Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	3 Sep 2024	3 Sep 2024	CPAI-2018-2791	CVE-2018-16855	PowerDNS Recursor Out-of-Bounds Read (CVE-2018-16855)
High	26 Aug 2024	3 Sep 2024	CPAI-2024-0721	CVE-2024-6457	WordPress Project Husky Products Filter Plugin SQL Injection (CVE-2024-6457)
Medium	3 Sep 2024	3 Sep 2024	CPAI-2021-1959	CVE-2021-37152	Sonatype Nexus Repository Manager Cross-Site Scripting (CVE-2021-37152)
Medium	3 Sep 2024	3 Sep 2024	CPAI-2020-3997	CVE-2020-0765	Microsoft Remote Desktop Connection Manager XML External Entity Injection (CVE-2020-0765)
High	3 Sep 2024	3 Sep 2024	CPAI-2023-0801	CVE-2023-3256	Advantech R-SeeNet Local File Inclusion (CVE-2023-3256)
High	3 Sep 2024	3 Sep 2024	CPAI-2023-0775	CVE-2023-28716	MySCADA MyPRO Command Injection (CVE-2023-28716)
High	2 Sep 2024	2 Sep 2024	CPAI-2024-0771	CVE-2024-7029	AVTECH AVM1203 Command Injection (CVE-2024-7029)
Critical	2 Sep 2024	2 Sep 2024	CPAI-2024-0758	CVE-2024-31819	WWBN AVideo Remote Code Execution (CVE-2024-31819)
Critical	2 Sep 2024	2 Sep 2024	CPAI-2022-2119	CVE-2022-32522	Schneider Electric Interactive Graphical SCADA System Out-of-bounds Write (CVE-2022-32522)
High	2 Sep 2024	2 Sep 2024	CPAI-2024-0749		Zhiyuan OA Arbitrary File Upload
High	2 Sep 2024	2 Sep 2024	CPAI-2023-1883	CVE-2023-41578	Jeecg Boot Information Disclosure (CVE-2023-41578)
High	2 Sep 2024	2 Sep 2024	CPAI-2020-4197	CVE-2020-13573	Rockwell Automation RSLinx Denial of Service (CVE-2020-13573)
High	2 Sep 2024	2 Sep 2024	CPAI-2024-0742		Elber Wayber II Authentication Bypass
Critical	2 Sep 2024	2 Sep 2024	CPAI-2024-0731	CVE-2024-39914	FOG Project Command Injection (CVE-2024-39914)
Critical	2 Sep 2024	2 Sep 2024	CPAI-2024-0720	CVE-2024-7829	D-Link Multiple Products Command Injection (CVE-2024-7829)
Critical	1 Sep 2024	1 Sep 2024	CPAI-2022-2121	CVE-2022-47002	Masa CMS Authentication Bypass (CVE-2022-47002)
High	1 Sep 2024	1 Sep 2024	CPAI-2024-0741	CVE-2024-6411	WordPress ProfileGrid Plugin Privilege Escalation (CVE-2024-6411)
High	29 Aug 2024	29 Aug 2024	CPAI-2024-0734		YiSaiTong SQL Injection
High	19 Aug 2024	29 Aug 2024	CPAI-2024-0712		Landray OA Remote Code Execution
High	29 Aug 2024	29 Aug 2024	CPAI-2024-0686	CVE-2024-6366	WordPress User Profile Builder Plugin Arbitrary File Upload (CVE-2024-6366)
High	29 Aug 2024	29 Aug 2024	CPAI-2023-0532	CVE-2023-27978	Schneider Electric Multiple Products Insecure Deserialization (CVE-2023-27978)
High	28 Aug 2024	28 Aug 2024	CPAI-2024-0748	CVE-2024-30850	CHAOS RAT Command Injection (CVE-2024-30850)
Critical	28 Aug 2024	28 Aug 2024	CPAI-2022-2118	CVE-2022-47071	NVS365 V01 Command Injection (CVE-2022-47071)
High	28 Aug 2024	28 Aug 2024	CPAI-2024-0732	CVE-2024-28741	NorthStar C2 Remote Code Execution (CVE-2024-28741)
Critical	28 Aug 2024	28 Aug 2024	CPAI-2024-0726	CVE-2024-25830	F-logic DataCube3 Information Disclosure (CVE-2024-25830)
High	27 Aug 2024	27 Aug 2024	CPAI-2024-0743	CVE-2024-39123	Calibre-Web Cross-Site Scripting (CVE-2024-39123)
