Home / 2025 Advisories Archive

2025 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0118		CVE-2025-29774	Node.js xml-crypto Privilege Escalation (CVE-2025-29774)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1521		CVE-2024-12971	Pandora FMS Command Injection (CVE-2024-12971)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0117		CVE-2025-29775	Node.js xml-crypto Privilege Escalation (CVE-2025-29775)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0116		CVE-2025-0868	DocsGPT Remote Code Execution (CVE-2025-0868)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0114		CVE-2025-0655	Man Group D-Tale Command Injection (CVE-2025-0655)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1520		CVE-2024-54887	TP-Link TL-WR940N Buffer Overflow (CVE-2024-54887)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2025-0112		CVE-2025-0890	Zyxel VMG4325-B10A Authentication Bypass(CVE-2025-0890)
Medium	30 Mar 2025	30 Mar 2025	CPAI-2025-0111		CVE-2025-1035	Komtera Technologies KLog Server Directory Traversal (CVE-2025-1035)
High	30 Mar 2025	30 Mar 2025	CPAI-2025-0110		CVE-2025-1025	Cockpit HQ Cockpit Arbitrary File Upload (CVE-2025-1025)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2024-1514		CVE-2024-5315	Dolibarr ERP CRM SQL Injection (CVE-2024-5315)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1513		CVE-2024-46982	Vercel Next.js Remote Code Execution (CVE-2024-46982)
Critical	25 Mar 2025	30 Mar 2025	CPAI-2025-0109		CVE-2025-29927	Next.js Authentication Bypass (CVE-2025-29927)
High	30 Mar 2025	30 Mar 2025	CPAI-2023-2016		CVE-2023-1545	TeamPass SQL Injection (CVE-2023-1545)
Medium	30 Mar 2025	30 Mar 2025	CPAI-2020-4287		CVE-2020-11456	LimeSurvey Cross-Site Scripting (CVE-2020-11456)
Critical	30 Mar 2025	30 Mar 2025	CPAI-2024-1500		CVE-2024-6396	Aim Path Traversal (CVE-2024-6396)
High	30 Mar 2025	30 Mar 2025	CPAI-2025-0069		CVE-2025-26794	Exim SQL Injection (CVE-2025-26794)
Critical	26 Feb 2025	30 Mar 2025	CPAI-2025-0057		CVE-2025-27364	MITRE Caldera Remote Code Execution (CVE-2025-27364)
High	30 Mar 2025	30 Mar 2025	CPAI-2024-1408		CVE-2024-53674	HPE Insight Remote Support XML External Entity Injection (CVE-2024-53674)
High	9 Mar 2025	30 Mar 2025	CPAI-2016-1424		CVE-2016-7256	Microsoft Windows Open Type Font Remote Code Execution (CVE-2016-7256)
Critical	17 Feb 2025	30 Mar 2025	CPAI-2025-0042		CVE-2025-25064	Zimbra Collaboration SQL Injection (CVE-2025-25064)
Medium	11 Feb 2025	30 Mar 2025	CPAI-2025-0032	Microsoft CVE-2025-21377	CVE-2025-21377	Microsoft Windows NTLM Information Disclosure (CVE-2025-21377)
High	30 Jan 2025	30 Mar 2025	CPAI-2024-1345		CVE-2024-41710	Mitel Multiple Products Command Injection (CVE-2024-41710)
High	6 Feb 2025	30 Mar 2025	CPAI-2024-1323		CVE-2024-45802	Squid Denial of Service (CVE-2024-45802)
High	23 Jan 2025	30 Mar 2025	CPAI-2024-1310		CVE-2024-52875	GFI Kerio Control CRLF Injection (CVE-2024-52875)
High	6 Jan 2025	30 Mar 2025	CPAI-2024-1218		CVE-2024-12987	DrayTek Vigor Command Injection (CVE-2024-12987)
