Home / 2025 Advisories Archive

2025 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	26 Mar 2025	6 Apr 2025	CPAI-2025-0121		CVE-2025-1097 CVE-2025-1098 CVE-2025-1974 CVE-2025-24513 CVE-2025-24514	NGINX Ingress Controller Remote Code Execution (CVE-2025-1097; CVE-2025-1098; CVE-2025-1974; CVE-2025-24513; CVE-2025-24514)
Critical	6 Apr 2025	6 Apr 2025	CPAI-2024-1511		CVE-2024-4295	WordPress Icegram Email Subscribers and Newsletters Plugin SQL Injection (CVE-2024-4295)
Critical	6 Apr 2025	6 Apr 2025	CPAI-2025-0097			HTTP Webshells Activity
Critical	13 Mar 2025	6 Apr 2025	CPAI-2025-0084		CVE-2025-24813	Apache Tomcat Remote Code Execution (CVE-2025-24813)
Critical	6 Apr 2025	6 Apr 2025	CPAI-2024-1066		CVE-2024-49368	Nginx UI Command Injection (CVE-2024-49368)
Medium	3 Apr 2025	3 Apr 2025	CPAI-2020-4295		CVE-2020-5806	Rockwell Automation FactoryTalk Linx Denial of Service (CVE-2020-5806)
High	3 Apr 2025	3 Apr 2025	CPAI-2020-4294		CVE-2020-5802	Rockwell Automation FactoryTalk Linx Denial of Service (CVE-2020-5802)
High	3 Apr 2025	3 Apr 2025	CPAI-2020-4293		CVE-2020-5801	Rockwell Automation FactoryTalk Linx Denial of Service (CVE-2020-5801)
Medium	3 Apr 2025	3 Apr 2025	CPAI-2022-2198		CVE-2022-32215	Llhttp HTTP Request Smuggling (CVE-2022-32215)
Critical	3 Apr 2025	3 Apr 2025	CPAI-2024-1542		CVE-2024-36435	Supermicro BMC Stack-Based Buffer Overflow (CVE-2024-36435)
High	3 Apr 2025	3 Apr 2025	CPAI-2020-3850		CVE-2020-13935	Apache Tomcat Denial of Service (CVE-2020-13935)
Critical	2 Apr 2025	2 Apr 2025	CPAI-2023-2019		CVE-2023-25610	Fortinet Multiple Products Remote Code Execution (CVE-2023-25610)
Critical	27 Mar 2025	2 Apr 2025	CPAI-2025-0107		CVE-2025-21298	Microsoft Windows Remote Code Execution (CVE-2025-21298)
Medium	31 Mar 2025	31 Mar 2025	CPAI-2024-1544		CVE-2024-28156	Jenkins Build Monitor View Plugin Cross-Site Scripting (CVE-2024-28156)
High	31 Mar 2025	31 Mar 2025	CPAI-2025-0131		CVE-2025-29635	D-Link DIR-823X Command Injection (CVE-2025-29635)
High	31 Mar 2025	31 Mar 2025	CPAI-2024-1517		CVE-2024-50322	Ivanti Endpoint Manager Directory Traversal (CVE-2024-50322)
High	31 Mar 2025	31 Mar 2025	CPAI-2024-1466		CVE-2024-50567	Fortinet FortiWeb Command Injection (CVE-2024-50567)
Medium	31 Mar 2025	31 Mar 2025	CPAI-2025-0060			Nagios Enterprises Nagios XI SQL Injection
Medium	31 Mar 2025	31 Mar 2025	CPAI-2025-0026		CVE-2025-21308	Microsoft Windows Spoofing (CVE-2025-21308)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1536		CVE-2024-7646	NGINX Ingress Controller Code Injection (CVE-2024-7646)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2024-1526		CVE-2024-50379	Apache Tomcat Information Disclosure (CVE-2024-50379)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0114		CVE-2025-0655	Man Group D-Tale Command Injection (CVE-2025-0655)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1520		CVE-2024-54887	TP-Link TL-WR940N Buffer Overflow (CVE-2024-54887)
High	30 Mar 2025	30 Mar 2025	CPAI-2025-0069		CVE-2025-26794	Exim SQL Injection (CVE-2025-26794)
