Home / 2025 Advisories Archive

2025 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
High	13 Mar 2025	20 Mar 2025	CPAI-2025-0086		CVE-2025-27636 CVE-2025-29891	Apache Camel Remote Code Execution (CVE-2025-27636; CVE-2025-29891)
Critical	27 Feb 2025	20 Mar 2025	CPAI-2024-1448		CVE-2024-48248	NAKIVO Arbitrary File Read (CVE-2024-48248)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2023-1958		CVE-2023-48783	Fortinet FortiPortal Directory Traversal (CVE-2023-48783)
High	20 Mar 2025	20 Mar 2025	CPAI-2024-1063		CVE-2024-38071	Microsoft Windows Server Denial of Service (CVE-2024-38071)
High	20 Mar 2025	20 Mar 2025	CPAI-2025-0098		CVE-2025-0411	7-Zip Remote Code Execution (CVE-2025-0411)
Critical	20 Mar 2025	20 Mar 2025	CPAI-2016-1442		CVE-2016-4532	Trihedral VTScada Directory Traversal (CVE-2016-4532)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2024-1495		CVE-2024-39931	Gogs Internal File Deletion (CVE-2024-39931)
Critical	16 Mar 2025	20 Mar 2025	CPAI-2025-0090		CVE-2025-1316	Edimax Multiple Products Command Injection (CVE-2025-1316)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2024-1368		CVE-2024-52012	Apache Solr Directory Traversal (CVE-2024-52012)
High	9 Mar 2025	20 Mar 2025	CPAI-2016-1424		CVE-2016-7256	Microsoft Windows Open Type Font Remote Code Execution (CVE-2016-7256)
High	20 Mar 2025	20 Mar 2025	CPAI-2025-0100			Kentico Xperience Remote Code Execution
High	19 Mar 2025	19 Mar 2025	CPAI-2025-0099			Kentico Xperience Authentication Bypass
Critical	18 Mar 2025	18 Mar 2025	CPAI-2025-0073		CVE-2025-1044	Logsign Unified SecOps Platform Authentication Bypass (CVE-2025-1044)
High	18 Mar 2025	18 Mar 2025	CPAI-2018-2900		CVE-2018-12900	LibTIFF Buffer Overflow (CVE-2018-12900)
High	18 Mar 2025	18 Mar 2025	CPAI-2016-1436		CVE-2016-2171	Apache Jetspeed Authentication Bypass (CVE-2016-2171)
High	17 Mar 2025	17 Mar 2025	CPAI-2025-0095		CVE-2025-24801	GLPI Command Injection (CVE-2025-24801)
Critical	17 Mar 2025	17 Mar 2025	CPAI-2024-1488		CVE-2024-54676	Apache OpenMeetings Insecure Deserialization (CVE-2024-54676)
Critical	17 Mar 2025	17 Mar 2025	CPAI-2024-1459		CVE-2024-22660 CVE-2024-22662	TOTOLINK A3700R Stack Overflow (CVE-2024-22660; CVE-2024-22662)
High	16 Mar 2025	16 Mar 2025	CPAI-2025-0094		CVE-2025-24799	GLPI SQL Injection (CVE-2025-24799)
Critical	13 Mar 2025	16 Mar 2025	CPAI-2025-0084		CVE-2025-24813	Apache Tomcat Remote Code Execution (CVE-2025-24813)
Medium	16 Mar 2025	16 Mar 2025	CPAI-2025-0082		CVE-2025-0370	WordPress vanokhin Shortcodes Ultimate Plugin Cross-Site Scripting (CVE-2025-0370)
High	16 Mar 2025	16 Mar 2025	CPAI-2024-1484		CVE-2024-10400	WordPress Themeum Tutor LMS Plugin SQL Injection (CVE-2024-10400)
Medium	16 Mar 2025	16 Mar 2025	CPAI-2024-1482		CVE-2024-55573	Centreon Project Centreon Web SQL Injection (CVE-2024-55573)
Medium	16 Mar 2025	16 Mar 2025	CPAI-2024-1477		CVE-2024-7074	WSO2 API Manager Directory Traversal (CVE-2024-7074)
High	16 Mar 2025	16 Mar 2025	CPAI-2024-1336		CVE-2024-49754	LibreNMS Cross-Site Scripting (CVE-2024-49754)