Critical	22 Aug 2024	27 Aug 2024	CPAI-2024-0728	CVE-2024-28000	WordPress LiteSpeed Cache Plugin Privilege Escalation (CVE-2024-28000)
High	27 Aug 2024	27 Aug 2024	CPAI-2020-4196	CVE-2020-17525	Apache Subversion Denial of Service (CVE-2020-17525)
High	27 Aug 2024	27 Aug 2024	CPAI-2023-1879	CVE-2023-50564	Pluck CMS Arbitrary File Upload (CVE-2023-50564)
Medium	27 Aug 2024	27 Aug 2024	CPAI-2021-2203	CVE-2021-22784	Schneider Electric C-Bus Toolkit Authentication Bypass (CVE-2021-22784)
High	27 Aug 2024	27 Aug 2024	CPAI-2024-0598	CVE-2024-5276	Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)
High	27 Aug 2024	27 Aug 2024	CPAI-2021-1785	CVE-2021-22824	Schneider-Electric Interactive Graphical SCADA System Buffer Overflow (CVE-2021-22824)
Critical	27 Aug 2024	27 Aug 2024	CPAI-2022-1574	CVE-2022-24313	Schneider-Electric Interactive Graphical SCADA System Buffer Overflow (CVE-2022-24313)
High	27 Aug 2024	27 Aug 2024	CPAI-2022-1564	CVE-2022-24315	Schneider-Electric Interactive Graphical SCADA System Out-of-bounds Read (CVE-2022-24315)
High	26 Aug 2024	26 Aug 2024	CPAI-2024-0719	CVE-2024-29276	Seeyon OA Arbitrary File Upload (CVE-2024-29276)
Critical	26 Aug 2024	26 Aug 2024	CPAI-2024-0718		Zhiyuan A8 OA Remote Code Execution
Critical	26 Aug 2024	26 Aug 2024	CPAI-2023-1878	CVE-2023-40504	LG Simple Editor Command Injection (CVE-2023-40504)
High	26 Aug 2024	26 Aug 2024	CPAI-2023-1877	CVE-2023-49964	Hyland Alfresco Server-Side Template Injection (CVE-2023-49964)
High	26 Aug 2024	26 Aug 2024	CPAI-2022-2090	CVE-2022-28685	AVEVA Edge Insecure Deserialization (CVE-2022-28685)
High	26 Aug 2024	26 Aug 2024	CPAI-2023-0365	CVE-2023-28400	MySCADA MyPRO Command Injection (CVE-2023-28400)
High	8 Feb 2024	22 Aug 2024	CPAI-2016-1253	CVE-2016-8525 CVE-2016-8530	HP Intelligent Management Center Denial of Service (CVE-2016-8530; CVE-2016-8525)
Medium	22 Aug 2024	22 Aug 2024	CPAI-2021-2204	CVE-2021-38488	Delta DIALink Cross-Site Scripting (CVE-2021-38488)
Medium	22 Aug 2024	22 Aug 2024	CPAI-2024-0714	CVE-2023-4119 CVE-2023-4973 CVE-2024-38959	WordPress Academy LMS Plugin Cross-Site Scripting (CVE-2023-4119; CVE-2023-4973; CVE-2024-38959)
Medium	22 Aug 2024	22 Aug 2024	CPAI-2021-2202	CVE-2021-30214	Knowage Suite Client-Side Template Injection (CVE-2021-30214)
Critical	22 Aug 2024	22 Aug 2024	CPAI-2023-1872	CVE-2023-0587	Trend Micro Apex One Arbitrary File Upload (CVE-2023-0587)
High	22 Aug 2024	22 Aug 2024	CPAI-2022-1603	CVE-2022-36969	AVEVA Edge XML External Entity Injection (CVE-2022-36969)
High	21 Aug 2024	21 Aug 2024	CPAI-2022-2116	CVE-2022-45835	WordPress PhonePe Plugin Server-Side Request Forgery (CVE-2022-45835)
Medium	21 Aug 2024	21 Aug 2024	CPAI-2022-2115	CVE-2022-45365	WordPress Urosevic Stock Ticker Plugin Cross-Site Scripting (CVE-2022-45365)
Critical	21 Aug 2024	21 Aug 2024	CPAI-2020-4195	CVE-2020-23584	OptilinkNetwork OP-XT71000n Command Injection (CVE-2020-23584)
Critical	21 Aug 2024	21 Aug 2024	CPAI-2022-2114	CVE-2022-45551	ZBT WE1626 Privilege Escalation (CVE-2022-45551)