Home / 2025 Advisories Archive

2025 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
High	12 Jan 2025	12 Jan 2025	CPAI-2023-1984	CVE-2023-5003	Active Directory / LDAP Integration WordPress Plugin Information Disclosure (CVE-2023-5003)
High	12 Jan 2025	12 Jan 2025	CPAI-2023-1981	CVE-2023-20888	VMware VRealize Network Insight Insecure Deserialization (CVE-2023-20888)
Medium	12 Jan 2025	12 Jan 2025	CPAI-2024-1228	CVE-2024-2340	Avada Information Disclosure (CVE-2024-2340)
Medium	1 Jan 2025	12 Jan 2025	CPAI-2024-1188	CVE-2024-5458	PHP Authentication Bypass (CVE-2024-5458)
Medium	12 Jan 2025	12 Jan 2025	CPAI-2024-1170	CVE-2024-54003	Jenkins Simple Queue Plugin Cross-Site Scripting (CVE-2024-54003)
High	12 Jan 2025	12 Jan 2025	CPAI-2024-1245	CVE-2024-12105	Progress WhatsUp Gold Path Traversal (CVE-2024-12105)
High	12 Jan 2025	12 Jan 2025	CPAI-2024-1237	CVE-2024-32848	Ivanti Endpoint Manager SQL Injection (CVE-2024-32848)
High	12 Jan 2025	12 Jan 2025	CPAI-2024-1229	CVE-2024-34779	Ivanti Endpoint Manager SQL Injection (CVE-2024-34779)
Medium	12 Jan 2025	12 Jan 2025	CPAI-2024-1221	CVE-2024-47855	Jenkins Denial of Service (CVE-2024-47855)
Medium	12 Jan 2025	12 Jan 2025	CPAI-2022-2161	CVE-2022-2856	Google Chrome Open Redirect (CVE-2022-2856)
Critical	9 Jan 2025	9 Jan 2025	CPAI-2023-1982	CVE-2023-34563	NETGEAR R6250 Buffer Overflow (CVE-2023-34563)
High	7 Jan 2025	7 Jan 2025	CPAI-2024-1225	CVE-2024-9122	Google Chrome V8 Type Confusion (CVE-2024-9122)
High	7 Jan 2025	7 Jan 2025	CPAI-2017-1948	CVE-2017-16651	RoundCube Webmail Local File Inclusion (CVE-2017-16651)
Critical	7 Jan 2025	7 Jan 2025	CPAI-2024-1200	CVE-2024-40725	HTTP Requests Smuggling (CVE-2024-40725)
High	7 Jan 2025	7 Jan 2025	CPAI-2024-1182		Microsoft SQL Server Management Studio Brute Force Login Attempt
High	6 Jan 2025	6 Jan 2025	CPAI-2024-0848	CVE-2024-8124	GitLab Denial-of-Service (CVE-2024-8124)
Critical	6 Jan 2025	6 Jan 2025	CPAI-2018-2875	CVE-2018-17532	Teltonika RUT9XX Command Injection (CVE-2018-17532)
High	5 Jan 2025	5 Jan 2025	CPAI-2018-2871	CVE-2018-7777	Schneider Electric U.motion Builder Command Injection (CVE-2018-7777)
Medium	5 Jan 2025	5 Jan 2025	CPAI-2024-1214	CVE-2024-50320	Ivanti Avalanche Denial of Service (CVE-2024-50320)
High	5 Jan 2025	5 Jan 2025	CPAI-2023-1455	CVE-2023-46262	Ivanti Avalanche Server-Side Request Forgery (CVE-2023-46262)
High	5 Jan 2025	5 Jan 2025	CPAI-2021-1767	CVE-2021-35519	SmarterTools SmarterMail Cross-Site Scripting (CVE-2021-35519)
High	5 Jan 2025	5 Jan 2025	CPAI-2021-1762	CVE-2021-22718	Schneider Electric C-Bus Toolkit Directory Traversal (CVE-2021-22718)
High	2 Jan 2025	2 Jan 2025	CPAI-2014-2630	CVE-2014-6324	Microsoft Windows Kerberos Key Distribution Center Privilege Escalation (CVE-2014-6324)
High	1 Jan 2025	1 Jan 2025	CPAI-2023-1977	CVE-2023-41266	Qlik Sense Directory Traversal (CVE-2023-41266)
Medium	1 Jan 2025	1 Jan 2025	CPAI-2023-1970	CVE-2023-24488	Citrix Gateway Cross-Site Scripting (CVE-2023-24488)
