Home / 2025 Advisories Archive

2025 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Medium	31 Mar 2025	31 Mar 2025	CPAI-2025-0026		CVE-2025-21308	Microsoft Windows Spoofing (CVE-2025-21308)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1536		CVE-2024-7646	NGINX Ingress Controller Code Injection (CVE-2024-7646)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2024-1526		CVE-2024-50379	Apache Tomcat Information Disclosure (CVE-2024-50379)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0114		CVE-2025-0655	Man Group D-Tale Command Injection (CVE-2025-0655)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1520		CVE-2024-54887	TP-Link TL-WR940N Buffer Overflow (CVE-2024-54887)
High	30 Mar 2025	30 Mar 2025	CPAI-2025-0069		CVE-2025-26794	Exim SQL Injection (CVE-2025-26794)
High	9 Mar 2025	30 Mar 2025	CPAI-2016-1424		CVE-2016-7256	Microsoft Windows Open Type Font Remote Code Execution (CVE-2016-7256)
Critical	17 Feb 2025	30 Mar 2025	CPAI-2025-0042		CVE-2025-25064	Zimbra Collaboration SQL Injection (CVE-2025-25064)
Medium	11 Feb 2025	30 Mar 2025	CPAI-2025-0032	Microsoft CVE-2025-21377	CVE-2025-21377	Microsoft Windows NTLM Information Disclosure (CVE-2025-21377)
High	6 Feb 2025	30 Mar 2025	CPAI-2024-1323		CVE-2024-45802	Squid Denial of Service (CVE-2024-45802)
Critical	9 Mar 2025	27 Mar 2025	CPAI-2025-0025			XSLT Injection
Medium	25 Mar 2025	25 Mar 2025	CPAI-2019-3262		CVE-2019-15276	Cisco Wireless LAN Controller Cross-Site Scripting (CVE-2019-15276)
High	24 Mar 2025	24 Mar 2025	CPAI-2024-1510		CVE-2024-20440	Cisco Smart Licensing Utility Information Disclosure (CVE-2024-20440)
High	24 Mar 2025	24 Mar 2025	CPAI-2024-1504		CVE-2024-53961	Adobe ColdFusion Directory Traversal (CVE-2024-53961)
Critical	24 Mar 2025	24 Mar 2025	CPAI-2010-0815		CVE-2009-0542 CVE-2010-2453	FTP Insecure Sanitization in User Name (CVE-2009-0542; CVE-2010-2453)
Critical	23 Mar 2025	23 Mar 2025	CPAI-2024-1506		CVE-2024-5765	WordPress WpStickyBar Plugin SQL Injection (CVE-2024-5765)
High	20 Mar 2025	20 Mar 2025	CPAI-2025-0100			Kentico Xperience Remote Code Execution
Critical	20 Mar 2025	20 Mar 2025	CPAI-2016-1442		CVE-2016-4532	Trihedral VTScada Directory Traversal (CVE-2016-4532)
High	13 Mar 2025	20 Mar 2025	CPAI-2025-0086		CVE-2025-27636 CVE-2025-29891	Apache Camel Remote Code Execution (CVE-2025-27636; CVE-2025-29891)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2024-1368		CVE-2024-52012	Apache Solr Directory Traversal (CVE-2024-52012)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2023-1958		CVE-2023-48783	Fortinet FortiPortal Directory Traversal (CVE-2023-48783)
High	20 Mar 2025	20 Mar 2025	CPAI-2024-1063		CVE-2024-38071	Microsoft Windows Server Denial of Service (CVE-2024-38071)
High	19 Mar 2025	19 Mar 2025	CPAI-2025-0099			Kentico Xperience Authentication Bypass
High	18 Mar 2025	18 Mar 2025	CPAI-2018-2900		CVE-2018-12900	LibTIFF Buffer Overflow (CVE-2018-12900)
High	18 Mar 2025	18 Mar 2025	CPAI-2016-1436		CVE-2016-2171	Apache Jetspeed Authentication Bypass (CVE-2016-2171)
