Home / 2024 Advisories Archive

2024 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	26 Mar 2024	20 May 2024	CPAI-2024-0095			Python Functions Remote Code Execution
Critical	20 May 2024	20 May 2024	CPAI-2024-0262		CVE-2024-29021	Judge0 Server-Side Request Forgery (CVE-2024-29021)
High	20 May 2024	20 May 2024	CPAI-2024-0287		CVE-2024-0265	SourceCodester Clinic Queuing System Remote Code Execution (CVE-2024-0265)
Critical	15 Jan 2024	20 May 2024	CPAI-2023-1451		CVE-2023-37679 CVE-2023-43208	NextGen Mirth Connect Command Injection (CVE-2023-37679; CVE-2023-43208)
High	20 May 2024	20 May 2024	CPAI-2019-3186		CVE-2019-7258	Linear eMerge E3-Series Privilege Escalation (CVE-2019-7258)
Critical	20 May 2024	20 May 2024	CPAI-2024-0267		CVE-2024-28185 CVE-2024-28189	Judge0 Arbitrary File Read and Write (CVE-2024-28185; CVE-2024-28189)
Critical	20 May 2024	20 May 2024	CPAI-2024-0272		CVE-2024-0921	D-Link DIR-816 Command Injection (CVE-2024-0921)
Critical	7 Mar 2024	20 May 2024	CPAI-2022-2028		CVE-2020-10973 CVE-2022-31847 CVE-2022-34045 CVE-2022-34046 CVE-2022-34047 CVE-2022-34049 CVE-2022-34576 CVE-2022-48165	Wavlink Routers Authentication Bypass (CVE-2020-10973; CVE-2022-31847; CVE-2022-34045; CVE-2022-34046; CVE-2022-34047; CVE-2022-34049; CVE-2022-34576; CVE-2022-48165)
High	20 May 2024	20 May 2024	CPAI-2023-1695		CVE-2023-47218	QNAP QTS Command Injection (CVE-2023-47218)
Critical	20 May 2024	20 May 2024	CPAI-2024-0285		CVE-2024-0264	SourceCodester Clinic Queuing System Authentication Bypass (CVE-2024-0264)
High	20 May 2024	20 May 2024	CPAI-2008-0553		CVE-2008-4128	Cisco IOS Cross-Site Request Forgery (CVE-2008-4128)
High	20 May 2024	20 May 2024	CPAI-2024-0297		CVE-2024-20353 CVE-2024-20359	Cisco Multiple Products Remote Code Execution (CVE-2024-20353; CVE-2024-20359)
Critical	19 May 2024	19 May 2024	CPAI-2024-0289		CVE-2024-25641	Cacti Arbitrary File Upload (CVE-2024-25641)
High	19 May 2024	19 May 2024	CPAI-2020-4164		CVE-2020-15867	Gogs Remote Code Execution (CVE-2020-15867)
High	19 May 2024	19 May 2024	CPAI-2024-0264			Judge0 Command Injection
Critical	19 May 2024	19 May 2024	CPAI-2023-1683		CVE-2023-2676 CVE-2023-29917	H3C Routers Buffer Overflow (CVE-2023-2676; CVE-2023-29917)
High	19 May 2024	19 May 2024	CPAI-2023-1675		CVE-2023-3206	Feiyuxing VEC40G Denial of Service (CVE-2023-3206)
High	18 Jan 2024	19 May 2024	CPAI-2023-1476		CVE-2023-46805	Ivanti Authentication Bypass (CVE-2023-46805)
Critical	16 May 2024	16 May 2024	CPAI-2024-0293		CVE-2024-29895	Cacti Command Injection (CVE-2024-29895)
High	16 May 2024	16 May 2024	CPAI-2024-0290		CVE-2024-31445	Cacti SQL Injection (CVE-2024-31445)
High	16 May 2024	16 May 2024	CPAI-2024-0278		CVE-2024-21793 CVE-2024-26026	F5 BIG-IP Next Central Manager SQL Injection (CVE-2024-21793; CVE-2024-26026)
High	16 May 2024	16 May 2024	CPAI-2024-0302		CVE-2024-24994	Ivanti Avalanche Directory Traversal (CVE-2024-24994)
Medium	16 May 2024	16 May 2024	CPAI-2024-0303		CVE-2024-28891	Delta Electronics DIAEnergie SQL Injection (CVE-2024-28891)
Critical	16 May 2024	16 May 2024	CPAI-2024-0257		CVE-2024-31848 CVE-2024-31849 CVE-2024-31850 CVE-2024-31851	CData Multiple Products Path Traversal (CVE-2024-31848; CVE-2024-31849; CVE-2024-31850; CVE-2024-31851)
High	16 May 2024	16 May 2024	CPAI-2006-0564		CVE-2006-5536	D-Link DSL-G624T Directory Traversal (CVE-2006-5536)
