Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•39 views

Microsoft Windows Library Loading Remote Code Execution (MS15-132: CVE-2015-6133)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to the way Windows improperly validates input before loading libraries. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted file...

7.2CVSS6.9AI score0.66581EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/10/26 12:0 a.m.•39 views

GnuTLS DistinguishedName Decoding Double Free (CVE-2015-6251)

A double-free vulnerability has been reported in GnuTLS. The vulnerability is due to an error within gnutlsx509dntostring while processing very long Distinguished Name values in X.509 certificates. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted certificate ...

5CVSS2.9AI score0.1903EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/10/18 12:0 a.m.•39 views

Websense Triton Content Manager handle_debug_network Stack Buffer Overflow (CVE-2015-5718)

A stack buffer overflow vulnerability exists in Websense Triton Content Manager. The vulnerability is due to calling "strcpy" without boundary checking. A remote unauthenticated attacker can overflow the "dest" buffer in "handledebugnetwork"...

4CVSS3.9AI score0.01842EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/08/10 12:0 a.m.•39 views

ManageEngine Multiple Products Multiple SQL Injections (CVE-2014-7868)

An SQL injection vulnerability exists in ManageEngine OpManager, Social IT Plus and IT360. The vulnerability is due to insufficient input validation of the OPMBVNAME parameter when processing requests using the APMBVHandler servlet. A remote attacker can exploit this vulnerability to inject and...

7.5CVSS4.8AI score0.73323EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2015/03/29 12:0 a.m.•39 views

Samsung iPOLiS Device Manager WriteConfigValue Stack Buffer Overflow (CVE-2015-0555)

A stack-based buffer overflow vulnerability exists in Samsung iPOLiS Device Manager. The vulnerability is due to insufficient input validation of a parameter passed to WriteConfigValue of the XnsSdkDeviceIpInstaller ActiveX control. A remote attacker can exploit this vulnerability by enticing a...

6.8CVSS4.2AI score0.06388EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•39 views

Microsoft IIS 5.0 ISAPI Internet Printing Protocol Extension Buffer Overflow - Ver2 (CVE-2001-0241)

A buffer overflow in this extension IIS 5.0 can permit remote attackers to execute arbitrary code on the web server with the same privileges as the web server. The ISAPI .printer extension permits the submitting and controlling of print jobs over HTTP. There exists an unchecked buffer in the Host...

10CVSS7.7AI score0.87032EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•39 views

SOAPUI Remote Code Execution - Ver2 (CVE-2014-1202)

A code execution vulnerability has been reported in Eviware SoapUI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.5AI score0.07673EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•39 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0037)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.26709EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/14 12:0 a.m.•39 views

Advantech ADAMView Conditional Bitmap Remote Code Execution (CVE-2014-8386)

A stack-buffer overflow has been reported in Advantech ADAMView. The vulnerability is due to insufficient validation of conditional bitmaps from a file...

7.5CVSS3.8AI score0.05921EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•39 views

VLC Media Player ABC File Parsing Buffer Overflow - Ver2 (CVE-2013-4233)

A buffer overflow vulnerability has been reported in VLC Media Player's ABC file parsing. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

6.8CVSS7.4AI score0.04083EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•39 views

Rocket Servergraph Admin Center fileRequestor Directory Traversal - Ver2 (CVE-2014-3914)

A code execution vulnerability exists in Rocket Servergraph Admin Center. The vulnerability occurs when making an HTTP POST request to the URI /SGPAdmin/fileRequest with the parameters cmd=writeDataFile, cmd=run, cmd=runClear or cmd=del, which can be present in the Body of the request. A remote...

10CVSS2.6AI score0.72606EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•39 views

Microsoft Host Integration Server Remote Command Execution (MS08-059) - Ver2 (CVE-2008-3466)

Microsoft Host Integration Server HIS is a gateway application that provides host access and integration, extending Microsoft Windows to other systems by integrating mission-critical host applications, data sources, messaging, and security systems. . A remote code execution vulnerability has been...

10CVSS7.6AI score0.77741EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/06/15 12:0 a.m.•39 views

SePortal staticpages SQL Injection (CVE-2008-5191)

An SQL injection vulnerability has been reported in SePortal. A remote attacker may exploit this issue by executing arbitrary SQL commands via the pollid parameter to pool.php and the spid parameter to staticpages.php. Successful exploitation could cause an SQL statement execution on the server,...

