Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2010/11/04 12:0 a.m.•87 views

Internet Explorer Table Handling Memory Corruption (CVE-2010-3962)

Microsoft Internet Explorer is the most widely used Internet browser. A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted. To trigge...

9.3CVSS6.9AI score0.96889EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2022/11/07 12:0 a.m.•86 views

Cisco Firepower ASA Command Injection (CVE-2022-20828)

A command injection vulnerability exists in Cisco Firepower ASA. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.1AI score0.4831EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2021/01/03 12:0 a.m.•86 views

Arbitrary Code Injection Over HTTP Traffic (CVE-2020-21176; CVE-2020-25042; CVE-2020-26248; CVE-2020-26712; CVE-2020-28994; CVE-2020-29284; CVE-2020-6308; CVE-2021-25912)

Arbitrary Code Injections Over HTTP Traffic...

10CVSS1AI score0.61736EPSS
Exploits15
Check Point Advisories
Check Point Advisories
•added 2019/11/05 12:0 a.m.•86 views

rConfig Remote Code Execution (CVE-2019-16662; CVE-2019-16663)

A remote code execution vulnerability exists in rConfig. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.6AI score0.97702EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•86 views

Mozilla Firefox JIT escape Function Memory Corruption - Ver2 (CVE-2009-2477)

Mozilla Firefox is a web browser developed by Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions of HTML, XML, XUL, JavaScript, and various graphic formats, and so on. The browser runs on Windows,...

9.3CVSS9.4AI score0.42689EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2010/11/09 12:0 a.m.•86 views

Microsoft Office RTF Stack Buffer Overflow (MS10-087; CVE-2010-3333)

RTF provides a format for text and graphics interchange that can be used with different operating systems. A buffer overflow vulnerability has been identified in the way Microsoft Office parses Rich Text Format RTF files. The vulnerability is due to an error in Microsoft Office that fails to...

9.3CVSS7AI score0.89497EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2006/03/15 12:0 a.m.•86 views

Update Protection against Multiple Microsoft Office Vulnerabilities (MS06-012)

Several remote code execution vulnerabilities exist in Microsoft Office, including vulnerabilities in Excel, Power Point and Word. A remote attacker may create a malicious Excel, PowerPoint or Word file and host it on a Web site or send it as an email attachment. This may allow an attacker to...

6.8CVSS8AI score0.39593EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/05/02 12:0 a.m.•85 views

TP-LINK WR-886N Multiple Buffer Overflow Vulnerabilities (CVE-2021-44622; CVE-2021-44623; CVE-2021-44625; CVE-2021-44626; CVE-2021-44627; CVE-2021-44628; CVE-2021-44629; CVE-2021-44630; CVE-2021-44631; CVE-2021-44632)

Multiple buffer overflow vulnerabilities exist in TP-LINK WR-886N. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

10CVSS4.5AI score0.02413EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2021/11/28 12:0 a.m.•85 views

WordPress Workreap Theme Remote Code Execution (CVE-2021-24499)

A remote code execution vulnerability exists in WordPress Workreap theme. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.5AI score0.60113EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2021/04/28 12:0 a.m.•85 views

Qcubed Remote Code Execution (CVE-2020-24914)

A remote code execution vulnerability exists in Qcubed. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.3AI score0.0545EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2019/11/26 12:0 a.m.•85 views

Evernote Directory Traversal (CVE-2019-10038)

A directory traversal vulnerability exists in Evernote. This vulnerability is due to improper validation of embedded links in notes. Successful exploitation could result in arbitrary program execution...

4.4CVSS5.2AI score0.01307EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/01/28 12:0 a.m.•85 views

Turnkey Web Tools PHP Simple Shop abs-path Parameter PHP Code Execution - Ver2 (CVE-2006-4052)

A file inclusion vulnerability has been reported in Turnkey Web Tools PHP Simple Shop. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.4AI score0.16119EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/25 12:0 a.m.•84 views

WordPress Super Cache Plugin Remote Code Execution (CVE-2021-24209)

A remote code execution vulnerability exists inWordPress Super Cache Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.1AI score0.23844EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/03/30 12:0 a.m.•84 views

Tablib Databook Loading Functionality Remote Code Execution (CVE-2017-2810)

A remote code execution vulnerability exists in the Databook loading functionality of Python Tablib library. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.8AI score0.0487EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2019/11/20 12:0 a.m.•84 views

WordPress Core Remote Code Execution (CVE-2019-9787)

A remote code execution vulnerability exists in WordPress. The vulnerability is due to lack of protection against cross-site request forgery attack and improper validation of the comment content in the function which leads to stored cross-site scripting issue. Successful exploitation of this...

