|
Critical
|
1 May 2024 |
1 May 2024 |
CPAI-2023-1610
|
|
CVE-2023-34993
CVE-2023-48782
|
Fortinet FortiWLM Command Injection (CVE-2023-34993; CVE-2023-48782)
|
|
High
|
1 May 2024 |
1 May 2024 |
CPAI-2024-0165
|
|
CVE-2024-2194
|
WordPress Statistics Plugin Stored Cross-Site Scripting (CVE-2024-2194)
|
|
High
|
25 Mar 2024 |
1 May 2024 |
CPAI-2023-1604
|
|
CVE-2023-3368
|
Chamilo Command Injection (CVE-2023-3368)
|
|
Critical
|
28 Jan 2024 |
1 May 2024 |
CPAI-2023-1492
|
|
CVE-2022-45505
CVE-2023-25231
CVE-2023-49402
CVE-2023-49404
CVE-2023-49405
CVE-2023-49410
CVE-2023-49411
CVE-2023-50000
CVE-2023-50001
CVE-2023-50002
|
Tenda W30E Stack Overflow (CVE-2022-45505; CVE-2023-25231; CVE-2023-49402; CVE-2023-49404; CVE-2023-49405; CVE-2023-49410; CVE-2023-49411; CVE-2023-50000; CVE-2023-50001; CVE-2023-50002)
|
|
High
|
29 Jan 2024 |
1 May 2024 |
CPAI-2022-1998
|
|
CVE-2022-1529
|
Mozilla Multiple Products Prototype Pollution (CVE-2022-1529)
|
|
Critical
|
24 Apr 2024 |
30 Apr 2024 |
CPAI-2024-0216
|
|
CVE-2024-4040
|
CrushFTP Information Disclosure (CVE-2024-4040)
|
|
High
|
30 Apr 2024 |
30 Apr 2024 |
CPAI-2023-0906
|
|
CVE-2023-3364
|
GitLab Denial of Service (CVE-2023-3364)
|
|
Medium
|
30 Apr 2024 |
30 Apr 2024 |
CPAI-2024-0211
|
|
CVE-2024-0637
|
Centreon Project Centreon Web SQL Injection (CVE-2024-0637)
|
|
Medium
|
30 Apr 2024 |
30 Apr 2024 |
CPAI-2024-0208
|
|
CVE-2024-23975
|
Delta Electronics DIAEnergie SQL Injection (CVE-2024-23975)
|
|
High
|
30 Apr 2024 |
30 Apr 2024 |
CPAI-2023-1670
|
|
CVE-2023-49084
|
Cacti Path Traversal (CVE-2023-49084)
|
|
Medium
|
30 Apr 2024 |
30 Apr 2024 |
CPAI-2024-0206
|
|
CVE-2024-25125
|
Treasure Data Digdag Directory Traversal (CVE-2024-25125)
|
|
Medium
|
30 Apr 2024 |
30 Apr 2024 |
CPAI-2023-1659
|
|
CVE-2023-2916
|
WordPress InfiniteWP Client Plugin Information Disclosure (CVE-2023-2916)
|
|
High
|
30 Apr 2024 |
30 Apr 2024 |
CPAI-2023-1654
|
|
CVE-2023-2877
|
WordPress Formidable Forms Plugin Remote Code Execution (CVE-2023-2877)
|
|
Medium
|
30 Apr 2024 |
30 Apr 2024 |
CPAI-2024-0178
|
|
CVE-2024-24401
|
Nagios Enterprises Nagios XI SQL Injection (CVE-2024-24401)
|
|
High
|
30 Apr 2024 |
30 Apr 2024 |
CPAI-2024-0155
|
|
CVE-2024-2053
|
Artica Tech Artica Proxy Arbitrary File Read (CVE-2024-2053)
|
|
High
|
30 Apr 2024 |
30 Apr 2024 |
CPAI-2024-0120
|
|
CVE-2024-26594
|
Linux Kernel Information Disclosure (CVE-2024-26594)
|
|
High
|
30 Apr 2024 |
30 Apr 2024 |
CPAI-2023-1444
|
|
CVE-2023-49085
|
Cacti Remote Code Execution (CVE-2023-49085)
|
|
High
|
25 Apr 2024 |
25 Apr 2024 |
CPAI-2024-0202
|
|
CVE-2024-0531
CVE-2024-0532
CVE-2024-0533
CVE-2024-0534
|
Tenda A15 Buffer Overflow (CVE-2024-0531; CVE-2024-0532; CVE-2024-0533; CVE-2024-0534)
|
|
Medium
|
24 Apr 2024 |
24 Apr 2024 |
CPAI-2022-2054
|
|
CVE-2022-47194
CVE-2022-47195
CVE-2022-47196
CVE-2022-47197
|
Ghost Cross-Site Scripting (CVE-2022-47194; CVE-2022-47195; CVE-2022-47196; CVE-2022-47197)
|
|
Critical
|
24 Apr 2024 |
24 Apr 2024 |
CPAI-2021-2158
|
|
CVE-2021-36393
|
Moodle SQL Injection (CVE-2021-36393)
|
|
Critical
|
24 Apr 2024 |
24 Apr 2024 |
CPAI-2023-1653
|
|
CVE-2023-6019
|
Ray Command Injection (CVE-2023-6019)
|
|
High
|
24 Apr 2024 |
24 Apr 2024 |
CPAI-2024-0182
|
|
CVE-2024-24725
|
Gibbon LMS Insecure Deserialization (CVE-2024-24725)
|
|
High
|
24 Apr 2024 |
24 Apr 2024 |
CPAI-2024-0144
|
|
CVE-2024-25617
|
Squid Denial of Service (CVE-2024-25617)
|
|
High
|
10 Mar 2024 |
24 Apr 2024 |
CPAI-2023-1577
|
|
CVE-2023-50386
|
Apache Solr Arbitrary File Upload (CVE-2023-50386)
|
|
Critical
|
24 Apr 2024 |
24 Apr 2024 |
CPAI-2023-1668
|
|
CVE-2023-50252
|
Dompdf php-svg-lib Insecure Deserialization (CVE-2023-50252)
|
|
Medium
|
24 Apr 2024 |
24 Apr 2024 |
CPAI-2024-0188
|
|
CVE-2024-21388
|
Microsoft Edge Chromium Privilege Escalation (CVE-2024-21388)
|
|
Critical
