Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•43 views

InterNetNews Control Message Handling Buffer Overflow - Ver2 (CVE-2004-0045)

The InterNetNews package INN is a complete Usenet system. It includes innd, an NNTP server, and nnrpd, a newsreading server. A vulnerability exists in the NNTP server component of InterNetNews INN, which can be exploited to compromise a vulnerable system. The vulnerability is caused due to a...

7.5CVSS6.7AI score0.08622EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/05/21 12:0 a.m.•43 views

NAS4Free exec.php Arbitrary Remote Code Execution (CVE-2013-3631)

A code execution vulnerability has been reported in NAS4Free. The vulnerability is due to "Advanced | Execute Command" feature that allows remote authenticated users to execute arbitrary PHP code via a request to exec.php. A remote unauthenticated attacker can exploit this vulnerability by execut...

6CVSS7.5AI score0.13729EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/04/25 12:0 a.m.•43 views

Apache Struts ParametersInterceptor ClassLoader Security Bypass (CVE-2014-0094; CVE-2014-0112; CVE-2014-0113; CVE-2014-0114)

A security bypass vulnerability exists in Apache Struts. The vulnerability is due to inadequate validation of data processed by ParametersInterceptor allowing for manipulation of the ClassLoader. A remote attacker could exploit this vulnerability by providing a class parameter in a request...

7.5CVSS3.8AI score0.99614EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•43 views

IBM Forms Viewer XFDL Form Processing Stack Buffer Overflow - Ver2 (CVE-2013-5447)

A buffer overflow vulnerability has been reported in IBM Forms Viewer. The vulnerability is due to an error when processing XFDL forms and can be exploited to cause a stack-based buffer overflow. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...

7.5AI score0.34035EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•43 views

HP Managed printing Administration jobAcct Remote Command Execution - Ver2 (CVE-2011-4166)

A command execution vulnerability has been reported in Hp Managed Printing Administration. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...

7.5CVSS6.5AI score0.61756EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/16 12:0 a.m.•43 views

RealNetworks RealPlayer RMP File Stack Buffer Overflow (CVE-2013-6877)

A stack buffer overflow exists in RealNetworks RealPlayer. Successful exploitation could result in arbitrary code execution in the context of the currently logged in user. The vulnerability is due to an error when parsing the version and encoding attributes of the XML declaration statement. An...

5.8AI score0.11345EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2014/03/04 12:0 a.m.•43 views

phpBB viewtopic.php URL Decoding Code Execution - ver 2 (CVE-2004-1315)

A code injection and execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic.php. A remote attacker can exploit this issue by injecting malicious SQL code to the target server. Successful exploitatio...

2.8AI score0.72096EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2014/02/03 12:0 a.m.•43 views

System V TTYPROMPT Buffer Overflow - Ver2 (CVE-2001-0797)

A buffer overflow vulnerability has been reported in various System V based operating systems. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.4AI score0.88836EPSS
Exploits27
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•43 views

Microsoft .NET Framework Array Access Violation (MS13-052; CVE-2013-3131; CVE-2013-3134)

A remote code execution vulnerability exists in the way the .NET Framework handles multidimensional arrays of small structures. The vulnerability is caused when the .NET Framework improperly handles multidimensional arrays of small structures. An attacker who successfully exploited this...

9.3CVSS7.2AI score0.22008EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•43 views

Microsoft RPC Services Path Canonicalization Remote Code Execution (CVE-2008-4250)

A remote code execution vulnerability has been reported in applications based on the SMB protocol...

9.5AI score0.98751EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2013/06/11 12:0 a.m.•43 views

Internet Explorer deleted html object Use After Free (MS13-047; CVE-2013-3111)

A use after free vulnerability has been reported in Internet Explorer...

6.5AI score0.33537EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/05/14 12:0 a.m.•43 views

Microsoft .NET XML Digital Signature Spoofing (MS13-040; CVE-2013-1336)

A spoofing vulnerability has been reported when the Microsoft .NET Framework fails to properly validate the signature of specially crafted XML files. Successful exploitation would allow an attacker to modify the contents of an XML file without invalidating the signature associated with the file...

