Home / 2025 Advisories Archive

2025 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	27 Mar 2025	2 Apr 2025	CPAI-2025-0107		CVE-2025-21298	Microsoft Windows Remote Code Execution (CVE-2025-21298)
Critical	2 Apr 2025	2 Apr 2025	CPAI-2024-1539		CVE-2024-44849	Qualitor Remote Code Execution (CVE-2024-44849)
Critical	13 Mar 2025	2 Apr 2025	CPAI-2025-0084		CVE-2025-24813	Apache Tomcat Remote Code Execution (CVE-2025-24813)
Critical	31 Mar 2025	2 Apr 2025	CPAI-2025-0141		CVE-2025-2825	CrushFTP Authentication Bypass (CVE-2025-2825)
Critical	2 Apr 2025	2 Apr 2025	CPAI-2018-2908		CVE-2018-7846	Schneider-Electric Modicon M580 Remote Code Execution (CVE-2018-7846)
Critical	2 Apr 2025	2 Apr 2025	CPAI-2023-2019		CVE-2023-25610	Fortinet Multiple Products Remote Code Execution (CVE-2023-25610)
Critical	1 Apr 2025	1 Apr 2025	CPAI-2024-1508		CVE-2024-7464	TOTOLINK CP900 Command Injection (CVE-2024-7464)
Medium	31 Mar 2025	31 Mar 2025	CPAI-2024-1544		CVE-2024-28156	Jenkins Build Monitor View Plugin Cross-Site Scripting (CVE-2024-28156)
Medium	31 Mar 2025	31 Mar 2025	CPAI-2025-0140		CVE-2025-23199	Librenms Cross-Site Scripting (CVE-2025-23199)
Critical	31 Mar 2025	31 Mar 2025	CPAI-2024-1540		CVE-2024-9487	GitHub Enterprise Server Authentication Bypass (CVE-2024-9487)
High	31 Mar 2025	31 Mar 2025	CPAI-2025-0135		CVE-2025-24054	Microsoft Windows NTLM Relay (CVE-2025-24054)
High	31 Mar 2025	31 Mar 2025	CPAI-2025-0131		CVE-2025-29635	D-Link DIR-823X Command Injection (CVE-2025-29635)
Medium	31 Mar 2025	31 Mar 2025	CPAI-2025-0113		CVE-2025-27218	Sitecore Insecure Deserialization (CVE-2025-27218)
High	31 Mar 2025	31 Mar 2025	CPAI-2024-1517		CVE-2024-50322	Ivanti Endpoint Manager Directory Traversal (CVE-2024-50322)
High	31 Mar 2025	31 Mar 2025	CPAI-2024-1525		CVE-2024-53991	Discourse Remote Code Execution (CVE-2024-53991)
High	31 Mar 2025	31 Mar 2025	CPAI-2020-4288		CVE-2020-13340	GitLab Cross-Site Scripting (CVE-2020-13340)
High	31 Mar 2025	31 Mar 2025	CPAI-2024-1466		CVE-2024-50567	Fortinet FortiWeb Command Injection (CVE-2024-50567)
Medium	31 Mar 2025	31 Mar 2025	CPAI-2025-0060			Nagios Enterprises Nagios XI SQL Injection
High	31 Mar 2025	31 Mar 2025	CPAI-2024-1362		CVE-2024-57727	SimpleHelp Directory Traversal (CVE-2024-57727)
Medium	31 Mar 2025	31 Mar 2025	CPAI-2025-0026		CVE-2025-21308	Microsoft Windows Spoofing (CVE-2025-21308)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1536		CVE-2024-7646	NGINX Ingress Controller Code Injection (CVE-2024-7646)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2024-1526		CVE-2024-50379	Apache Tomcat Information Disclosure (CVE-2024-50379)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2024-1523		CVE-2024-54085	AMI SPx Authentication Bypass (CVE-2024-54085)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1522		CVE-2024-12992	Pandora FMS Command Injection (CVE-2024-12992)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0118		CVE-2025-29774	Node.js xml-crypto Privilege Escalation (CVE-2025-29774)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1521		