|
21 Apr 2024 |
21 Apr 2024 |
CPAI-2024-0204
|
|
CVE-2024-0930
|
Tenda AC10U Buffer Overflow (CVE-2024-0930)
|
|
High
|
21 Apr 2024 |
21 Apr 2024 |
CPAI-2021-2157
|
|
CVE-2021-35325
|
TOTOLINK A720R Buffer Overflow (CVE-2021-35325)
|
|
Critical
|
21 Apr 2024 |
21 Apr 2024 |
CPAI-2023-1660
|
|
CVE-2023-3460
|
WordPress Ultimate Member Plugin Privilege Escalation (CVE-2023-3460)
|
|
High
|
21 Apr 2024 |
21 Apr 2024 |
CPAI-2023-1658
|
|
CVE-2023-7024
|
Google Chrome Heap Buffer Overflow (CVE-2023-7024)
|
|
Medium
|
21 Apr 2024 |
21 Apr 2024 |
CPAI-2020-4157
|
|
CVE-2020-2039
|
Palo Alto Networks PAN-OS Denial of Service (CVE-2020-2039)
|
|
Medium
|
21 Apr 2024 |
21 Apr 2024 |
CPAI-2022-2044
|
|
CVE-2022-29349
CVE-2022-40879
CVE-2022-46934
|
kkFileView Cross-Site Scripting (CVE-2022-29349; CVE-2022-40879; CVE-2022-46934)
|
|
Critical
|
2 Apr 2024 |
21 Apr 2024 |
CPAI-2023-1623
|
|
CVE-2022-32039
CVE-2022-32043
CVE-2023-37714
CVE-2023-37715
CVE-2023-37716
CVE-2023-37717
CVE-2023-37718
CVE-2023-37719
CVE-2023-37721
CVE-2023-37722
CVE-2023-37723
CVE-2023-51093
|
Tenda Multiple Products Stack Overflow (CVE-2022-32039; CVE-2022-32043; CVE-2023-37714; CVE-2023-37715; CVE-2023-37716; CVE-2023-37717; CVE-2023-37718; CVE-2023-37719; CVE-2023-37721; CVE-2023-37722; CVE-2023-37723; CVE-2023-51093)
|
|
High
|
21 Apr 2024 |
21 Apr 2024 |
CPAI-2023-1186
|
|
CVE-2023-39584
|
Hexo Directory Traversal (CVE-2023-39584)
|
|
High
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2024-0200
|
|
CVE-2024-24747
|
MinIO Privilege Escalation (CVE-2024-24747)
|
|
High
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2022-2053
|
|
CVE-2022-3723
|
Google Chrome Type Confusion (CVE-2022-3723)
|
|
Medium
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2024-0194
|
|
CVE-2024-31138
|
JetBrains TeamCity Cross-Site Scripting (CVE-2024-31138)
|
|
Medium
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2023-1657
|
|
CVE-2023-32985
|
Jenkins Sidebar Link Plugin Directory Traversal (CVE-2023-32985)
|
|
Critical
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2018-2732
|
|
CVE-2018-10143
|
Palo Alto Networks Expedition Command Injection (CVE-2018-10143)
|
|
High
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2023-1650
|
|
CVE-2023-24078
|
Real Time Logic FuguHub Remote Code Execution (CVE-2023-24078)
|
|
High
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2023-1649
|
|
CVE-2023-46695
|
Django Denial of Service (CVE-2023-46695)
|
|
High
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2021-2154
|
|
CVE-2021-27358
|
Grafana Snapshot Feature Denial of Service (CVE-2021-27358)
|
|
High
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2023-1647
|
|
CVE-2023-2591
CVE-2023-2859
|
TeamPass Cross-Site Scripting (CVE-2023-2591; CVE-2023-2859)
|
|
Critical
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2022-2051
|
|
CVE-2022-44366
|
Tenda i21 Heap Overflow (CVE-2022-44366)
|
|
Critical
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2024-0186
|
|
CVE-2024-23759
|
Gambio Insecure Deserialization (CVE-2024-23759)
|
|
High
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2024-0185
|
|
CVE-2024-0801
|
Arcserve Unified Data Protection Denial-Of-Service (CVE-2024-0801)
|
|
Medium
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2024-0177
|
|
CVE-2024-23494
|
Delta Electronics DIAEnergie SQL Injection (CVE-2024-23494)
|
|
Critical
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2023-1637
|
|
CVE-2023-6895
|
Hikvision Intercom Broadcasting System Command Injection (CVE-2023-6895)
|
|
Medium
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2024-0166
|
|
CVE-2024-25574
|
Delta Electronics DIAEnergie SQL Injection (CVE-2024-25574)
|
|
Medium
|
18 Apr 2024 |
18 Apr 2024 |
CPAI-2023-1628
|
|
CVE-2023-39265
|
Apache Superset Authentication Bypass (CVE-2023-39265)
|
Feedback