6.8CVSS3.9AI score0.4375EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/02/03 12:0 a.m.•84 views

Oracle Database Server AUTH_SESSKEY Stack Buffer Overflow - Ver2 (CVE-2009-1979)

A buffer overflow vulnerability has been reported in the Oracle Database server. The vulnerability is due to an error in the Oracle Database server that fails to sufficiently validate the length field of the AUTHSESSKEY parameter. A remote attacker could exploit this vulnerability by sending...

7.4AI score0.76361EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2014/01/20 12:0 a.m.•84 views

Microsoft Windows WinVerifyTrust PE Validation Security Bypass (MS13-098; CVE-2013-3900)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the WinVerifyTrust function handles Windows Authenticode signature verification for portable executable PE files. A remote attacker could trigger this flaw by sending a...

7.6CVSS3.5AI score0.44647EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/05/23 12:0 a.m.•83 views

Cacti SQL Injection (CVE-2020-14295)

An SQL injection vulnerability exists in Cacti. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.1AI score0.8633EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2021/02/06 12:0 a.m.•83 views

Nette Command Injection (CVE-2020-15227)

A command injection vulnerability exists in Nette. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.6AI score0.35228EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2020/08/02 12:0 a.m.•83 views

CloudMe Sync Buffer Overflow (CVE-2018-6892)

A buffer overflow vulnerability exists in CloudMe Sync. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.5CVSS9.2AI score0.93597EPSS
Exploits29
Check Point Advisories
Check Point Advisories
•added 2020/05/04 12:0 a.m.•83 views

Oracle Fusion Middleware WebLogic Server Insecure Deserialization (CVE-2020-2883; CVE-2020-2546; CVE-2020-2798; CVE-2020-2801; CVE-2020-2884)

An insecure deserialization vulnerability exists in the Oracle WebLogic Server. The vulnerability is due to the lack of input validation by the servlet. A successful attack could result in the execution of arbitrary code on the affected system...

7.5CVSS4.3AI score0.94928EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2018/10/07 12:0 a.m.•83 views

OMRON CX-One CX-FLnet Type Heap-based Buffer Overflow (CVE-2018-8834)

A heap-based overflow exists in OMRON CX-One CX-FLnet module. The vulnerability is due to input validation error when processing Type parameter of the FLN configuration file...

4.6CVSS3.9AI score0.00318EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/05/17 12:0 a.m.•84 views

Adobe Director Files (CVE-2010-0127; CVE-2010-0128; CVE-2010-0129; CVE-2010-0130; CVE-2010-0986; CVE-2010-0987; CVE-2010-1280; CVE-2010-1281; CVE-2010-1282; CVE-2010-1283; CVE-2010-1284; CVE-2010-1286; CVE-2010-1287; CVE-2010-1288; CVE-2010-1289; CVE-2010-1290; CVE-2010-1291; CVE-2010-1292)

Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. Multiple vulnerabilities have been identified in Adobe Shockwave Player. The vulnerabilities are due to...

9.3CVSS8.1AI score0.16637EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2005/02/01 12:0 a.m.•83 views

Microsoft Windows ANI File Parsing Buffer Overflow (MS05-002; CVE-2004-1049; CVE-2007-0038)

...

9.3CVSS6.4AI score0.7288EPSS
Exploits25
Check Point Advisories
Check Point Advisories
•added 2022/11/02 12:0 a.m.•82 views

AtomCMS SQL Injection (CVE-2022-24223)

An SQL injection vulnerability exists in AtomCMS. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

7.5CVSS3.6AI score0.61965EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2022/11/02 12:0 a.m.•82 views

TypeORM FindOne Authentication Bypass (CVE-2022-33171)

An authentication bypass vulnerability exists in TypeORM FindOne. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...

