Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	4 Sep 2024	4 Sep 2024	CPAI-2023-1888	CVE-2023-25570	Apollo Eureka Authentication Bypass (CVE-2023-25570)
High	4 Sep 2024	4 Sep 2024	CPAI-2024-0766		Hikvision Multiple Products Arbitrary File Upload
Critical	4 Sep 2024	4 Sep 2024	CPAI-2023-1882	CVE-2023-48362	Apache Drill XML External Entity (CVE-2023-48362)
High	4 Sep 2024	4 Sep 2024	CPAI-2023-1880	CVE-2023-27981	Schneider Electric Multiple Products Directory Traversal (CVE-2023-27981)
Critical	4 Sep 2024	4 Sep 2024	CPAI-2024-0684	CVE-2024-37079	VMWare vCenter Server Integer Underflow (CVE-2024-37079)
High	25 Jul 2024	4 Sep 2024	CPAI-2024-0601	CVE-2024-38112	Microsoft Windows Spoofing (CVE-2024-38112)
Medium	4 Sep 2024	4 Sep 2024	CPAI-2013-3853	CVE-2013-4826	HP Multiple Products Information Disclosure (CVE-2013-4826)
Medium	4 Sep 2024	4 Sep 2024	CPAI-2016-1254	CVE-2016-2168	Apache Subversion Denial of Service (CVE-2016-2168)
Critical	4 Sep 2024	4 Sep 2024	CPAI-2022-1567	CVE-2022-2329	Schneider Electric Interactive Graphical SCADA System Buffer Overflow (CVE-2022-2329)
Medium	4 Sep 2024	4 Sep 2024	CPAI-2022-1565	CVE-2022-22707	Lighttpd Buffer Overflow (CVE-2022-22707)
Medium	4 Sep 2024	4 Sep 2024	CPAI-2020-3840	CVE-2020-26981	Siemens Multiple Products Information Disclosure (CVE-2020-26981)
High	3 Sep 2024	3 Sep 2024	CPAI-2024-0755	CVE-2024-37901	XWiki.org XWiki Server-Side Template Injection (CVE-2024-37901)
Critical	3 Sep 2024	3 Sep 2024	CPAI-2024-0753	CVE-2024-6386	WordPress WPML Plugin Server-Side Template Injection (CVE-2024-6386)
Medium	3 Sep 2024	3 Sep 2024	CPAI-2024-0747	CVE-2024-23119	Centreon Project Centreon Web SQL Injection (CVE-2024-23119)
Critical	3 Sep 2024	3 Sep 2024	CPAI-2023-1881	CVE-2023-29412	Schneider Electric APC Easy UPS Online Monitoring Remote Code Execution (CVE-2023-29412)
High	3 Sep 2024	3 Sep 2024	CPAI-2024-0737	CVE-2024-32766	myQNAPcloud Command Injection (CVE-2024-32766)
High	26 Aug 2024	3 Sep 2024	CPAI-2024-0721	CVE-2024-6457	WordPress Project Husky Products Filter Plugin SQL Injection (CVE-2024-6457)
Medium	3 Sep 2024	3 Sep 2024	CPAI-2021-1959	CVE-2021-37152	Sonatype Nexus Repository Manager Cross-Site Scripting (CVE-2021-37152)
Medium	3 Sep 2024	3 Sep 2024	CPAI-2020-3997	CVE-2020-0765	Microsoft Remote Desktop Connection Manager XML External Entity Injection (CVE-2020-0765)
High	3 Sep 2024	3 Sep 2024	CPAI-2023-0801	CVE-2023-3256	Advantech R-SeeNet Local File Inclusion (CVE-2023-3256)
High	3 Sep 2024	3 Sep 2024	CPAI-2023-0775	CVE-2023-28716	MySCADA MyPRO Command Injection (CVE-2023-28716)
High	2 Sep 2024	2 Sep 2024	CPAI-2024-0771	CVE-2024-7029	AVTECH AVM1203 Command Injection (CVE-2024-7029)
Critical	2 Sep 2024	2 Sep 2024	CPAI-2024-0758	CVE-2024-31819	WWBN AVideo Remote Code Execution (CVE-2024-31819)
Critical	2 Sep 2024	2 Sep 2024	CPAI-2022-2119	CVE-2022-32522	Schneider Electric Interactive Graphical SCADA System Out-of-bounds Write (CVE-2022-32522)
