Home / 2025 Advisories Archive

2025 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	10 Nov 2025	10 Nov 2025	CPAI-2025-4111		CVE-2025-52906	TOTOLINK X6000R Command Injection (CVE-2025-52906)
High	10 Nov 2025	10 Nov 2025	CPAI-2025-4107		CVE-2025-28219	NETGEAR DC112A Command Injection (CVE-2025-28219)
High	9 Nov 2025	9 Nov 2025	CPAI-2025-4012		CVE-2025-9985	WordPress Featured Image from URL Plugin Information Disclosure (CVE-2025-9985)
Critical	9 Nov 2025	9 Nov 2025	CPAI-2025-3988		CVE-2023-40837 CVE-2023-40839 CVE-2024-10697 CVE-2025-57296	Tenda AC6 Command Injection (CVE-2023-40837; CVE-2023-40839; CVE-2024-10697; CVE-2025-57296)
High	9 Nov 2025	9 Nov 2025	CPAI-2025-3986		CVE-2025-54399 CVE-2025-54400 CVE-2025-54401 CVE-2025-54402	Planet WGR-500 Buffer Overflow (CVE-2025-54399; CVE-2025-54400; CVE-2025-54401; CVE-2025-54402)
Critical	9 Nov 2025	9 Nov 2025	CPAI-2008-0587		CVE-2008-4563	IBM Tivoli Storage Manager Buffer Overflow (CVE-2008-4563)
High	22 Oct 2025	9 Nov 2025	CPAI-2025-3997		CVE-2025-10169 CVE-2025-10170 CVE-2025-10171 CVE-2025-10172 CVE-2025-11305 CVE-2025-11651 CVE-2025-11652 CVE-2025-11653 CVE-2025-6098 CVE-2025-7116 CVE-2025-7117 CVE-2025-7118	UTT Multiple Products Buffer Overflow (CVE-2025-10169; CVE-2025-10170; CVE-2025-10171; CVE-2025-10172; CVE-2025-11305; CVE-2025-11651; CVE-2025-11652; CVE-2025-11653; CVE-2025-6098; CVE-2025-7116; CVE-2025-7117; CVE-2025-7118)
High	6 Nov 2025	6 Nov 2025	CPAI-2025-3956		CVE-2025-12428	Google Chrome V8 Type Confusion (CVE-2025-12428)
Critical	6 Nov 2025	6 Nov 2025	CPAI-2025-3945		CVE-2025-11953	React Native Community CLI Command Injection (CVE-2025-11953)
High	6 Nov 2025	6 Nov 2025	CPAI-2025-3895		CVE-2025-48826	Planet WGR-500 Memory Corruption (CVE-2025-48826)
High	6 Nov 2025	6 Nov 2025	CPAI-2025-3878		CVE-2025-5145 CVE-2025-5146 CVE-2025-5147	Netcore Multiple Products Command Injection (CVE-2025-5145; CVE-2025-5146; CVE-2025-5147)
Critical	6 Nov 2025	6 Nov 2025	CPAI-2025-3899		CVE-2025-9090	Tenda AC20 Authentication Bypass (CVE-2025-9090)
High	6 Nov 2025	6 Nov 2025	CPAI-2025-3876		CVE-2021-40284 CVE-2022-34528 CVE-2022-35192 CVE-2024-56914 CVE-2025-25891 CVE-2025-25892 CVE-2025-25896	D-Link DSL-3782 Buffer Overflow (CVE-2021-40284; CVE-2022-34528; CVE-2022-35192; CVE-2024-56914; CVE-2025-25891; CVE-2025-25892; CVE-2025-25896)
High	5 Nov 2025	5 Nov 2025	CPAI-2025-3803		CVE-2025-28143	Edimax AC1200 Command Injection (CVE-2025-28143)
High	5 Nov 2025	5 Nov 2025	CPAI-2010-0882		CVE-2010-1428	Red Hat JBoss Enterprise Application Platform Information Disclosure (CVE-2010-1428)
High	21 Oct 2025	5 Nov 2025	CPAI-2025-3765		CVE-2025-11371	Gladinet Multiple Products Local File Inclusion (CVE-2025-11371)