7.5CVSS6.2AI score0.20299EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2020/05/17 12:0 a.m.•82 views

TP-LINK Cloud Cameras Command Injection (CVE-2020-12111; CVE-2020-12109)

A command injection vulnerability exists in TP-LINK cloud cameras. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.7AI score0.74338EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2018/11/22 12:0 a.m.•82 views

Paloaltonetworks Panos Remote Code Execution (CVE-2017-15944) - Ver2

A remote code execution vulnerability exists in paloaltonetworks panos. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.5AI score0.9834EPSS
Exploits13
Check Point Advisories
Check Point Advisories
•added 2018/07/05 12:0 a.m.•82 views

Foxit Reader PDF Use After Free Code Execution (CVE-2018-9948)

A remote code execution vulnerability exists in Foxit Reader. The vulnerability is due to a use-after-free error in Foxit Reader while handling a specially crafted PDF file. Successful exploitation could lead to arbitrary code execution...

4.3CVSS4AI score0.64074EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2022/11/17 12:0 a.m.•81 views

CuppaCMS Remote Code Execution (CVE-2022-37190)

A remote code execution vulnerability exists in CuppaCMS. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

7AI score0.45769EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/10/23 12:0 a.m.•81 views

WordPress Email Template Designer Plugin Authentication Bypass (CVE-2022-0218)

An authentication bypass vulnerability exists in WordPress Email Template Designer. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...

4.3CVSS6.1AI score0.70511EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2022/05/15 12:0 a.m.•81 views

Jenkins Script Security Plugin Remote Code Execution (CVE-2019-1003029)

A remote code execution vulnerability exists in Jenkins Script Security Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS4.6AI score0.73854EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/09/26 12:0 a.m.•81 views

Advantech R-SeeNet ssh_form.php Cross-Site Scripting (CVE-2021-21800)

A cross-site scripting vulnerability exists in Advantech R-SeeNet. The vulnerability is due to improper input validation in sshform.php...

4.3CVSS5.7AI score0.14115EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/02/27 12:0 a.m.•81 views

Elog Project Denial of Service (CVE-2019-3995; CVE-2020-8859)

A denial of service vulnerability exists in Elog. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

5CVSS4.8AI score0.28547EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2019/10/16 12:0 a.m.•81 views

Atlassian Jira Service Desk Server and Data Center Path Traversal (CVE-2019-14994)

A directory traversal vulnerability exists in Atlassian Jira Service Desk Server and Data Center. The vulnerability is due to a lack of proper validation of a user-supplied path...

4.3CVSS4.3AI score0.05876EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2018/07/29 12:0 a.m.•81 views

XiongMai uc-httpd Buffer Overflow (CVE-2018-10088)

A remote code execution vulnerability exists in XiongMai uc-httpd. The vulnerability is due to a buffer overflow. Successful exploitation would allow an attacker to execute arbitrary code on the target...

10CVSS5.2AI score0.40386EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2016/08/15 12:0 a.m.•81 views

Symantec Endpoint Protection Manager Cross-Site Scripting (CVE-2016-3652)

A cross-site-scripting vulnerability has been reported in the Symantec Endpoint Protection Manager. The vulnerability is due to insufficient input validation on user-supplied input. A remote attacker could exploit this vulnerability by enticing authenticated users to click on a crafted link...

3.5CVSS3.4AI score0.02552EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/06/24 12:0 a.m.•81 views

MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution (CVE-2013-0230)

A stack buffer overflow has been reported in MiniUPnP 1.0 SOAP. The vulnerability is due to a boundary error when processing SOAPAction HTTP requests. A remote attacker can exploit this issue by sending specially crafted requests. Successful exploitation would allow an attacker to inject and...