High	9 Mar 2025	30 Mar 2025	CPAI-2016-1424		CVE-2016-7256	Microsoft Windows Open Type Font Remote Code Execution (CVE-2016-7256)
Critical	17 Feb 2025	30 Mar 2025	CPAI-2025-0042		CVE-2025-25064	Zimbra Collaboration SQL Injection (CVE-2025-25064)
Medium	11 Feb 2025	30 Mar 2025	CPAI-2025-0032	Microsoft CVE-2025-21377	CVE-2025-21377	Microsoft Windows NTLM Information Disclosure (CVE-2025-21377)
High	6 Feb 2025	30 Mar 2025	CPAI-2024-1323		CVE-2024-45802	Squid Denial of Service (CVE-2024-45802)
Medium	25 Mar 2025	25 Mar 2025	CPAI-2019-3262		CVE-2019-15276	Cisco Wireless LAN Controller Cross-Site Scripting (CVE-2019-15276)
High	24 Mar 2025	24 Mar 2025	CPAI-2024-1510		CVE-2024-20440	Cisco Smart Licensing Utility Information Disclosure (CVE-2024-20440)
High	24 Mar 2025	24 Mar 2025	CPAI-2024-1504		CVE-2024-53961	Adobe ColdFusion Directory Traversal (CVE-2024-53961)
Critical	24 Mar 2025	24 Mar 2025	CPAI-2010-0815		CVE-2009-0542 CVE-2010-2453	FTP Insecure Sanitization in User Name (CVE-2009-0542; CVE-2010-2453)
Critical	23 Mar 2025	23 Mar 2025	CPAI-2024-1506		CVE-2024-5765	WordPress WpStickyBar Plugin SQL Injection (CVE-2024-5765)
High	20 Mar 2025	20 Mar 2025	CPAI-2025-0100			Kentico Xperience Remote Code Execution
Critical	20 Mar 2025	20 Mar 2025	CPAI-2016-1442		CVE-2016-4532	Trihedral VTScada Directory Traversal (CVE-2016-4532)
High	13 Mar 2025	20 Mar 2025	CPAI-2025-0086		CVE-2025-27636 CVE-2025-29891	Apache Camel Remote Code Execution (CVE-2025-27636; CVE-2025-29891)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2024-1368		CVE-2024-52012	Apache Solr Directory Traversal (CVE-2024-52012)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2023-1958		CVE-2023-48783	Fortinet FortiPortal Directory Traversal (CVE-2023-48783)
High	20 Mar 2025	20 Mar 2025	CPAI-2024-1063		CVE-2024-38071	Microsoft Windows Server Denial of Service (CVE-2024-38071)
High	19 Mar 2025	19 Mar 2025	CPAI-2025-0099			Kentico Xperience Authentication Bypass
High	18 Mar 2025	18 Mar 2025	CPAI-2018-2900		CVE-2018-12900	LibTIFF Buffer Overflow (CVE-2018-12900)
High	18 Mar 2025	18 Mar 2025	CPAI-2016-1436		CVE-2016-2171	Apache Jetspeed Authentication Bypass (CVE-2016-2171)
Critical	17 Mar 2025	17 Mar 2025	CPAI-2024-1488		CVE-2024-54676	Apache OpenMeetings Insecure Deserialization (CVE-2024-54676)
Medium	16 Mar 2025	16 Mar 2025	CPAI-2025-0082		CVE-2025-0370	WordPress vanokhin Shortcodes Ultimate Plugin Cross-Site Scripting (CVE-2025-0370)
High	16 Mar 2025	16 Mar 2025	CPAI-2024-1484		CVE-2024-10400	WordPress Themeum Tutor LMS Plugin SQL Injection (CVE-2024-10400)
Critical	13 Jan 2025	16 Mar 2025	CPAI-2025-0002		CVE-2025-0282	Ivanti Buffer Overflow (CVE-2025-0282)
High	13 Mar 2025	13 Mar 2025	CPAI-2024-1468		CVE-2024-32840	Ivanti Endpoint Manager SQL Injection (CVE-2024-32840)
Critical	12 Mar 2025	12 Mar 2025	CPAI-2024-1461		CVE-2024-10470	WordPress LMS Theme Authentication Bypass (CVE-2024-10470)
High	12 Mar 2025	12 Mar 2025	CPAI-2025-0066			Easy File Sharing Buffer Overflow
Medium	12 Mar 2025	12 Mar 2025	CPAI-2018-2896		CVE-2018-11690	Joomla Balbooa Gridbox Cross-Site Scripting (CVE-2018-11690)