Home / 2020 Advisories Archive

2020 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	29 Nov 2020	29 Nov 2020	CPAI-2020-1239	CVE-2020-28138	SourceCodester Online Clothing Store SQL Injection (CVE-2020-28138)
High	29 Nov 2020	29 Nov 2020	CPAI-2020-1241	CVE-2020-5791	Nagios XI Command Injection (CVE-2020-5791)
High	29 Nov 2020	29 Nov 2020	CPAI-2020-1223	CVE-2020-8165	Ruby On Rails Remote Code Execution (CVE-2020-8165)
High	29 Nov 2020	29 Nov 2020	CPAI-2020-1245	CVE-2020-25483	UCMS Project Command Injection (CVE-2020-25483)
High	29 Nov 2020	29 Nov 2020	CPAI-2020-1243	CVE-2020-18185	PluXml Remote Code Execution (CVE-2020-18185)
Critical	28 Nov 2020	28 Nov 2020	CPAI-2020-1222	CVE-2020-27955	Git LFS Remote Code Execution (CVE-2020-27955)
Medium	28 Nov 2020	28 Nov 2020	CPAI-2016-1016	CVE-2016-0070	Microsoft Windows Privilege Escalation (CVE-2016-0070)
High	28 Nov 2020	28 Nov 2020	CPAI-2020-1089	CVE-2020-6092	Gonitro Nitro Pro Integer Overflow (CVE-2020-6092)
Critical	4 Nov 2020	28 Nov 2020	CPAI-2020-1095		Winlogon Privilege Escalation
High	28 Nov 2020	28 Nov 2020	CPAI-2020-1236	CVE-2020-5791	Nagios XI mibs.php Command Injection (CVE-2020-5791)
Medium	28 Nov 2020	28 Nov 2020	CPAI-2016-1018	CVE-2016-0517	Oracle E-Business Suite HR Component Multiple Vulnerabilities (CVE-2016-0517)
High	28 Nov 2020	28 Nov 2020	CPAI-2020-1233	CVE-2020-28328	SuiteCRM Remote Code Execution (CVE-2020-28328)
Critical	28 Nov 2020	28 Nov 2020	CPAI-2020-1224	CVE-2020-7357	Cayin CMS Command Injection (CVE-2020-7357)
High	20 Oct 2020	28 Nov 2020	CPAI-2020-1043	CVE-2020-16952	Microsoft SharePoint Remote Code Execution (CVE-2020-16952)
Medium	28 Nov 2020	28 Nov 2020	CPAI-2016-1017	CVE-2016-8383	AntennaHouse DMC HTMLFilter Memory Corruption (CVE-2016-8383)
Medium	28 Nov 2020	28 Nov 2020	CPAI-2020-1231		Nagios Log Server Persistent Cross-Site Scripting
Medium	28 Nov 2020	28 Nov 2020	CPAI-2019-2406	CVE-2019-19143	TP-LINK TL-WR849N Authentication Bypass (CVE-2019-19143)
High	28 Nov 2020	28 Nov 2020	CPAI-2010-0657	CVE-2010-2145	ClearSite Beta Remote File Inclusion (CVE-2010-2145)
Critical	25 Nov 2020	25 Nov 2020	CPAI-2020-1218	CVE-2020-7373	VBulletin Remote Code Execution (CVE-2020-7373)
Medium	25 Nov 2020	25 Nov 2020	CPAI-2020-1217		Wordpress Yoast SEO Plugin Arbitrary File Upload
High	25 Nov 2020	25 Nov 2020	CPAI-2020-1206	CVE-2020-16009	Google Chrome Type Confusion (CVE-2020-16009)
Critical	25 Nov 2020	25 Nov 2020	CPAI-2020-1202	CVE-2020-25763	Seat Reservation System Arbitrary File Upload (CVE-2020-25763)
High	25 Nov 2020	25 Nov 2020	CPAI-2020-1186	CVE-2020-13778	rConfig Remote Code Execution (CVE-2020-13778)
High	25 Nov 2020	25 Nov 2020	CPAI-2020-1204	CVE-2020-13259	RAD SecFlow-1v Cross Site Request Forgery (CVE-2020-13259)
Critical	25 Nov 2020	25 Nov 2020	CPAI-2020-1200	CVE-2020-15906	Tiki Wiki CMS Authentication Bypass (CVE-2020-15906)
Medium	25 Nov 2020	25 Nov 2020	CPAI-2020-1220		ASUS TM-AC1900 Command Injection