10CVSS7.5AI score0.69151EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2012/01/17 12:0 a.m.•81 views

Adobe Reader and Acrobat Embedded BMP Memory Corruption (APSB12-01; CVE-2012-4373)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2011/11/01 12:0 a.m.•81 views

HP Data Protector Client EXEC_CMD Command Execution (CVE-2011-0923)

A remote code execution vulnerability has been reported in HP Data Protector. The vulnerability is due to insufficient input validation of arguments passed to the EXECCMD command. A remote attacker may exploit this vulnerability by sending a specially crafted request to an affected Data Protector...

10CVSS7.7AI score0.81081EPSS
Exploits30
Check Point Advisories
Check Point Advisories
•added 2010/07/26 12:0 a.m.•81 views

Microsoft Office Visio DXF File Inserting Buffer Overflow - Improved Performance (CVE-2010-1681)

A buffer overflow vulnerability exists in Microsoft Office Visio. The vulnerability is due to a boundary error when parsing DXF files inserted into Visio documents. This vulnerability may be exploited by remote attackers by enticing a user to open a maliciously crafted Visio file with a vulnerabl...

7.6CVSS6.6AI score0.67309EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2006/12/04 12:0 a.m.•81 views

Security Best Practice: SmartDefense Content Protection Defenses

The Content Protection defenses allow users of VPN-1 NGX R62, R61 and R60 to block malicious content over multiple protocols. The protection includes well known file types such as popular image files and Microsoft Office files that are prone to denial of service and remote code execution...

9.3CVSS7.1AI score0.53596EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2022/03/21 12:0 a.m.•80 views

Extensis Portfolio Multiple Vulnerabilities (CVE-2022-24251; CVE-2022-24252; CVE-2022-24253; CVE-2022-24254)

Multiple vulnerabilities exist in Extensis Portfolio. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary commands on the affected system...

6.5CVSS4.9AI score0.02415EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2019/01/03 12:0 a.m.•80 views

PhpSpreadsheet XML External Entity Injection (CVE-2018-19277)

An XML external entity injection vulnerability exists in PhpSpreadsheet library. The vulnerability is due to a failure to properly handle external entity references in XML files. A successful exploitation of this vulnerability could result in the disclosure of file contents from the target system...

6.8CVSS1AI score0.07791EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2018/11/13 12:0 a.m.•80 views

Advantech WebAccess Remote Code Execution (CVE-2018-15705; CVE-2018-15707)

An arbitrary file write and remote code execution vulnerabilities exist in Advantech WebAccess software. The vulnerabilities are due to the lack of input validation when processing the 'folderpath' parameter in an HTTP POST request. Successful exploitation could lead to remote code execution on t...

8.5CVSS2.4AI score0.12236EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2017/11/06 12:0 a.m.•80 views

Hikvision IP Cameras Authentication Bypass (CVE-2017-7921)

An information disclosure vulnerability exists in Hikvision IP cameras. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information and gain unauthorized access into the affected system...

4.5AI score0.99998EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2013/11/12 12:0 a.m.•80 views

Microsoft Graphics Device Interface Integer Overflow (MS13-089; CVE-2013-3901)

A remote code execution vulnerability has been reported in the Windows Graphics Device Interface GDI...

7.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/03/12 12:0 a.m.•80 views

Microsoft Windows Assembly Execution (MS12-005) - High Confidence (CVE-2012-0013)

A remote code execution vulnerability has been reported in Microsoft Windows Packager. The vulnerability is caused due to ClickOnce application file types not being included in the Windows Packager unsafe file type list. A remote attacker may exploit this issue by enticing a target user to open a...

9.3CVSS7.2AI score0.73753EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2012/10/14 12:0 a.m.•80 views

GE Proficy Historian KeyHelp ActiveX LaunchTriPane Remote Code Execution (CVE-2012-2516)

A remote code execution vulnerability has been reported in GE Proficy Historian...

7.4AI score0.39711EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2022/10/30 12:0 a.m.•79 views

Wordpress Email Template Designer Plugin Authentication Bypass (CVE-2022-0218)

An authentication bypass vulnerability exists in the Wordpress plugin "WordPress Email Template Designer - WP HTML Mail". The vulnerability is due to lack of authentication on REST-API endpoints created by the plugin...

4.3CVSS1.6AI score0.70511EPSS
Exploits3
Total number of security vulnerabilities5000