3.3AI score0.19263EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/04/25 12:0 a.m.•43 views

EMC AlphaStor Device Manager Buffer Overflow - High Confidence (CVE-2013-0930)

A stack-based buffer overflow vulnerability has been reported in EMC AlphaStor Device Manager. The vulnerability is due to a lack of boundary checking when processing certain opcode messages in rrobotd.exe. Unauthenticated attackers can exploit this vulnerability to execute arbitrary code in the...

7.5AI score0.02752EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/02/12 12:0 a.m.•43 views

Internet Explorer Shift JIS Character Encoding (MS13-009; CVE-2013-0015)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer...

7.3AI score0.15853EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2012/10/14 12:0 a.m.•43 views

EMC AutoStart ftAgent.exe Multiple Integer Overflow Vulnerabilities (CVE-2012-0409)

Multiple buffer overflow vulnerabilities have been reported in EMC AutoStart...

7.2AI score0.04754EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2012/10/14 12:0 a.m.•43 views

EMC NetWorker nsrd Format String Remote Code Execution (CVE-2012-2288)

A remote code execution vulnerability has been reported in EMC NetWorker...

7.4AI score0.3312EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2011/12/06 12:0 a.m.•43 views

Adobe Flex SDK Flex-Generated SWF File Cross-Site Scripting (APSB11-25; CVE-2011-2461)

A Cross-site scripting vulnerability has been reported in Adobe Flex SDK. The vulnerability is due to an error in the way Flex-generated SWF files accept arguments. A remote attacker could exploit this vulnerability by enticing a user to open a web page containing an embedded malformed SWF file...

4.3CVSS5.3AI score0.07689EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2010/12/12 12:0 a.m.•43 views

Novell iPrint Client GetDriverSettings Stack Buffer Overflow (CVE-2011-3173)

Novell iPrint Client is an application that allows users to install and manage printers, or submit print job from a web browser. Novell iPrint Client is bundled with a set of ActiveX controls that implement various functions. A stack buffer overflow exists in Novell iPrint Client. The vulnerabili...

7.5CVSS7.4AI score0.04831EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2010/08/10 12:0 a.m.•43 views

Microsoft MPEG Layer-3 Codecs Memory Corruption (MS10-052; CVE-2010-1882)

Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. A remote code execution vulnerability has been reported in the Microsoft DirectShow MP3 filter. The vulnerability is within the MPEG Layer-3 Audio Codec for Microsoft DirectShow l3codecx.ax. The Microsoft MPE...

9.3CVSS7AI score0.23415EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/07/27 12:0 a.m.•43 views

ClamAV UPX File Handling Heap Overflow (CVE-2006-4018)

ClamAV AntiVirus is an open source product that provides anti-virus scanning utilities and an anti-virus library. The product is capable of decoding several archive formats in order to scan their internal items for viruses. One of such archive formats is the UPX Ultimate Packer for eXecutables fi...

7.5CVSS7.7AI score0.19058EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2010/07/05 12:0 a.m.•43 views

Symantec Backup Exec System Recovery Manager Unauthorized File Upload (CVE-2008-0457)

Symantec Backup Exec System Recovery Manager is a complete, disk-based system recovery solution for Microsoft Windows based servers, desktops, and laptops that allows businesses to recover from system loss or disasters. A file upload vulnerability exists in the Symantec Backup Exec System Recover...

10CVSS6.9AI score0.11863EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2010/06/28 12:0 a.m.•43 views

RSA Authentication Agent for Web Buffer Overflow (CVE-2005-1471)

The RSA Authentication Agent for Web for Internet Information Services IIS provides protection for selected web pages by securing them with the RSA SecurID authentication mechanism. When a user attempts to access a resource that is secured with the RSA SecurID, the RSA Agent authenticates the use...

7.5CVSS7.6AI score0.02634EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2010/02/14 12:0 a.m.•43 views

BitDefender Online Scanner ActiveX Control Buffer Overflow (CVE-2007-5775)

BitDefender is an antivirus software suite developed by SOFTWIN. BitDefender website offers a free online antivirus scanner. The BitDefender online scanner installation on a Windows system includes an ActiveX control. There exists a buffer overflow vulnerability in BitDefender Online Scanner. Thi...

