Home / 2025 Advisories Archive

2025 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Medium	20 Apr 2025	20 Apr 2025	CPAI-2024-1530		CVE-2024-40777	Apple Multiple Products Out-Of-Bounds Access (CVE-2024-40777)
Critical	20 Apr 2025	20 Apr 2025	CPAI-2022-2204		CVE-2022-24310	Schneider Electric Interactive Graphical SCADA System Integer Overflow (CVE-2022-24310)
Critical	20 Apr 2025	20 Apr 2025	CPAI-2021-2309		CVE-2021-20042	SonicWall Sma 200 Firmware Authentication Bypass (CVE-2021-20042)
Medium	20 Apr 2025	20 Apr 2025	CPAI-2022-2207		CVE-2022-1045	Trudesk Arbitrary File Upload (CVE-2022-1045)
Critical	20 Apr 2025	20 Apr 2025	CPAI-2024-1452		CVE-2024-47009	Ivanti Avalanche Authentication Bypass (CVE-2024-47009)
Medium	20 Apr 2025	20 Apr 2025	CPAI-2024-1605		CVE-2024-45598	Cacti Remote Code Execution (CVE-2024-45598)
High	20 Apr 2025	20 Apr 2025	CPAI-2025-0196		CVE-2025-25291	SAML-Toolkits ruby-saml Authentication Bypass (CVE-2025-25291)
High	20 Apr 2025	20 Apr 2025	CPAI-2024-1579		CVE-2024-31449	Redis Buffer Overflow (CVE-2024-31449)
High	20 Apr 2025	20 Apr 2025	CPAI-2024-1602		CVE-2024-33342	D-Link DIR-822 Command Injection (CVE-2024-33342)
Critical	20 Apr 2025	20 Apr 2025	CPAI-2024-1604		CVE-2024-45324	Fortinet FortiOS Format String (CVE-2024-45324)
High	20 Apr 2025	20 Apr 2025	CPAI-2021-2310		CVE-2021-20041	SonicWall Sma 200 Firmware Authentication Bypass (CVE-2021-20041)
Medium	17 Apr 2025	17 Apr 2025	CPAI-2025-0195		CVE-2025-1758	Kemp LoadMaster Buffer Overflow (CVE-2025-1758)
High	17 Apr 2025	17 Apr 2025	CPAI-2023-2030		CVE-2023-36969	CMS Made Simple Arbitrary File Upload (CVE-2023-36969)
Critical	12 Mar 2025	17 Apr 2025	CPAI-2025-0077			Argument Injection Over HTTP
Critical	2 Feb 2025	17 Apr 2025	CPAI-2024-1351		CVE-2024-53704	SonicWall SonicOS Authentication Bypass (CVE-2024-53704)
Medium	16 Apr 2025	16 Apr 2025	CPAI-2019-3273		CVE-2019-13068	Grafana Cross-Site Scripting (CVE-2019-13068)
Critical	16 Apr 2025	16 Apr 2025	CPAI-2024-1590		CVE-2024-48307	JeecgBoot SQL Injection (CVE-2024-48307)
Critical	16 Apr 2025	16 Apr 2025	CPAI-2024-1587		CVE-2024-24767	IceWhale CasaOS Brute Force Login Attempt (CVE-2024-24767)
Critical	6 Feb 2025	16 Apr 2025	CPAI-2024-1321		CVE-2018-3760 CVE-2021-25864 CVE-2024-48914 CVE-2025-2264	Static Files Folders Directory Traversal (CVE-2018-3760; CVE-2021-25864; CVE-2024-48914; CVE-2025-2264)
High	15 Apr 2025	15 Apr 2025	CPAI-2025-0193		CVE-2025-3102	WordPress OttoKit Plugin Authentication Bypass (CVE-2025-3102)
Critical	15 Apr 2025	15 Apr 2025	CPAI-2024-1591		CVE-2024-48887	Fortinet FortiSwitch Authentication Bypass (CVE-2024-48887)
High	15 Apr 2025	15 Apr 2025	CPAI-2023-2028		CVE-2023-22952	SugarCRM Code Injection (CVE-2023-22952)
Critical	15 Apr 2025	15 Apr 2025	CPAI-2024-1581		CVE-2024-47908	Ivanti Cloud Services Appliance Command Injection (CVE-2024-47908)
High	15 Apr 2025	15 Apr 2025	CPAI-2024-1577		CVE-2024-54146	Cacti SQL Injection (CVE-2024-54146)
Medium	15 Apr 2025	15 Apr 2025	CPAI-2024-1575		CVE-2024-55963	Appsmith Improper Access Control (CVE-2024-55963)
