Lucene search
K

34 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-2733

Malware in sbrugna...

6.9CVSS6.3AI score0.00399EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-17851

Malware in sbrugna...

7.8CVSS7.7AI score0.01124EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 5:3 p.m.5 views

CVE-2020-6015

Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations...

5.5CVSS7AI score0.00338EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:44 p.m.11 views

CVE-2020-6021

Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted...

7.8CVSS6.9AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:2 a.m.6 views

CVE-2019-8461

Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with...

7.8CVSS7AI score0.01124EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:1 a.m.10 views

CVE-2019-8452

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gain...

7.8CVSS6.7AI score0.01038EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.6 views

CVE-2019-8459

Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one...

9.8CVSS6.9AI score0.01191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.7 views

CVE-2019-8454

A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the syste...

7CVSS7AI score0.00326EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:21 a.m.9 views

CVE-2012-2753

Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect aka EPC GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint Connect R73.x, and Remote Access Clients E75.x allows local users to gain privileges via a Trojan...

6.9CVSS6.9AI score0.00399EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/07 12:0 a.m.6 views

PT-2023-8555 · Check Point · Check Point Endpoint Security +2

Name of the Vulnerable Software and Affected Versions: Check Point Harmony Endpoint/ZoneAlarm Extreme Security versions affected versions not specified Description: The issue is related to improper permission assignment for a critical resource in Check Point Endpoint Security. It allows a local...

7.8CVSS7.3AI score0.00239EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/07/23 9:7 a.m.10 views

CVE-2023-28133

Local privilege escalation in Check Point Endpoint Security Client version E87.30 via crafted OpenSSL configuration file...

7.2AI score0.05701EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/23 9:7 a.m.33 views

CVE-2023-28133

Local privilege escalation in Check Point Endpoint Security Client version E87.30 via crafted OpenSSL configuration file...

8AI score0.05701EPSS
Exploits0References1
CVE
CVE
added 2023/07/23 9:7 a.m.69 views

CVE-2023-28133

CVE-2023-28133 relates to a local privilege escalation in Check Point Endpoint Security Client (E87.30). The root cause is a flaw involving a crafted OpenSSL configuration file that allows a low-privilege user (Users group) to elevate privileges via affected components (e.g., TracSrvWrapper.exe, ...

7.8CVSS7.7AI score0.05701EPSS
Exploits0References1Affected Software1
CheckPoint Security
CheckPoint Security
added 2022/05/11 12:0 a.m.24 views

Check Point Response to CVE-2022-23742 - local privileges escalation in Endpoint Security Client's EFRService

Symptoms - The EFRService, which collects forensics data for various blades for the Check Point Endpoint Security Client for Windows, copies files for forensics reports from a directory with insufficient privileges. A local attacker can replace those files with malicious or linked content, which...

7.8CVSS7.5AI score0.04076EPSS
Exploits0
NVD
NVD
added 2019/12/23 7:15 p.m.17 views

CVE-2019-8463

A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations...

7.5CVSS7.4AI score0.01209EPSS
Exploits0References1
exploitpack
exploitpack
added 2019/10/07 12:0 a.m.52 views

CheckPoint Endpoint Security ClientZoneAlarm 15.4.062.17802 - Privilege Escalation

CheckPoint Endpoint Security ClientZoneAlarm 15.4.062.17802 - Privilege Escalation Exploit Title: CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation Date: 2019-01-30 Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.checkpoint.com/ Version: Check Poin...

4.6CVSS0.3AI score0.01038EPSS
Exploits5
NVD
NVD
added 2019/08/29 9:15 p.m.20 views

CVE-2019-8461

Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with...

7.8CVSS7.7AI score0.01124EPSS
Exploits1References2
Prion
Prion
added 2019/08/29 9:15 p.m.14 views

Path traversal

Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with...

6.8CVSS7.7AI score0.01124EPSS
Exploits1References2Affected Software3
Prion
Prion
added 2019/04/29 4:29 p.m.16 views

Hardcoded credentials

A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the syste...

6.9CVSS6.8AI score0.00326EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/04/29 3:10 p.m.14 views

CVE-2019-8454

A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the syste...

6.9AI score0.00326EPSS
Exploits0References1
Rows per page
Query Builder