7.5CVSS7.8AI score0.17581EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/06/08 12:0 a.m.•39 views

GnuTLS X.509 Version 1 Intermediate Certificate Policy Bypass (CVE-2014-1959)

A policy-bypass vulnerability has been found in GnuTLS. The vulnerability is due to an error in lib/x509/verify.c where an X.509 version 1 certificate is incorrectly treated as an intermediate CA certificate. A remote attacker could exploit this vulnerability to bypass certificate validation...

4.7AI score0.03416EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•39 views

ProShow Gold file based Buffer Overflow - Ver2 (CVE-2009-3214)

A buffer overflow vulnerability has been reported in Photodex Proshow Gold. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.6AI score0.30787EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•39 views

Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (MS07-061) - Ver2 (CVE-2007-3896)

Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in Microsoft Windows Internet Explorer 7. The vulnerability occurs when Windows does not correctly handle specially crafted URLs or URIs that are passed to it. There are a...

9.3CVSS7.2AI score0.53831EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•39 views

Microsoft Excel Column Record Handling Memory Corruption (MS07-002) - Ver2 (CVE-2007-0030)

Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...

9.3CVSS7.4AI score0.32093EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•39 views

Zavio IP Camera Firmware 1.6.03 Authentication Bypass - Ver2 (CVE-2013-2567)

An authentication bypass vulnerability has been reported in the Zavio IP Camera firmware. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information and gain unauthorized access into the affected system...

8.7AI score0.14572EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•39 views

Microsoft Word Section Table Array Buffer Overflow - Ver2 (CVE-2007-0515)

A buffer overflow vulnerability has been reported in Microsoft Office Word. The vulnerability is due to a flaw in the Section Table entry inside the Table Stream structure. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.4AI score0.3816EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•39 views

KingView ActiveX Control Directory Traversal - Ver2 (CVE-2013-6128)

A directory traversal vulnerability has been reported in Wellintech Kingview. Successful exploitation of this vulnerability would allow a remote attacker to list directories, create arbitrary files and subsequently execute arbitrary code on the affected system...

5.8CVSS7.2AI score0.02753EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•39 views

Microsoft Windows Embedded OpenType Font Engine LZCOMP Integer Overflow - Ver2 (CVE-2010-0018)

An integer overflow vulnerability has been reported in Microsoft Windows Embedded OpenType Font Engine. The vulnerability is due to insufficient validation while processing an EOT font. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...

7.2AI score0.26523EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/04 12:0 a.m.•39 views

WordPress Plugin AdRotate SQL Injection (CVE-2014-1854)

An SQL injection vulnerability has been reported in the AdRotate plugin for WordPress. Remote attacker can exploit this vulnerability to execute arbitrary SQL commands on the target...

7.5CVSS8.2AI score0.05412EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•39 views

B-net Software Content Management System shout.php name Parameter XSS - Ver2 (CVE-2006-0078)

A cross-site scripting vulnerability has been reported in Haddad Said B-net Software 1.0. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

5.9AI score0.01762EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/02/03 12:0 a.m.•39 views

Novell Client EnumPrinters Buffer Overflow - Ver2 (CVE-2008-0639)

A buffer overflow vulnerability has been reported in Novell Client. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5AI score0.23186EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/01/28 12:0 a.m.•39 views

G-neric Generic MembreManager.php include-path Parameter PHP Code Execution - Ver2 (CVE-2007-0584)

A code execution vulnerability has been reported in G-neric Php Generic Library And Framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.4AI score0.69951EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/09/29 12:0 a.m.•39 views

XnView PCT File Processing Buffer Overflow (CVE-2013-2577)

A buffer overflow vulnerability exists in XnView. The vulnerability is due to a boundary error in processing image data in certain PCT files. An attacker can exploit this vulnerability by enticing a user to open a maliciously crafted file. A successful attack can lead to arbitrary code execution ...

9.3CVSS9.5AI score0.11839EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•39 views

Multiple DNS NO SUCH NAME Error Responses (CVE-2012-0006)

The Domain Name System DNS is an hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. When a DNS client needs to look up a name used in a program, it queries DNS servers to resolve the name. If the query names are...