9.3CVSS7.5AI score0.26909EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2010/01/31 12:0 a.m.•43 views

Unisys Business Information Server Stack Buffer Overflow (CVE-2009-1628)

The Unisys Business Information Server is a business information management solution that provides data access, analysis and reporting in an open, enterprise-wide computing environment. Business Information Server transforms corporate data into information that is made available throughout the...

10CVSS7.7AI score0.05244EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2009/12/08 12:0 a.m.•43 views

Borland StarTeam Multicast Service HTTP Handling Buffer Overflow (CVE-2008-0311)

StarTeam is a revision control and SCM software system, originally produced by Starbase Corporation, and acquired by Borland in 2003. The system is backed by a relational database, that retains all changes made to a project during its evolution. Borland StarTeam can be installed as a component of...

9.3CVSS7.6AI score0.31024EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2009/12/06 12:0 a.m.•43 views

IBM Access Support ActiveX GetXMLValue Method Buffer Overflow (CVE-2009-0215)

IBM Access Support is part of a suite of several tools used by IBM to provide support to its customers having IBM/Lenovo Laptops and Desktop systems. This product is used by the vendor to remotely examine the product and collect information in order to address any problems or distribute updates. ...

9.3CVSS7AI score0.36309EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2009/11/25 12:0 a.m.•43 views

Ipswitch IMail Server SMTP Service Buffer Overflow (CVE-2006-4379)

The Ipswitch IMail Server is a mail server product geared towards medium to large size organizations. It contains implementations of POP3, IMAP4, and SMTP servers. The SMTP server module is installed and started in a default installation. There exists a vulnerability in the SMTP module of the...

7.5CVSS7.6AI score0.60041EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2009/06/13 12:0 a.m.•43 views

Preemptive Protection against Apple QuickTime PICT Image paintPoly Parsing Heap Buffer Overflow

A buffer overflow vulnerability was reported in Apple QuickTime, a multimedia player that supports a wide range of media formats. Apple QuickTime fails to process crafted PICT images. Remote attackers may exploit this vulnerability by persuading a target user to open a specially crafted PICT file...

9.3CVSS7.5AI score0.08221EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2009/04/14 12:0 a.m.•43 views

Microsoft Excel TXO and OBJ Records Parsing Memory Corruption (MS08-074; CVE-2008-4265; CVE-2009-0100)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in the Microsoft Excel. The vulnerability is due to a memory corruption error in Microsoft Excel when loading Excel records. An attacker can exploit this flaw to execute arbitrary code ...

9.3CVSS7.7AI score0.29043EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2008/02/26 12:0 a.m.•43 views

Update IPS-1 with a Protection against Apple QuickTime and Apple QuickDraw Vulnerabilities

Several vulnerabilities have been identified within various versions of Apple QuickTime and Apple QuickDraw that, if exploited, would allow a remote attacker to execute arbitrary code on a vulnerable system...

10CVSS7.5AI score0.46662EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2007/03/14 12:0 a.m.•43 views

Update Protection against Microsoft Internet Explorer FTP Responses Remote Code Execution Vulnerability (MS07-016)

A remote code execution vulnerability has been reported in the way Microsoft Internet Explorer IE processes certain responses from FTP servers. The File Transfer Protocol FTP is used to connect computers over the Internet enabling file transferring between their users. An attacker can exploit the...

10CVSS7.7AI score0.60813EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2006/10/18 12:0 a.m.•43 views

Internet Explorer VML Rect Fill Method Buffer Overflow (MS06-055; CVE-2006-4868)

Microsoft Internet Explorer is the most widely used Internet browser. Microsoft Internet Explorer fails to handle Vector Markup Language VML tags. VML is a set of XML tags for drawing vector graphics. A remote attacker may trigger this vulnerability to execute arbitrary code on the target system...

9.3CVSS7.2AI score0.62149EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2005/02/01 12:0 a.m.•43 views

SSL - General Settings (CVE-2003-0719; CVE-2004-0826)

SSL Protections use a SSL protocol parser which uses a default port of TCP/443, but this port can be reconfigured...