Critical	17 Mar 2025	17 Mar 2025	CPAI-2024-1488		CVE-2024-54676	Apache OpenMeetings Insecure Deserialization (CVE-2024-54676)
Medium	16 Mar 2025	16 Mar 2025	CPAI-2025-0082		CVE-2025-0370	WordPress vanokhin Shortcodes Ultimate Plugin Cross-Site Scripting (CVE-2025-0370)
High	16 Mar 2025	16 Mar 2025	CPAI-2024-1484		CVE-2024-10400	WordPress Themeum Tutor LMS Plugin SQL Injection (CVE-2024-10400)
Critical	13 Jan 2025	16 Mar 2025	CPAI-2025-0002		CVE-2025-0282	Ivanti Buffer Overflow (CVE-2025-0282)
High	13 Mar 2025	13 Mar 2025	CPAI-2024-1468		CVE-2024-32840	Ivanti Endpoint Manager SQL Injection (CVE-2024-32840)
Critical	12 Mar 2025	12 Mar 2025	CPAI-2024-1461		CVE-2024-10470	WordPress LMS Theme Authentication Bypass (CVE-2024-10470)
High	12 Mar 2025	12 Mar 2025	CPAI-2025-0066			Easy File Sharing Buffer Overflow
Medium	12 Mar 2025	12 Mar 2025	CPAI-2018-2896		CVE-2018-11690	Joomla Balbooa Gridbox Cross-Site Scripting (CVE-2018-11690)
High	10 Mar 2025	10 Mar 2025	CPAI-2025-0062		CVE-2025-25897 CVE-2025-25898 CVE-2025-25899 CVE-2025-25900 CVE-2025-25901	TP-Link TL-WR841ND Buffer Overflow (CVE-2025-25897; CVE-2025-25898; CVE-2025-25899; CVE-2025-25900; CVE-2025-25901)
High	9 Mar 2025	9 Mar 2025	CPAI-2023-2012		CVE-2023-20128	Cisco RV320 Firmware Command Injection (CVE-2023-20128)
High	9 Mar 2025	9 Mar 2025	CPAI-2024-1381		CVE-2024-50324	Ivanti Endpoint Manager Directory Traversal (CVE-2024-50324)
Critical	26 Jan 2025	9 Mar 2025	CPAI-2024-1311		CVE-2024-0569 CVE-2024-31817	TOTOLINK Multiple Routers Information Disclosure (CVE-2024-0569; CVE-2024-31817)
Medium	6 Mar 2025	6 Mar 2025	CPAI-2018-2898		CVE-2018-12693	TP-Link TL-WA850RE Stack Overflow (CVE-2018-12693)
Medium	4 Mar 2025	4 Mar 2025	CPAI-2023-2013		CVE-2023-20118	Cisco RV016 FIRMWARE Privilege Escalation (CVE-2023-20118)
High	4 Mar 2025	4 Mar 2025	CPAI-2024-1439		CVE-2024-34950	D-Link DIR-822 Stack Overflow (CVE-2024-34950)
Critical	4 Mar 2025	4 Mar 2025	CPAI-2024-1348		CVE-2024-50498	WordPress LUBUS WP Query Console Plugin Code Injection (CVE-2024-50498)
High	3 Mar 2025	3 Mar 2025	CPAI-2024-1379		CVE-2024-49116	Microsoft Windows Server Remote Code Execution (CVE-2024-49116)
High	3 Mar 2025	3 Mar 2025	CPAI-2025-0063		CVE-2025-21277	Microsoft Windows Denial of Service (CVE-2025-21277)
High	3 Mar 2025	3 Mar 2025	CPAI-2025-0061			ESF pfSense Remote Code Execution
High	3 Mar 2025	3 Mar 2025	CPAI-2024-1447		CVE-2024-38814	VMware HCX SQL Injection (CVE-2024-38814)
High	3 Mar 2025	3 Mar 2025	CPAI-2011-0796		CVE-2011-0041	Microsoft Windows GDI Integer Overflow (CVE-2011-0041)
Medium	3 Mar 2025	3 Mar 2025	CPAI-2018-2897		CVE-2018-8239	Microsoft Windows Graphics Component Out Of Bounds Read (CVE-2018-8239)
High	27 Feb 2025	27 Feb 2025	CPAI-2024-1437		CVE-2024-13181	Ivanti Avalanche Directory Traversal (CVE-2024-13181)
High	27 Feb 2025	27 Feb 2025	CPAI-2025-0052		CVE-2025-21285	Microsoft Windows Denial of Service (CVE-2025-21285)
Critical	26 Feb 2025	26 Feb 2025	CPAI-2023-2009		CVE-2023-34192	Zimbra ZCS Cross-Site Scripting (CVE-2023-34192)