarek WP Logs Book Plugin Cross-Site Request Forgery (CVE-2024-4474)
|
High
|
5 Aug 2024 |
5 Aug 2024 |
CPAI-2024-0628
|
|
CVE-2024-34051
|
Dolibarr ERP and CRM Suite Reflected Cross-Site Scripting (CVE-2024-34051)
|
Medium
|
5 Aug 2024 |
5 Aug 2024 |
CPAI-2024-0627
|
|
CVE-2024-6922
|
Automation Anywhere 360 Server-Side Request Forgery (CVE-2024-6922)
|
High
|
5 Aug 2024 |
5 Aug 2024 |
CPAI-2024-0625
|
|
CVE-2024-7172 CVE-2024-7173 CVE-2024-7176 CVE-2024-7178 CVE-2024-7179 CVE-2024-7180 CVE-2024-7184 CVE-2024-7186
|
TOTOLINK A3600R Buffer Overflow (CVE-2024-7172; CVE-2024-7173; CVE-2024-7176; CVE-2024-7178; CVE-2024-7179; CVE-2024-7180; CVE-2024-7184; CVE-2024-7186)
|
High
|
5 Aug 2024 |
5 Aug 2024 |
CPAI-2024-0622
|
|
CVE-2024-7156
|
TOTOLINK A3700R Information Disclosure (CVE-2024-7156)
|
High
|
5 Aug 2024 |
5 Aug 2024 |
CPAI-2024-0621
|
|
CVE-2024-7157
|
TOTOLINK A3100R Buffer Overflow (CVE-2024-7157)
|
Critical
|
5 Aug 2024 |
5 Aug 2024 |
CPAI-2023-1853
|
|
CVE-2023-33404
|
BlogEngine.NET Arbitrary File Upload (CVE-2023-33404)
|
High
|
5 Aug 2024 |
5 Aug 2024 |
CPAI-2024-0612
|
|
CVE-2024-21518
|
Opencart Code Injection (CVE-2024-21518)
|
Critical
|
25 Jul 2024 |
5 Aug 2024 |
CPAI-2024-0614
|
|
CVE-2024-41110
|
Docker Engine Authentication Bypass (CVE-2024-41110)
|
High
|
5 Aug 2024 |
5 Aug 2024 |
CPAI-2024-0611
|
|
CVE-2024-3833
|
Google Chrome Type Confusion (CVE-2024-3833)
|
High
|
19 Jun 2024 |
5 Aug 2024 |
CPAI-2023-1778
|
|
CVE-2023-36884
|
Microsoft Multiple Products Remote Code Execution (CVE-2023-36884)
|
High
|
5 Aug 2024 |
5 Aug 2024 |
CPAI-2022-2081
|
|
CVE-2022-38111
|
SolarWinds Orion Platform Insecure Deserialization (CVE-2022-38111)
|
Critical
|
1 Aug 2024 |
1 Aug 2024 |
CPAI-2023-1857
|
|
CVE-2023-30194
|
Prestashop Posthemes SQL Injection (CVE-2023-30194)
|
Medium
|
1 Aug 2024 |
1 Aug 2024 |
CPAI-2024-0618
|
|
CVE-2024-2454
|
GitLab Community Edition (CE) and Enterprise Edition Denial of Service (CVE-2024-2454)
|