Critical	13 Jan 2025	16 Mar 2025	CPAI-2025-0002		CVE-2025-0282	Ivanti Buffer Overflow (CVE-2025-0282)
Critical	13 Mar 2025	13 Mar 2025	CPAI-2025-0074		CVE-2025-26319	FlowiseAI Directory Traversal (CVE-2025-26319)
High	13 Mar 2025	13 Mar 2025	CPAI-2024-1470		CVE-2024-32640	Mura/Masa CMS SQL Injection (CVE-2024-32640)
High	13 Mar 2025	13 Mar 2025	CPAI-2024-1468		CVE-2024-32840	Ivanti Endpoint Manager SQL Injection (CVE-2024-32840)
Critical	12 Mar 2025	12 Mar 2025	CPAI-2025-0077			Argument Injection Over HTTP
Critical	12 Mar 2025	12 Mar 2025	CPAI-2024-1461		CVE-2024-10470	WordPress LMS Theme Authentication Bypass (CVE-2024-10470)
High	12 Mar 2025	12 Mar 2025	CPAI-2025-0066			Easy File Sharing Buffer Overflow
Critical	20 Feb 2025	12 Mar 2025	CPAI-2024-1410		CVE-2024-10811 CVE-2024-13159 CVE-2024-13160 CVE-2024-13161	Ivanti Endpoint Manager Path Traversal (CVE-2024-10811; CVE-2024-13159; CVE-2024-13160; CVE-2024-13161)
Medium	12 Mar 2025	12 Mar 2025	CPAI-2018-2896		CVE-2018-11690	Joomla Balbooa Gridbox Cross-Site Scripting (CVE-2018-11690)
Medium	13 Feb 2025	12 Mar 2025	CPAI-2025-0033		CVE-2025-25181	Advantive VeraCore SQL Injection (CVE-2025-25181)
Critical	13 Feb 2025	12 Mar 2025	CPAI-2024-1382		CVE-2024-57968	Advantive VeraCore Arbitrary File Upload (CVE-2024-57968)
High	14 Jan 2025	11 Mar 2025	CPAI-2025-0003	Microsoft CVE-2025-21309	CVE-2025-21309 CVE-2025-24035 CVE-2025-24045	Microsoft Windows Remote Desktop Services Remote Code Execution (CVE-2025-21309; CVE-2025-24035; CVE-2025-24045)
High	10 Mar 2025	10 Mar 2025	CPAI-2025-0062		CVE-2025-25897 CVE-2025-25898 CVE-2025-25899 CVE-2025-25900 CVE-2025-25901	TP-Link TL-WR841ND Buffer Overflow (CVE-2025-25897; CVE-2025-25898; CVE-2025-25899; CVE-2025-25900; CVE-2025-25901)
High	9 Mar 2025	9 Mar 2025	CPAI-2023-2012		CVE-2023-20128	Cisco RV320 Firmware Command Injection (CVE-2023-20128)
High	13 Feb 2025	9 Mar 2025	CPAI-2025-0038		CVE-2025-0108	Palo Alto Networks PAN-OS Authentication Bypass (CVE-2025-0108)
High	9 Mar 2025	9 Mar 2025	CPAI-2024-1381		CVE-2024-50324	Ivanti Endpoint Manager Directory Traversal (CVE-2024-50324)
Critical	9 Mar 2025	9 Mar 2025	CPAI-2025-0025			XSLT Injection
Critical	26 Jan 2025	9 Mar 2025	CPAI-2024-1311		CVE-2024-0569 CVE-2024-31817	TOTOLINK Multiple Routers Information Disclosure (CVE-2024-0569; CVE-2024-31817)
Medium	6 Mar 2025	6 Mar 2025	CPAI-2018-2898		CVE-2018-12693	TP-Link TL-WA850RE Stack Overflow (CVE-2018-12693)
High	6 Mar 2025	6 Mar 2025	CPAI-2024-1441		CVE-2024-46506	NetAlertx Remote Code Execution (CVE-2024-46506)
Medium	4 Mar 2025	4 Mar 2025	CPAI-2023-2013		CVE-2023-20118	Cisco RV016 FIRMWARE Privilege Escalation (CVE-2023-20118)
High	4 Mar 2025	4 Mar 2025	CPAI-2024-1439		CVE-2024-34950	D-Link DIR-822 Stack Overflow (CVE-2024-34950)
Critical	4 Mar 2025	4 Mar 2025	CPAI-2024-1348		CVE-2024-50498	WordPress LUBUS WP Query Console Plugin Code Injection (CVE-2024-50498)
High	3 Mar 2025	3 Mar 2025	CPAI-2024-1379		CVE-2024-49116	Microsoft Windows Server Remote Code Execution (CVE-2024-49116)
High	3 Mar 2025	3 Mar 2025	CPAI-2025-0063		CVE-2025-21277	Microsoft Windows Denial of Service (CVE-2025-21277)