7.5CVSS6.3AI score0.83412EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2022/11/28 12:0 a.m.•42 views

TOTOLINK X5000R Command Injection (CVE-2022-26213)

A command injection vulnerability exists in TOTOLINK X5000R. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.3AI score0.2558EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/11/24 12:0 a.m.•42 views

WaimairenCMS Remote Code Execution (CVE-2022-30450)

A remote code execution vulnerability exists in WaimairenCMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.6AI score0.21035EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/11/17 12:0 a.m.•42 views

O2OA Remote Code Execution (CVE-2022-22916)

A remote code execution vulnerability exists in O2OA. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

7.5CVSS7AI score0.38394EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2022/11/17 12:0 a.m.•42 views

Delta Industrial Automation DIAEnergie SQL Injection (CVE-2022-1378)

An SQL injection exists in Delta Industrial Automation DIAEnergie. The vulnerability is due to an input validation error...

10CVSS4AI score0.19365EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/11/14 12:0 a.m.•42 views

D-Link Central WiFiManager CWM-100 SQL Injection (CVE-2019-13373)

An SQL injection vulnerability exists in D-Link Central WiFiManager CWM-100. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.5AI score0.68019EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2022/11/08 12:0 a.m.•42 views

Microsoft Windows Scripting Languages Remote Code Execution (CVE-2022-41118)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5AI score0.01064EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/11/24 12:0 a.m.•42 views

Feehi CMS Remote Code Execution (CVE-2020-21322)

A remote code execution vulnerability exists in Feehi CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.5AI score0.01781EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/11/17 12:0 a.m.•42 views

Draytek VigorConnect Arbitrary File Upload (CVE-2021-20125)

An arbitrary file upload vulnerability exists in Draytek VigorConnect. Successful exploitation of this vulnerability could allow an unauthenticated attacker to upload arbitrary files to the affected system...

10CVSS9.1AI score0.03823EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/11/11 12:0 a.m.•42 views

Draytek VigorConnect Directory Traversal (CVE-2021-20123)

A directory traversal vulnerability exists in Draytek VigorConnect. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

7.8CVSS7.2AI score0.74279EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/26 12:0 a.m.•42 views

Eyoucms Directory Traversal (CVE-2021-39500)

A directory traversal vulnerability exists in Eyoucms. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...

5CVSS7.2AI score0.01462EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/10 12:0 a.m.•42 views

Microsoft Scripting Engine Memory Corruption (CVE-2021-34480)

A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS8.8AI score0.31825EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/13 12:0 a.m.•42 views

ManageEngine ADSelfService Plus Command Injection (CVE-2021-33256)

A command injection vulnerability exists in ManageEngine ADSelfService Plus. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9.3CVSS6.2AI score0.79003EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/21 12:0 a.m.•42 views

GoAhead Web Server Authentication Bypass (CVE-2020-15688)

An authentication bypass vulnerability exists in GoAhead Web Server. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...

6.8CVSS6.6AI score0.04039EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/03/10 12:0 a.m.•42 views

Teachers Record Management System SQL Injection (CVE-2021-26822)

An SQL injection vulnerability exists in Teachers Record Management System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS7.3AI score0.04844EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/01/19 12:0 a.m.•42 views

Joomla! mod_random_image Cross-Site Scripting (CVE-2020-15696)

A stored cross-site scripting vulnerability exists in Joomla! CMS Core. The vulnerability is due to improper validation of the link parameter in the modrandomimage module...

4.3CVSS5.6AI score0.03213EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/08/25 12:0 a.m.•42 views

WordPress Real-Time Find and Replace Plugin Cross-Site Scripting (CVE-2020-13641)

A cross-site scripting vulnerability exists in WordPress Real-Time Find and Replace Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

6.8CVSS5.1AI score0.00809EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/07/28 12:0 a.m.•42 views

Elasticsearch Privilege Escalation (CVE-2020-7009)

A privilege escalation vulnerability exists in Elasticsearch. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges...

6.5CVSS3.1AI score0.016EPSS
Exploits0
Total number of security vulnerabilities5000