High	13 Jul 2025	5 Nov 2025	CPAI-2025-3768		CVE-2025-48703	CentOS Web Panel Command Injection (CVE-2025-48703)
Critical	29 May 2025	5 Nov 2025	CPAI-2025-3707		CVE-2025-45779	Tenda AC10 Buffer Overflow (CVE-2025-45779)
Critical	4 Nov 2025	4 Nov 2025	CPAI-2023-2541		CVE-2023-44018	Tenda AC10U Stack Overflow (CVE-2023-44018)
High	4 Nov 2025	4 Nov 2025	CPAI-2025-3681		CVE-2025-44084	D-Link DI-8100 Command Injection (CVE-2025-44084)
High	4 Nov 2025	4 Nov 2025	CPAI-2025-3678		CVE-2025-9245 CVE-2025-9246 CVE-2025-9247 CVE-2025-9248 CVE-2025-9249 CVE-2025-9250 CVE-2025-9251 CVE-2025-9252 CVE-2025-9253 CVE-2025-9355 CVE-2025-9356 CVE-2025-9357 CVE-2025-9358	Linksys Multiple Products Buffer Overflow (CVE-2025-9245; CVE-2025-9246; CVE-2025-9247; CVE-2025-9248; CVE-2025-9249; CVE-2025-9250; CVE-2025-9251; CVE-2025-9252; CVE-2025-9253; CVE-2025-9355; CVE-2025-9356; CVE-2025-9357; CVE-2025-9358)
Critical	15 Jun 2025	4 Nov 2025	CPAI-2025-3685		CVE-2025-5609 CVE-2025-5839 CVE-2025-5851 CVE-2025-5854 CVE-2025-5861	Tenda Multiple Routers Buffer Overflow (CVE-2025-5609; CVE-2025-5839; CVE-2025-5851; CVE-2025-5854; CVE-2025-5861)
High	3 Nov 2025	3 Nov 2025	CPAI-2010-0869		CVE-2010-1428	Red Hat JBoss Enterprise Application Platform Information Disclosure (CVE-2010-1428)
High	3 Nov 2025	3 Nov 2025	CPAI-2025-3657		CVE-2025-55591	TOTOLINK A3002R Command Injection (CVE-2025-55591)
High	3 Nov 2025	3 Nov 2025	CPAI-2025-3645		CVE-2025-29045 CVE-2025-29046 CVE-2025-29047 CVE-2025-45846 CVE-2025-45847	ALFA Multiple Products Buffer Overflow (CVE-2025-29045; CVE-2025-29046; CVE-2025-29047; CVE-2025-45846; CVE-2025-45847)
High	3 Nov 2025	3 Nov 2025	CPAI-2025-3661		CVE-2025-11338 CVE-2025-11339 CVE-2025-57637	D-Link DI-7100G Buffer Overflow (CVE-2025-11338; CVE-2025-11339; CVE-2025-57637)
High	4 May 2025	3 Nov 2025	CPAI-2025-3652		CVE-2025-1608 CVE-2025-1609 CVE-2025-1610	LB-LINK AC1900 Command Injection (CVE-2025-1608; CVE-2025-1609; CVE-2025-1610)
Medium	29 Jan 2025	3 Nov 2025	CPAI-2024-2313		CVE-2024-9234	WordPress GutenKit Plugin Arbitrary File Upload (CVE-2024-9234)
High	2 Nov 2025	2 Nov 2025	CPAI-2025-3603		CVE-2025-10611 CVE-2025-9152	WSO2 Multiple Products Authentication Bypass (CVE-2025-10611; CVE-2025-9152)
High	2 Nov 2025	2 Nov 2025	CPAI-2024-2311		CVE-2024-49357	ZimaSpace ZimaOS Information Disclosure (CVE-2024-49357)
High	2 Nov 2025	2 Nov 2025	CPAI-2023-2528		CVE-2023-3852	OpenRapid RapidCMS Arbitrary File Upload (CVE-2023-3852)
High	2 Nov 2025	2 Nov 2025	CPAI-2025-3613		CVE-2025-62168	Squid Information Disclosure (CVE-2025-62168)
Critical	2 Nov 2025	2 Nov 2025	CPAI-2023-2530		CVE-2023-40151 CVE-2023-42770	Red Lion Controls Multiple Products Authentication Bypass (CVE-2023-40151; CVE-2023-42770)