Critical	1 Jan 2025	1 Jan 2025	CPAI-2020-4264	CVE-2020-27130	Cisco Security Manager Directory Traversal (CVE-2020-27130)
Critical	1 Jan 2025	1 Jan 2025	CPAI-2020-4254	CVE-2020-8656	EyesOfNetwork SQL Injection (CVE-2020-8656)
High	1 Jan 2025	1 Jan 2025	CPAI-2024-1207	CVE-2024-44625	Gogs Directory Traversal (CVE-2024-44625)
Critical	1 Jan 2025	1 Jan 2025	CPAI-2020-4229	CVE-2020-9465	EyesOfNetwork SQL Injection (CVE-2020-9465)
High	1 Jan 2025	1 Jan 2025	CPAI-2021-2236	CVE-2021-34991	NETGEAR EX3700 Firmware Remote Code Execution (CVE-2021-34991)
High	1 Jan 2025	1 Jan 2025	CPAI-2020-4222	CVE-2020-8958	GPONONU 1GE Router WiFi ONU V2801RW Firmware Command Injection (CVE-2020-8958)
High	1 Jan 2025	1 Jan 2025	CPAI-2024-1196	CVE-2024-34783	Ivanti Endpoint Manager SQL Injection (CVE-2024-34783)
Critical	1 Jan 2025	1 Jan 2025	CPAI-2024-1192	CVE-2024-29671	NEXTU FLATA AX1500 Buffer Overflow (CVE-2024-29671)
High	1 Jan 2025	1 Jan 2025	CPAI-2023-1950	CVE-2023-1162	DrayTek Vigor 2960 Firmware Command Injection (CVE-2023-1162)
High	1 Jan 2025	1 Jan 2025	CPAI-2023-1949	CVE-2023-24229	Draytek Vigor2960 Firmware Command Injection (CVE-2023-24229)
Medium	1 Jan 2025	1 Jan 2025	CPAI-2024-1161	CVE-2024-0507	GitHub Enterprise Server Privilege Escalation (CVE-2024-0507)
High	1 Jan 2025	1 Jan 2025	CPAI-2024-1134	CVE-2024-8672	WordPress Widget Options Plugin Command Injection (CVE-2024-8672)
High	1 Jan 2025	1 Jan 2025	CPAI-2024-1096	CVE-2024-43362	Cacti Cross-Site Scripting (CVE-2024-43362)
High	1 Jan 2025	1 Jan 2025	CPAI-2024-1088	CVE-2024-41163	Veertu Anka Build Cloud Directory Traversal (CVE-2024-41163)
Critical	1 Jan 2025	1 Jan 2025	CPAI-2022-2144	CVE-2022-45699	APsystems ECU-R Firmware Command Injection (CVE-2022-45699)
High	1 Jan 2025	1 Jan 2025	CPAI-2024-0735	CVE-2024-5008	Progress WhatsUp Gold Information Disclosure (CVE-2024-5008)
Medium	1 Jan 2025	1 Jan 2025	CPAI-2024-0638	CVE-2024-6497	WordPress Project SEO Plugin SQL Injection (CVE-2024-6497)
High	1 Jan 2025	1 Jan 2025	CPAI-2024-0629	CVE-2024-5011	Progress WhatsUp Gold Denial of Service (CVE-2024-5011)
Medium	1 Jan 2025	1 Jan 2025	CPAI-2024-0195	CVE-2024-27921	Grav CMS Directory Traversal (CVE-2024-27921)
Critical	1 Jan 2025	1 Jan 2025	CPAI-2023-1573	CVE-2023-6933	WordPress WPEngine Better Search Replace Plugin Insecure Deserialization (CVE-2023-6933)
High	1 Jan 2025	1 Jan 2025	CPAI-2022-2021	CVE-2022-27643	NETGEAR R6400 Firmware Remote Code Execution (CVE-2022-27643)
Medium	1 Jan 2025	1 Jan 2025	CPAI-2022-1733	CVE-2022-46870	Apache Zeppelin Cross-Site Scripting (CVE-2022-46870)
Critical	1 Jan 2025	1 Jan 2025	CPAI-2023-0581	CVE-2023-36808	GLPI-Project GLPI SQL Injection (CVE-2023-36808)
Medium	1 Jan 2025	1 Jan 2025	CPAI-2023-0488	CVE-2023-34220	JetBrains TeamCity Cross-Site Scripting (CVE-2023-34220)
Medium	1 Jan 2025	1 Jan 2025	CPAI-2022-1609	CVE-2022-46768	Zabbix Multiple Products Arbitrary File Read (CVE-2022-46768)