Critical	23 Nov 2020	23 Nov 2020	CPAI-2019-2404	CVE-2019-3932	Crestron Authentication Bypass (CVE-2019-3932)
Medium	23 Nov 2020	23 Nov 2020	CPAI-2020-1148	CVE-2020-5730	OpenMRS Cross-Site Scripting (CVE-2020-5730)
Critical	23 Nov 2020	23 Nov 2020	CPAI-2019-2403	CVE-2019-3930	Crestron Stack Overflow (CVE-2019-3930)
High	23 Nov 2020	23 Nov 2020	CPAI-2020-1219	CVE-2020-8209	Citrix XenMobile Server Directory Traversal (CVE-2020-8209)
High	29 Sep 2020	23 Nov 2020	CPAI-2019-2274	CVE-2019-11447	CutePHP Cutenews Remote Code Execution (CVE-2019-11447)
Medium	23 Nov 2020	23 Nov 2020	CPAI-2020-1193		Joomla Publisher Component Persistent Cross-Site Scripting
Critical	23 Nov 2020	23 Nov 2020	CPAI-2020-1189	CVE-2020-27739	Citadel WebCit Cross Site Scripting (CVE-2020-27739)
Critical	23 Nov 2020	23 Nov 2020	CPAI-2020-1190	CVE-2020-16257	Winston Command Injection (CVE-2020-16257)
Medium	23 Nov 2020	23 Nov 2020	CPAI-2020-1049	CVE-2020-10203	Sonatype Nexus Repository Stored Cross Site Scripting (CVE-2020-10203)
Medium	23 Nov 2020	23 Nov 2020	CPAI-2020-1194	CVE-2020-5736	Amcrest Cameras Null Pointer Dereference (CVE-2020-5736)
High	23 Nov 2020	23 Nov 2020	CPAI-2020-1192	CVE-2020-16256	Winston Cross Site Request Forgery (CVE-2020-16256)
Critical	23 Nov 2020	23 Nov 2020	CPAI-2019-2393	CVE-2019-19825	TOTOLINK Realtek SDK Routers Authentication Bypass (CVE-2019-19825)
High	23 Nov 2020	23 Nov 2020	CPAI-2020-1195	CVE-2020-5735	Amcrest Cameras Stack Buffer Overflow (CVE-2020-5735)
Medium	23 Nov 2020	23 Nov 2020	CPAI-2020-1196		WordPress OneMall Plugin Reflected Cross Site Scripting
Critical	21 Nov 2020	21 Nov 2020	CPAI-2019-2398	CVE-2019-7192 CVE-2019-7193 CVE-2019-7194 CVE-2019-7195	QNAP Photo Station Remote Code Execution (CVE-2019-7192; CVE-2019-7193; CVE-2019-7194; CVE-2019-7195)
High	21 Nov 2020	21 Nov 2020	CPAI-2019-2400	CVE-2019-13529	SMA Solar Technology Sunny WebBox Cross-Site Request Forgery (CVE-2019-13529)
Critical	21 Nov 2020	21 Nov 2020	CPAI-2020-1182	CVE-2020-13802	Rebar3 Command Injection (CVE-2020-13802)
High	21 Nov 2020	21 Nov 2020	CPAI-2019-2392	CVE-2019-19142	Intelbras Wireless N Authentication Bypass (CVE-2019-19142)
High	21 Nov 2020	21 Nov 2020	CPAI-2020-1184	CVE-2020-14008	Zoho ManageEngine Applications Manager Arbitrary File Upload (CVE-2020-14008)
Medium	21 Nov 2020	21 Nov 2020	CPAI-2010-0655	CVE-2010-1186	WordPress NextGEN Gallery Plugin Cross-Site Scripting (CVE-2010-1186)
Medium	21 Nov 2020	21 Nov 2020	CPAI-2010-0656	CVE-2010-1486	CactuShop invoice.asp Cross-Site Scripting (CVE-2010-1486)
High	21 Nov 2020	21 Nov 2020	CPAI-2020-1228	CVE-2020-27995	Zoho ManageEngine Applications Manager SQL Injection (CVE-2020-27995)
High	21 Nov 2020	21 Nov 2020	CPAI-2020-1229	CVE-2020-26878	Ruckus IoT Controller Web UI Command Injection (CVE-2020-26878)
High	21 Nov 2020	21 Nov 2020	CPAI-2020-1180	CVE-2020-10644 CVE-2020-12004	Inductive Automation Ignition Insecure Deserialization (CVE-2020-12004; CVE-2020-10644)

2020 Advisories Archive

PRODUCTS

RESOURCES

COMMUNITIES

TECHNICAL RESOURCES

COMPANY