Home / 2025 Advisories Archive

2025 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Critical	9 Mar 2025	27 Mar 2025	CPAI-2025-0025		XSLT Injection
Medium	27 Mar 2025	27 Mar 2025	CPAI-2025-0104	CVE-2025-23200	Librenms Cross-Site Scripting (CVE-2025-23200)
Critical	27 Mar 2025	27 Mar 2025	CPAI-2025-0107	CVE-2025-21298	Microsoft Windows Remote Code Execution (CVE-2025-21298)
Critical	27 Mar 2025	27 Mar 2025	CPAI-2024-1518	CVE-2024-45622	ASIS SQL Injection (CVE-2024-45622)
High	27 Mar 2025	27 Mar 2025	CPAI-2019-3263	CVE-2019-15043	Grafana Denial of Service (CVE-2019-15043)
Critical	26 Mar 2025	26 Mar 2025	CPAI-2025-0121	CVE-2025-1097 CVE-2025-1098 CVE-2025-1974 CVE-2025-24513 CVE-2025-24514	NGINX Ingress Controller Remote Code Execution (CVE-2025-1097; CVE-2025-1098; CVE-2025-1974; CVE-2025-24513; CVE-2025-24514)
Critical	26 Mar 2025	26 Mar 2025	CPAI-2024-1509	CVE-2024-7463	TOTOLINK CP900 Buffer Overflow (CVE-2024-7463)
Critical	25 Mar 2025	25 Mar 2025	CPAI-2025-0109	CVE-2025-29927	Next.js Authentication Bypass (CVE-2025-29927)
Medium	25 Mar 2025	25 Mar 2025	CPAI-2019-3262	CVE-2019-15276	Cisco Wireless LAN Controller Cross-Site Scripting (CVE-2019-15276)
Critical	25 Mar 2025	25 Mar 2025	CPAI-2021-2302	CVE-2019-10955 CVE-2021-23385 CVE-2021-23393 CVE-2021-32618	Open Redirect Attempt (CVE-2019-10955; CVE-2021-23385; CVE-2021-23393; CVE-2021-32618)
High	24 Mar 2025	24 Mar 2025	CPAI-2024-1510	CVE-2024-20440	Cisco Smart Licensing Utility Information Disclosure (CVE-2024-20440)
High	24 Mar 2025	24 Mar 2025	CPAI-2024-1504	CVE-2024-53961	Adobe ColdFusion Directory Traversal (CVE-2024-53961)
Critical	24 Mar 2025	24 Mar 2025	CPAI-2010-0815	CVE-2009-0542 CVE-2010-2453	FTP Insecure Sanitization in User Name (CVE-2009-0542; CVE-2010-2453)
Critical	23 Mar 2025	23 Mar 2025	CPAI-2024-1506	CVE-2024-5765	WordPress WpStickyBar Plugin SQL Injection (CVE-2024-5765)
Critical	23 Mar 2025	23 Mar 2025	CPAI-2025-0083	CVE-2025-24016	Wazuh Remote Code Execution (CVE-2025-24016)
High	23 Mar 2025	23 Mar 2025	CPAI-2025-0076	CVE-2025-2097	TOTOLINK EX1800T Stack Overflow (CVE-2025-2097)
High	23 Mar 2025	23 Mar 2025	CPAI-2024-1364	CVE-2024-53675	HPE Insight Remote Support XML External Entity Injection (CVE-2024-53675)
High	20 Mar 2025	20 Mar 2025	CPAI-2025-0100		Kentico Xperience Remote Code Execution
High	20 Mar 2025	20 Mar 2025	CPAI-2025-0098	CVE-2025-0411	7-Zip Remote Code Execution (CVE-2025-0411)
Critical	20 Mar 2025	20 Mar 2025	CPAI-2016-1442	CVE-2016-4532	Trihedral VTScada Directory Traversal (CVE-2016-4532)
Critical	16 Mar 2025	20 Mar 2025	CPAI-2025-0090	CVE-2025-1316	Edimax Multiple Products Command Injection (CVE-2025-1316)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2024-1495	CVE-2024-39931	Gogs Internal File Deletion (CVE-2024-39931)
High	13 Mar 2025	20 Mar 2025	CPAI-2025-0086	CVE-2025-27636 CVE-2025-29891	Apache Camel Remote Code Execution (CVE-2025-27636; CVE-2025-29891)
Critical	27 Feb 2025	20 Mar 2025	CPAI-2024-1448	CVE-2024-48248	NAKIVO Arbitrary File Read (CVE-2024-48248)