5CVSS6.2AI score0.31083EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•39 views

Tiki Wiki PHP unserialize() Remote Code Execution (CVE-2012-0911)

A remote code execution vulnerability has been reported in Tiki Wiki...

7.4AI score0.62989EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2013/08/16 12:0 a.m.•39 views

Non Compliant SSL (CVE-2003-0719; CVE-2004-0826)

A vulnerability exists in SSL library. Remote attacker could construct a specially crafted SSL negotiation packet that could cause the library to crash...

7.5CVSS6.1AI score0.83412EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2013/05/29 12:0 a.m.•39 views

Mutiny FrontEnd Arbitrary File Read and Delete (CVE-2013-0136)

A directory traversal vulnerability has been reported in EditDocument servlet from the frontend on the Mutiny 5 appliance. Commands for UPLOAD, DELETE, CUT and COPY are all vulnerable to directory traversal attacks...

8.5CVSS6.3AI score0.40338EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2013/05/05 12:0 a.m.•39 views

Microsoft Internet Explorer 8 Use After Free Code Execution - Zero Day (CVE-2013-1347)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer 8. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

7.3AI score0.77889EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2013/03/21 12:0 a.m.•39 views

SCADA DaqFactory HMI NETB Request Overflow (CVE-2011-3492)

Stack-based buffer overflow has been reported in Azeotech DAQFactory. The vulnerability is due to insufficient validation of incoming NETB requests to UDP port 20034. A remote attacker could exploit this vulnerability by sending a malicious request to the affected service. Successful exploitation...

10CVSS7.3AI score0.70909EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2012/11/25 12:0 a.m.•39 views

Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload (CVE-2012-0299)

An arbitrary code execution vulnerability has been reported in the management GUI in Symantec Web Gateway...

7.3AI score0.64061EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2012/09/19 12:0 a.m.•39 views

Internet Explorer execCommand Use-After-Free (CVE-2012-4969)

A use-after-free vulnerability has been reported in Microsoft Internet Explorer...

6.3AI score0.81716EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2012/03/19 12:0 a.m.•39 views

Novell ZENworks LaunchHelp.dll ActiveX Control Code Execution (CVE-2011-2657)

A remote code execution vulnerability has been reported in Novell ZENworks ActiveX control...

7.4AI score0.48366EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2011/10/11 12:0 a.m.•39 views

Internet Explorer Option Element Memory Corruption (MS11-081; CVE-2011-1996)

A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer attempts to access objects that have not been initialized or have been deleted. A remote attacker could trigger this vulnerability by enticing an...

9.3CVSS7.2AI score0.60456EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2011/03/15 12:0 a.m.•39 views

Microsoft Windows Common Control Library Heap Buffer Overflow (MS10-081; CVE-2010-2746)

The common controls are a set of windows that are implemented by the common control library, Comctl32.dll, which is a DLL included with the Windows operating system. Like other control windows, a common control is a child window that an application uses in conjunction with another window to enabl...

7.6CVSS8AI score0.36238EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/10/28 12:0 a.m.•39 views

Adobe Shockwave Player CSWV Record Length Memory Corruption (APSB10-25; CVE-2010-4087)

Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. A memory corruption vulnerability has been identified in Adobe Shockwave Player. The vulnerability is due t...

9.3CVSS6.4AI score0.04295EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/10/12 12:0 a.m.•39 views

Workaround for Microsoft Embedded OpenType Font Engine Integer Overflow Vulnerability (MS10-076)

A remote code execution vulnerability has been reported in the way Microsoft Windows Embedded OpenType EOT font technology parses certain tables in specially crafted embedded fonts. Embedded OpenType EOT fonts are a compact form of fonts designed for use on web pages. A remote attacker can exploi...

9.3CVSS7.3AI score0.23344EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2010/06/23 12:0 a.m.•39 views

Sun Java Runtime Environment Abstract Windowing Toolkit Memory Corruption (CVE-2008-5359)

There exists a buffer overflow vulnerability in Sun Java Runtime Environment JRE. The vulnerability is caused due to improper checking of parameters passed to natively implemented class methods. A remote attacker may leverage this vulnerability to inject and execute arbitrary code on the target...