High	22 Jun 2025	2 Nov 2025	CPAI-2025-3606		CVE-2025-33073	Microsoft Windows Privilege Escalation (CVE-2025-33073)
High	24 Feb 2025	2 Nov 2025	CPAI-2025-3609		CVE-2025-24893	XWiki Remote Code Execution (CVE-2025-24893)
High	29 Oct 2025	29 Oct 2025	CPAI-2025-3530		CVE-2025-6204	DELMIA Apriso Remote Code Execution (CVE-2025-6204)
High	29 Oct 2025	29 Oct 2025	CPAI-2025-3535		CVE-2025-6205	DELMIA Apriso Authentication Bypass (CVE-2025-6205)
High	29 Oct 2025	29 Oct 2025	CPAI-2025-3524		CVE-2025-8868	Progress Chef Automate SQL Injection (CVE-2025-8868)
High	29 Oct 2025	29 Oct 2025	CPAI-2025-3502		CVE-2025-20282	Cisco Identity Services Engine Arbitrary File Upload (CVE-2025-20282)
High	28 Oct 2025	28 Oct 2025	CPAI-2025-3431		CVE-2025-1338	NUUO Camera Command Injection (CVE-2025-1338)
Critical	30 Jul 2025	28 Oct 2025	CPAI-2025-3429		CVE-2025-5443 CVE-2025-5444 CVE-2025-5445 CVE-2025-5446 CVE-2025-8818 CVE-2025-8821 CVE-2025-8823 CVE-2025-8825 CVE-2025-8827 CVE-2025-8828 CVE-2025-8829 CVE-2025-8830 CVE-2025-9575	Linksys Multiple Products Command Injection (CVE-2025-5443; CVE-2025-5444; CVE-2025-5445; CVE-2025-5446; CVE-2025-8818; CVE-2025-8821; CVE-2025-8823; CVE-2025-8825; CVE-2025-8827; CVE-2025-8828; CVE-2025-8829; CVE-2025-8830; CVE-2025-9575)
High	27 Oct 2025	27 Oct 2025	CPAI-2025-3397		CVE-2025-40599	SonicWall SMA100 Series Arbitrary File Upload (CVE-2025-40599)
High	27 Oct 2025	27 Oct 2025	CPAI-2021-2484		CVE-2021-44080	SerComm H500s Command Injection (CVE-2021-44080)
High	27 Oct 2025	27 Oct 2025	CPAI-2023-2498		CVE-2023-5151	D-Link DAR-8000 SQL Injection (CVE-2023-5151)
Critical	16 Oct 2025	27 Oct 2025	CPAI-2025-3371	Microsoft CVE-2025-59287	CVE-2025-59287	Microsoft Windows Server Update Service Remote Code Execution (CVE-2025-59287)
Critical	16 Oct 2025	26 Oct 2025	CPAI-2025-3271	Microsoft CVE-2025-59287	CVE-2025-59287	Microsoft Windows Server Update Service Remote Code Execution (CVE-2025-59287)
High	22 Oct 2025	26 Oct 2025	CPAI-2025-3250		CVE-2025-10169 CVE-2025-10170 CVE-2025-10171 CVE-2025-10172 CVE-2025-11305 CVE-2025-6098 CVE-2025-7116 CVE-2025-7117 CVE-2025-7118	UTT Multiple Products Buffer Overflow (CVE-2025-10169; CVE-2025-10170; CVE-2025-10171; CVE-2025-10172; CVE-2025-11305; CVE-2025-6098; CVE-2025-7116; CVE-2025-7117; CVE-2025-7118)
Critical	23 Oct 2025	26 Oct 2025	CPAI-2025-3265		CVE-2025-54236	Adobe Multiple Products Remote Code Execution (CVE-2025-54236)
High	26 Oct 2025	26 Oct 2025	CPAI-2025-3236		CVE-2025-9133	Zyxel Multiple Products Command Injection (CVE-2025-9133)
High	26 Oct 2025	26 Oct 2025	CPAI-2024-2268		CVE-2024-58274	Hikvision iSecure Center Command Injection (CVE-2024-58274)