High	16 May 2024	16 May 2024	CPAI-2024-0254		CVE-2024-3721	TBK DVR Devices Command Injection (CVE-2024-3721)
Critical	16 May 2024	16 May 2024	CPAI-2024-0236		CVE-2024-27956	WordPress ValvePress Automatic Plugin SQL Injection (CVE-2024-27956)
Critical	16 May 2024	16 May 2024	CPAI-2021-2132		CVE-2021-23758	AjaxPro Insecure Deserialization (CVE-2021-23758)
High	30 Apr 2024	16 May 2024	CPAI-2023-1444		CVE-2023-49085	Cacti SQL Injection (CVE-2023-49085)
Medium	16 May 2024	16 May 2024	CPAI-2023-1213			EMC Captiva PixTools Distributed Imaging Control File Creation
Critical	16 May 2024	16 May 2024	CPAI-2023-0969		CVE-2023-38096	Netgear ProSAFE NMS300 Authentication Bypass (CVE-2023-38096)
High	15 May 2024	15 May 2024	CPAI-2023-1699		CVE-2023-31478	GL.iNET GL-S20 Information Disclosure (CVE-2023-31478)
Critical	15 May 2024	15 May 2024	CPAI-2024-0268		CVE-2024-1512	WordPress MasterStudy LMS Plugin SQL Injection (CVE-2024-1512)
High	15 May 2024	15 May 2024	CPAI-2022-2062		CVE-2022-34538 CVE-2022-34539	Digital Watchdog MEGApix Command Injection (CVE-2022-34538; CVE-2022-34539)
High	29 Jan 2024	15 May 2024	CPAI-2022-1997		CVE-2022-1802	Mozilla Multiple Products Prototype Pollution (CVE-2022-1802)
High	14 May 2024	15 May 2024	CPAI-2024-0282			Adobe Acrobat and Reader Out-of-bounds Write
High	14 May 2024	15 May 2024	CPAI-2024-0279			Adobe Acrobat and Reader Out-of-bounds Read
Medium	15 May 2024	15 May 2024	CPAI-2024-0214		CVE-2024-28253 CVE-2024-28254 CVE-2024-28847 CVE-2024-28848	OpenMetadata SpEL Injection (CVE-2024-28253; CVE-2024-28254; CVE-2024-28847; CVE-2024-28848)
Critical	24 Apr 2024	15 May 2024	CPAI-2024-0216		CVE-2024-4040	CrushFTP Information Disclosure (CVE-2024-4040)
High	14 May 2024	14 May 2024	CPAI-2024-0284	Adobe APSB24-29	CVE-2024-30311	Adobe Acrobat and Reader Out-of-bounds Read (APSB24-29: CVE-2024-30311)
High	14 May 2024	14 May 2024	CPAI-2024-0283	Adobe APSB24-29	CVE-2024-30284	Adobe Acrobat and Reader Use After Free (APSB24-29: CVE-2024-30284)
High	14 May 2024	14 May 2024	CPAI-2024-0281	Adobe APSB24-29	CVE-2024-30312	Adobe Acrobat and Reader Out-of-bounds Read (APSB24-29: CVE-2024-30312)
High	14 May 2024	14 May 2024	CPAI-2024-0280	Adobe APSB24-29	CVE-2024-30310	Adobe Acrobat and Reader Out-of-bounds Write (APSB24-29: CVE-2024-30310)
Medium	14 May 2024	14 May 2024	CPAI-2024-0277	Microsoft CVE-2024-30044	CVE-2024-30044	Microsoft SharePoint Server Remote Code Execution (CVE-2024-30044)
Medium	14 May 2024	14 May 2024	CPAI-2024-0271	Microsoft CVE-2024-30050	CVE-2024-30050	Microsoft Windows Mark of the Web Security Feature Bypass (CVE-2024-30050)
High	14 May 2024	14 May 2024	CPAI-2024-0248	Microsoft CVE-2024-30037	CVE-2024-30037	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2024-30037)
High	14 May 2024	14 May 2024	CPAI-2024-0245	Microsoft CVE-2024-30025	CVE-2024-30025	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2024-30025)
High	14 May 2024	14 May 2024	CPAI-2024-0244	Microsoft CVE-2024-30034	CVE-2024-30034	Microsoft Windows Cloud Files Mini Filter Driver Information Disclosure (CVE-2024-30034)
High	14 May 2024	14 May 2024	CPAI-2024-0243	Microsoft CVE-2024-29996	CVE-2024-29996	Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2024-29996)
High	14 May 2024	14 May 2024	CPAI-2024-0242	Microsoft CVE-2024-30032	CVE-2024-30032	Microsoft Windows DWM Core Library Elevation of Privilege (CVE-2024-30032)