High	2 Sep 2024	2 Sep 2024	CPAI-2024-0749		Zhiyuan OA Arbitrary File Upload
High	2 Sep 2024	2 Sep 2024	CPAI-2023-1883	CVE-2023-41578	Jeecg Boot Information Disclosure (CVE-2023-41578)
High	2 Sep 2024	2 Sep 2024	CPAI-2020-4197	CVE-2020-13573	Rockwell Automation RSLinx Denial of Service (CVE-2020-13573)
High	2 Sep 2024	2 Sep 2024	CPAI-2024-0742		Elber Wayber II Authentication Bypass
Critical	2 Sep 2024	2 Sep 2024	CPAI-2024-0731	CVE-2024-39914	FOG Project Command Injection (CVE-2024-39914)
Critical	2 Sep 2024	2 Sep 2024	CPAI-2024-0720	CVE-2024-7829	D-Link Multiple Products Command Injection (CVE-2024-7829)
Critical	1 Sep 2024	1 Sep 2024	CPAI-2022-2121	CVE-2022-47002	Masa CMS Authentication Bypass (CVE-2022-47002)
High	1 Sep 2024	1 Sep 2024	CPAI-2024-0741	CVE-2024-6411	WordPress ProfileGrid Plugin Privilege Escalation (CVE-2024-6411)
High	29 Aug 2024	29 Aug 2024	CPAI-2024-0734		YiSaiTong SQL Injection
High	19 Aug 2024	29 Aug 2024	CPAI-2024-0712		Landray OA Remote Code Execution
High	29 Aug 2024	29 Aug 2024	CPAI-2024-0686	CVE-2024-6366	WordPress User Profile Builder Plugin Arbitrary File Upload (CVE-2024-6366)
High	29 Aug 2024	29 Aug 2024	CPAI-2023-0532	CVE-2023-27978	Schneider Electric Multiple Products Insecure Deserialization (CVE-2023-27978)
High	28 Aug 2024	28 Aug 2024	CPAI-2024-0748	CVE-2024-30850	CHAOS RAT Command Injection (CVE-2024-30850)
Critical	28 Aug 2024	28 Aug 2024	CPAI-2022-2118	CVE-2022-47071	NVS365 V01 Command Injection (CVE-2022-47071)
High	28 Aug 2024	28 Aug 2024	CPAI-2024-0732	CVE-2024-28741	NorthStar C2 Remote Code Execution (CVE-2024-28741)
Critical	28 Aug 2024	28 Aug 2024	CPAI-2024-0726	CVE-2024-25830	F-logic DataCube3 Information Disclosure (CVE-2024-25830)
High	27 Aug 2024	27 Aug 2024	CPAI-2024-0743	CVE-2024-39123	Calibre-Web Cross-Site Scripting (CVE-2024-39123)
Critical	22 Aug 2024	27 Aug 2024	CPAI-2024-0728	CVE-2024-28000	WordPress LiteSpeed Cache Plugin Privilege Escalation (CVE-2024-28000)
High	27 Aug 2024	27 Aug 2024	CPAI-2020-4196	CVE-2020-17525	Apache Subversion Denial of Service (CVE-2020-17525)
High	27 Aug 2024	27 Aug 2024	CPAI-2023-1879	CVE-2023-50564	Pluck CMS Arbitrary File Upload (CVE-2023-50564)
Medium	27 Aug 2024	27 Aug 2024	CPAI-2021-2203	CVE-2021-22784	Schneider Electric C-Bus Toolkit Authentication Bypass (CVE-2021-22784)
High	27 Aug 2024	27 Aug 2024	CPAI-2024-0598	CVE-2024-5276	Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)
High	27 Aug 2024	27 Aug 2024	CPAI-2021-1785	CVE-2021-22824	Schneider-Electric Interactive Graphical SCADA System Buffer Overflow (CVE-2021-22824)
Critical	27 Aug 2024	27 Aug 2024	CPAI-2022-1574	CVE-2022-24313	Schneider-Electric Interactive Graphical SCADA System Buffer Overflow (CVE-2022-24313)
High	27 Aug 2024	27 Aug 2024	CPAI-2022-1564	CVE-2022-24315	Schneider-Electric Interactive Graphical SCADA System Out-of-bounds Read (CVE-2022-24315)
High	26 Aug 2024	26 Aug 2024	CPAI-2024-0719	CVE-2024-29276	Seeyon OA Arbitrary File Upload (CVE-2024-29276)