High	9 Mar 2025	20 Mar 2025	CPAI-2016-1424	CVE-2016-7256	Microsoft Windows Open Type Font Remote Code Execution (CVE-2016-7256)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2024-1368	CVE-2024-52012	Apache Solr Directory Traversal (CVE-2024-52012)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2023-1958	CVE-2023-48783	Fortinet FortiPortal Directory Traversal (CVE-2023-48783)
High	20 Mar 2025	20 Mar 2025	CPAI-2024-1063	CVE-2024-38071	Microsoft Windows Server Denial of Service (CVE-2024-38071)
High	19 Mar 2025	19 Mar 2025	CPAI-2025-0099		Kentico Xperience Authentication Bypass
Critical	18 Mar 2025	18 Mar 2025	CPAI-2025-0073	CVE-2025-1044	Logsign Unified SecOps Platform Authentication Bypass (CVE-2025-1044)
High	18 Mar 2025	18 Mar 2025	CPAI-2018-2900	CVE-2018-12900	LibTIFF Buffer Overflow (CVE-2018-12900)
High	18 Mar 2025	18 Mar 2025	CPAI-2016-1436	CVE-2016-2171	Apache Jetspeed Authentication Bypass (CVE-2016-2171)
High	17 Mar 2025	17 Mar 2025	CPAI-2025-0095	CVE-2025-24801	GLPI Command Injection (CVE-2025-24801)
Critical	17 Mar 2025	17 Mar 2025	CPAI-2024-1488	CVE-2024-54676	Apache OpenMeetings Insecure Deserialization (CVE-2024-54676)
Critical	17 Mar 2025	17 Mar 2025	CPAI-2024-1459	CVE-2024-22660 CVE-2024-22662	TOTOLINK A3700R Stack Overflow (CVE-2024-22660; CVE-2024-22662)
High	16 Mar 2025	16 Mar 2025	CPAI-2025-0094	CVE-2025-24799	GLPI SQL Injection (CVE-2025-24799)
Critical	13 Mar 2025	16 Mar 2025	CPAI-2025-0084	CVE-2025-24813	Apache Tomcat Remote Code Execution (CVE-2025-24813)
Medium	16 Mar 2025	16 Mar 2025	CPAI-2025-0082	CVE-2025-0370	WordPress vanokhin Shortcodes Ultimate Plugin Cross-Site Scripting (CVE-2025-0370)
High	16 Mar 2025	16 Mar 2025	CPAI-2024-1484	CVE-2024-10400	WordPress Themeum Tutor LMS Plugin SQL Injection (CVE-2024-10400)
Medium	16 Mar 2025	16 Mar 2025	CPAI-2024-1482	CVE-2024-55573	Centreon Project Centreon Web SQL Injection (CVE-2024-55573)
Medium	16 Mar 2025	16 Mar 2025	CPAI-2024-1477	CVE-2024-7074	WSO2 API Manager Directory Traversal (CVE-2024-7074)
High	16 Mar 2025	16 Mar 2025	CPAI-2024-1336	CVE-2024-49754	LibreNMS Cross-Site Scripting (CVE-2024-49754)
Critical	13 Jan 2025	16 Mar 2025	CPAI-2025-0002	CVE-2025-0282	Ivanti Buffer Overflow (CVE-2025-0282)
Critical	13 Mar 2025	13 Mar 2025	CPAI-2025-0074	CVE-2025-26319	FlowiseAI Directory Traversal (CVE-2025-26319)
High	13 Mar 2025	13 Mar 2025	CPAI-2024-1470	CVE-2024-32640	Mura/Masa CMS SQL Injection (CVE-2024-32640)
High	13 Mar 2025	13 Mar 2025	CPAI-2024-1468	CVE-2024-32840	Ivanti Endpoint Manager SQL Injection (CVE-2024-32840)
Critical	12 Mar 2025	12 Mar 2025	CPAI-2025-0077		Argument Injection Over HTTP
Critical	12 Mar 2025	12 Mar 2025	CPAI-2024-1461	CVE-2024-10470	WordPress LMS Theme Authentication Bypass (CVE-2024-10470)
High	12 Mar 2025	12 Mar 2025	CPAI-2025-0066		Easy File Sharing Buffer Overflow
Critical	20 Feb 2025	12 Mar 2025	CPAI-2024-1410	CVE-2024-10811 CVE-2024-13159 CVE-2024-13160 CVE-2024-13161	Ivanti Endpoint Manager Path Traversal (CVE-2024-10811; CVE-2024-13159; CVE-2024-13160; CVE-2024-13161)