High	15 Apr 2025	15 Apr 2025	CPAI-2024-1573		CVE-2024-23334	Aiohttp Directory Traversal (CVE-2024-23334)
High	15 Apr 2025	15 Apr 2025	CPAI-2023-2026		CVE-2023-24709	Paradox IPR512 Denial of Service (CVE-2023-24709)
Medium	15 Apr 2025	15 Apr 2025	CPAI-2024-1571		CVE-2024-34781	Ivanti Endpoint Manager SQL Injection (CVE-2024-34781)
Critical	15 Apr 2025	15 Apr 2025	CPAI-2024-1570		CVE-2024-39205	Python pyLoad-ng Package Remote Code Execution (CVE-2024-39205)
Critical	15 Apr 2025	15 Apr 2025	CPAI-2025-0164		CVE-2025-22954	Koha SQL Injection (CVE-2025-22954)
Critical	15 Apr 2025	15 Apr 2025	CPAI-2025-0125			Sensitive Configuration File Disclosure
Medium	15 Apr 2025	15 Apr 2025	CPAI-2024-1472		CVE-2024-3274	D-Link DNS Series Information Disclosure (CVE-2024-3274)
Critical	14 Apr 2025	14 Apr 2025	CPAI-2025-0191		CVE-2025-3248	Langflow Remote Code Execution (CVE-2025-3248)
Medium	14 Apr 2025	14 Apr 2025	CPAI-2019-3272		CVE-2019-6842 CVE-2019-6843 CVE-2019-6844	Schneider-Electric Modicon Denial of Service (CVE-2019-6842; CVE-2019-6843; CVE-2019-6844)
High	14 Apr 2025	14 Apr 2025	CPAI-2019-3271		CVE-2019-6848	Schneider Electric Modicon Denial of Service (CVE-2019-6848)
Critical	14 Apr 2025	14 Apr 2025	CPAI-2025-0190		CVE-2025-2620	D-Link DAP-1620 Buffer Overflow (CVE-2025-2620)
Critical	14 Apr 2025	14 Apr 2025	CPAI-2017-1955		CVE-2017-6026	Schneider Electric Modicon Remote Code Execution (CVE-2017-6026)
Medium	14 Apr 2025	14 Apr 2025	CPAI-2019-3270		CVE-2019-6841	Schneider Electric Modicon Denial of Service (CVE-2019-6841)
Critical	14 Apr 2025	14 Apr 2025	CPAI-2025-0171		CVE-2025-25579	TOTOLINK A3002R Command Injection (CVE-2025-25579)
High	14 Apr 2025	14 Apr 2025	CPAI-2023-2023		CVE-2023-27159	Appwrite Server-Side Request Forgery (CVE-2023-27159)
High	20 Mar 2025	14 Apr 2025	CPAI-2025-0098		CVE-2025-0411	7-Zip Remote Code Execution (CVE-2025-0411)
Critical	10 Apr 2025	10 Apr 2025	CPAI-2024-1582		CVE-2024-45488	One Identity SafeGuard for Privileged Passwords Authentication Bypass (CVE-2024-45488)
Critical	10 Apr 2025	10 Apr 2025	CPAI-2025-0174		CVE-2025-2945	PostgreSQL pgAdmin Remote Code Execution (CVE-2025-2945)
High	10 Apr 2025	10 Apr 2025	CPAI-2019-3269		CVE-2019-6851	Schneider-Electric Modicon Information Disclosure (CVE-2019-6851)
Medium	10 Apr 2025	10 Apr 2025	CPAI-2024-1572		CVE-2024-11716	CTFd Privilege Escalation (CVE-2024-11716)
Critical	10 Apr 2025	10 Apr 2025	CPAI-2018-2910		CVE-2018-7842	Schneider-Electric Modicon Privilege Escalation (CVE-2018-7842)
Medium	10 Apr 2025	10 Apr 2025	CPAI-2020-4289		CVE-2020-2230	Jenkins Cross-Site Scripting (CVE-2020-2230)
Medium	9 Apr 2025	9 Apr 2025	CPAI-2025-0188	Adobe APSB25-15	CVE-2025-30294	Adobe ColdFusion Improper Input Validation (APSB25-15: CVE-2025-30294)
High	9 Apr 2025	9 Apr 2025	CPAI-2025-0187	Adobe APSB25-15	CVE-2025-30285	Adobe ColdFusion Deserialization of Untrusted Data (APSB25-15: CVE-2025-30285)
Medium	9 Apr 2025	9 Apr 2025	CPAI-2025-0186	Adobe APSB25-15	CVE-2025-30292	Adobe ColdFusion Cross-Site Scripting (APSB25-15: CVE-2025-30292)