Critical	27 Mar 2025	27 Mar 2025	CPAI-2024-1518		CVE-2024-45622	ASIS SQL Injection (CVE-2024-45622)
Medium	27 Mar 2025	27 Mar 2025	CPAI-2025-0104		CVE-2025-23200	Librenms Cross-Site Scripting (CVE-2025-23200)
High	27 Mar 2025	27 Mar 2025	CPAI-2019-3263		CVE-2019-15043	Grafana Denial of Service (CVE-2019-15043)
Critical	9 Mar 2025	27 Mar 2025	CPAI-2025-0025			XSLT Injection
Critical	26 Mar 2025	26 Mar 2025	CPAI-2024-1509		CVE-2024-7463	TOTOLINK CP900 Buffer Overflow (CVE-2024-7463)
Medium	25 Mar 2025	25 Mar 2025	CPAI-2019-3262		CVE-2019-15276	Cisco Wireless LAN Controller Cross-Site Scripting (CVE-2019-15276)
Critical	25 Mar 2025	25 Mar 2025	CPAI-2021-2302		CVE-2019-10955 CVE-2021-23385 CVE-2021-23393 CVE-2021-32618	Open Redirect Attempt (CVE-2019-10955; CVE-2021-23385; CVE-2021-23393; CVE-2021-32618)
High	24 Mar 2025	24 Mar 2025	CPAI-2024-1510		CVE-2024-20440	Cisco Smart Licensing Utility Information Disclosure (CVE-2024-20440)
High	24 Mar 2025	24 Mar 2025	CPAI-2024-1504		CVE-2024-53961	Adobe ColdFusion Directory Traversal (CVE-2024-53961)
Critical	24 Mar 2025	24 Mar 2025	CPAI-2010-0815		CVE-2009-0542 CVE-2010-2453	FTP Insecure Sanitization in User Name (CVE-2009-0542; CVE-2010-2453)
Critical	23 Mar 2025	23 Mar 2025	CPAI-2024-1506		CVE-2024-5765	WordPress WpStickyBar Plugin SQL Injection (CVE-2024-5765)
Critical	23 Mar 2025	23 Mar 2025	CPAI-2025-0083		CVE-2025-24016	Wazuh Remote Code Execution (CVE-2025-24016)
High	23 Mar 2025	23 Mar 2025	CPAI-2025-0076		CVE-2025-2097	TOTOLINK EX1800T Stack Overflow (CVE-2025-2097)
High	23 Mar 2025	23 Mar 2025	CPAI-2024-1364		CVE-2024-53675	HPE Insight Remote Support XML External Entity Injection (CVE-2024-53675)
High	20 Mar 2025	20 Mar 2025	CPAI-2025-0100			Kentico Xperience Remote Code Execution
Critical	20 Mar 2025	20 Mar 2025	CPAI-2016-1442		CVE-2016-4532	Trihedral VTScada Directory Traversal (CVE-2016-4532)
Critical	16 Mar 2025	20 Mar 2025	CPAI-2025-0090		CVE-2025-1316	Edimax Multiple Products Command Injection (CVE-2025-1316)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2024-1495		CVE-2024-39931	Gogs Internal File Deletion (CVE-2024-39931)
High	13 Mar 2025	20 Mar 2025	CPAI-2025-0086		CVE-2025-27636 CVE-2025-29891	Apache Camel Remote Code Execution (CVE-2025-27636; CVE-2025-29891)
Critical	27 Feb 2025	20 Mar 2025	CPAI-2024-1448		CVE-2024-48248	NAKIVO Arbitrary File Read (CVE-2024-48248)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2024-1368		CVE-2024-52012	Apache Solr Directory Traversal (CVE-2024-52012)
Medium	20 Mar 2025	20 Mar 2025	CPAI-2023-1958		CVE-2023-48783	Fortinet FortiPortal Directory Traversal (CVE-2023-48783)
High	20 Mar 2025	20 Mar 2025	CPAI-2024-1063		CVE-2024-38071	Microsoft Windows Server Denial of Service (CVE-2024-38071)
High	19 Mar 2025	19 Mar 2025	CPAI-2025-0099			Kentico Xperience Authentication Bypass
Critical	18 Mar 2025	18 Mar 2025	CPAI-2025-0073		CVE-2025-1044	Logsign Unified SecOps Platform Authentication Bypass (CVE-2025-1044)