CVE-2024-12971	Pandora FMS Command Injection (CVE-2024-12971)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0117		CVE-2025-29775	Node.js xml-crypto Privilege Escalation (CVE-2025-29775)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0116		CVE-2025-0868	DocsGPT Remote Code Execution (CVE-2025-0868)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0114		CVE-2025-0655	Man Group D-Tale Command Injection (CVE-2025-0655)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1520		CVE-2024-54887	TP-Link TL-WR940N Buffer Overflow (CVE-2024-54887)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0112		CVE-2025-0890	Zyxel VMG4325-B10A Authentication Bypass(CVE-2025-0890)
Medium	30 Mar 2025	30 Mar 2025	CPAI-2025-0111		CVE-2025-1035	Komtera Technologies KLog Server Directory Traversal (CVE-2025-1035)
High	30 Mar 2025	30 Mar 2025	CPAI-2025-0110		CVE-2025-1025	Cockpit HQ Cockpit Arbitrary File Upload (CVE-2025-1025)
Critical	26 Mar 2025	30 Mar 2025	CPAI-2025-0121		CVE-2025-1097 CVE-2025-1098 CVE-2025-1974 CVE-2025-24513 CVE-2025-24514	NGINX Ingress Controller Remote Code Execution (CVE-2025-1097; CVE-2025-1098; CVE-2025-1974; CVE-2025-24513; CVE-2025-24514)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2024-1514		CVE-2024-5315	Dolibarr ERP CRM SQL Injection (CVE-2024-5315)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1513		CVE-2024-46982	Vercel Next.js Remote Code Execution (CVE-2024-46982)
Critical	25 Mar 2025	30 Mar 2025	CPAI-2025-0109		CVE-2025-29927	Next.js Authentication Bypass (CVE-2025-29927)
High	30 Mar 2025	30 Mar 2025	CPAI-2023-2016		CVE-2023-1545	TeamPass SQL Injection (CVE-2023-1545)
Medium	30 Mar 2025	30 Mar 2025	CPAI-2020-4287		CVE-2020-11456	LimeSurvey Cross-Site Scripting (CVE-2020-11456)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2024-1500		CVE-2024-6396	Aim Path Traversal (CVE-2024-6396)
High	30 Mar 2025	30 Mar 2025	CPAI-2025-0069		CVE-2025-26794	Exim SQL Injection (CVE-2025-26794)
Critical	26 Feb 2025	30 Mar 2025	CPAI-2025-0057		CVE-2025-27364	MITRE Caldera Remote Code Execution (CVE-2025-27364)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1408		CVE-2024-53674	HPE Insight Remote Support XML External Entity Injection (CVE-2024-53674)
High	9 Mar 2025	30 Mar 2025	CPAI-2016-1424		CVE-2016-7256	Microsoft Windows Open Type Font Remote Code Execution (CVE-2016-7256)
Critical	17 Feb 2025	30 Mar 2025	CPAI-2025-0042		CVE-2025-25064	Zimbra Collaboration SQL Injection (CVE-2025-25064)
Medium	11 Feb 2025	30 Mar 2025	CPAI-2025-0032	Microsoft CVE-2025-21377	CVE-2025-21377	Microsoft Windows NTLM Information Disclosure (CVE-2025-21377)
High	30 Jan 2025	30 Mar 2025	CPAI-2024-1345		CVE-2024-41710	Mitel Multiple Products Command Injection (CVE-2024-41710)
High	6 Feb 2025	30 Mar 2025	CPAI-2024-1323		CVE-2024-45802	Squid Denial of Service (CVE-2024-45802)
High	23 Jan 2025	30 Mar 2025	CPAI-2024-1310		CVE-2024-52875	GFI Kerio Control CRLF Injection (CVE-2024-52875)
High	6 Jan 2025	30 Mar 2025	CPAI-2024-1218		CVE-2024-12987	DrayTek Vigor Command Injection (CVE-2024-12987)