9.3CVSS8.4AI score0.10784EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2010/05/11 12:0 a.m.•39 views

Microsoft Visual Basic VBE6.DLL Stack Memory Corruption (MS10-031; CVE-2010-0815)

Microsoft Visual Basic VBA is a technology for developing client desktop packaged applications and integrating them with existing data and systems. Microsoft Office products include VBA and make use of VBA to perform certain functions. A remote code execution vulnerability has been reported in th...

9.3CVSS7.6AI score0.22364EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2010/05/02 12:0 a.m.•39 views

Novell Netware FTP Server Remote Stack Buffer Overflow (CVE-2010-0625)

Novell Netware is a network operating system developed by Novell. It provides file sharing and other services such as printing and email. Netware FTP Server software supplies service for transferring files to and from Netware volumes. File transfers can be performed using any FTP client. A buffer...

6.5CVSS7.1AI score0.05089EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2010/02/18 12:0 a.m.•39 views

Microsoft ISAPI W3Who Library Buffer Overflow (CVE-2004-1134)

The W3Who dynamically linked library DLL, when used in the context of an IIS HTTP server, provides various information about the current HTTP client, as well as the current running environment. It is included with the Internet Services Application Programming Interface ISAPI and is meant to be us...

10CVSS7.3AI score0.72326EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2010/02/02 12:0 a.m.•39 views

Oracle Database Server Workspace Manager Multiple SQL Injection (CVE-2008-3982)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e., procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...

5.5CVSS7.7AI score0.1143EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2010/02/02 12:0 a.m.•39 views

Microsoft Windows GDIplus PNG Chunk Processing Integer Overflow (MS09-062; CVE-2009-2501; CVE-2013-1331)

An integer overflow vulnerability exists in Microsoft Windows GDI+. The vulnerability is due to lack of input validation when Microsoft Windows GDI+ handles PNG files. A remote attacker can exploit this vulnerability by enticing the target to open a specially crafted PNG file. Successful...

9.3CVSS9.5AI score0.81877EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2009/12/12 12:0 a.m.•39 views

Update Protection against IBM Tivoli Storage Manager Client CAD Service Buffer Overflow

A buffer overflow vulnerability exists in IBM Tivoli Storage Manager Client software, a backup designed to protect data from failures and other errors by storing backups and archiving data. The vulnerability is due to a boundary error in the Client Acceptor Daemon CAD service while processing a...

9.3CVSS7.8AI score0.36717EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2009/11/09 12:0 a.m.•39 views

Ipswitch IMail Server Imailsec.dll Heap Buffer Overflow (CVE-2007-2795)

Ipswitch IMail server is a messaging service suite that supports numerous Internet standard electronic mail exchanging protocols. The IMail IMAP server is a server-side implementation of the IMAP protocol. There exists a heap overflow vulnerability in Ipswitch IMail Server IMAP component. The...

9CVSS7.9AI score0.24455EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2009/10/26 12:0 a.m.•39 views

Ipswitch IMail Web Calendaring Arbitrary File Read (CVE-2005-1252)

The Ipswitch IMail Server product contains a variety of server components. These components include POP3, SMTP, IMAP, and a Web Calendaring server. The IMail Web Calendaring server provides functions for users to store schedules, set appointments, and send reminder information using HTTP protocol...

5CVSS6.2AI score0.12499EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2009/09/08 12:0 a.m.•39 views

Microsoft Windows MP3 File Media Playback Memory Corruption (MS09-047; CVE-2009-2499)

MPEG-1 Audio Layer 3 MP3 is a file format which uses lossy compression to compress audio information. A remote code execution vulnerability has been reported in the way Microsoft Windows handles specially crafted MP3 media files. The vulnerability is due the Windows component responsible for...

8.5CVSS7.4AI score0.15546EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2009/07/28 12:0 a.m.•39 views

Internet Explorer Memory Corruption (MS09-034; CVE-2009-1917)

Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability exists in the way that Internet Explorer handles a memory object. When Internet Explorer attempts to access an object that has been deleted, memory may be corrupted in such a way that an...

9.3CVSS7.5AI score0.27472EPSS
Exploits1
Total number of security vulnerabilities5000