Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2018/05/13 12:0 a.m.•35 views

HPE Intelligent Management Center DBMan RestoreDBase MySQL Command Injection (CVE-2017-5819)

A command injection vulnerability exists in the dbman component of HPE Intelligent Management Center. The vulnerability exists due to missing validation when handling MySQL databases commands...

10CVSS9.3AI score0.18518EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/04/04 12:0 a.m.•35 views

Google Chrome Type Confusion (CVE-2018-6064)

A type confusion vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.1AI score0.06892EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/12/20 12:0 a.m.•35 views

Microsoft Internet Explorer Scripting Engine Information Disclosure (CVE-2017-11906)

An information disclosure vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to the way the scripting engine improperly handles objects in memory in Internet Explorer. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with ...

2.6CVSS5.5AI score0.25116EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2017/11/21 12:0 a.m.•35 views

Viscom Software Movie Player Pro SDK ActiveX Buffer Overflow (CVE-2010-0356)

A buffer overflow vulnerability has been reported in Viscom Software Movie Player Pro SDK. The vulnerability is due to mishandling of an overly long string. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.3AI score0.30383EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2017/10/16 12:0 a.m.•35 views

Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11799)

A Memory Corruption Vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine in Edge renders when handling objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...

7.6CVSS7.2AI score0.63675EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2017/09/25 12:0 a.m.•35 views

Elastic Elasticsearch Snapshot API Directory Traversal (CVE-2015-5531)

A directory traversal vulnerability exists in Elastic Elasticsearch. The vulnerability is due to insufficient validation on a user-supplied path when a request is sent to access a snapshot repository. A remote, unauthenticated attacker could exploit the vulnerability by sending crafted packets to...

5CVSS4.6AI score0.9175EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2017/08/28 12:0 a.m.•35 views

Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-8645)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the conte...

7.6CVSS8AI score0.69277EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2017/05/18 12:0 a.m.•35 views

Microsoft Windows EsteemAudit RDP Remote Code Execution (CVE-2017-0176; CVE-2017-9073)

A remote code execution vulnerability exist in Microsoft Remote Desktop Protocol RDP. The vulnerability is due to the Windows Smart Card logon mechanism allowing a buffer overflow. The Fuzzbunch tool allows attackers to execute this exploit. An attacker who successfully exploits this vulnerabilit...

9.3CVSS5AI score0.45927EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2017/04/30 12:0 a.m.•35 views

Zinf Audio Player PLS File Stack Buffer Overflow (CVE-2004-0964)

A stack buffer overflow vulnerability exists in Zinf Audio Player 2.2.1. The vulnerability is due to insufficient bounds checking on a PLS file. A remote attacker could exploit this vulnerability by enticing a victim to open a specially crafted PLS file. Successful exploitation could lead to...

10CVSS3.7AI score0.62678EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2017/02/27 12:0 a.m.•35 views

Microsoft Browser Memory Corruption (MS17-006: CVE-2017-0037)

A type confusion vulnerability exists in Microsoft Internet Explorer and Microsoft Edge. The vulnerability is due to an error in Microsoft Internet Explorer and Microsoft Edge while handling a specially crafted HTML file. A remote attacker can exploit this vulnerability by enticing a target user ...

7.6CVSS1.4AI score0.80386EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2017/01/26 12:0 a.m.•35 views

Aerospike Database Server Stack Buffer Overflow (CVE-2016-9052; CVE-2016-9054)

A memory corruption vulnerability has been reported in Aerospike Database Server. This vulnerability is due to improper bounds checking of user-supplied variable. A remote attacker could exploit these vulnerabilities by sending a maliciously crafted packet to the vulnerable server...

7.5CVSS4.2AI score0.077EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2016/08/09 12:0 a.m.•35 views

Microsoft Office Memory Corruption (MS16-099: CVE-2016-3316)

A memory corruption vulnerability has been reported in Microsoft Word. The application fails to properly handle certain objects in memory when parsing specially crafted files with a large sprmSDyaTop value. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to op...

9.3CVSS3.7AI score0.47194EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2016/01/12 12:0 a.m.•35 views

Microsoft Internet Explorer Memory Corruption (MS16-001: CVE-2016-0002)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

7.6CVSS8.1AI score0.23942EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•35 views

Microsoft Windows Media Center Remote Code Execution (MS15-134: CVE-2015-6131)

A flaw has been reported in Windows Media Center when parsing MCL files. This flaw could allow malicious users to execute arbitrary code on a target Windows system by enticing the victim to open a specially crafted Media Center file...

9.3CVSS7AI score0.30538EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•35 views

Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2432)

Remote code execution vulnerabilities exist in Microsoft Windows Graphics Component. The vulnerability is due to an error in the way Microsoft Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. A remote attacker can exploit this issue by enticing a victim to...

9.3CVSS6.9AI score0.30271EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/08/10 12:0 a.m.•35 views

TP-LINK WR1043N Multiple Cross-Site Request Forgery (CVE-2013-2645)

Multiple cross-site request forgery CSRF vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043NDV1120405 allow remote attackers to hijack the authentication of administrators for requests...

9.3CVSS6.9AI score0.03013EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/07/20 12:0 a.m.•35 views

HP LoadRunner launcher.dll Stack Buffer Overflow (CVE-2015-2110)

A stack buffer overflow vulnerability exists in HP LoadRunner. The vulnerability is due to insufficient validation of a length value in SSL communication with the HP LoadRunner. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted request to the vulnerab...

10CVSS6.8AI score0.10867EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•35 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1686)

A security feature bypass vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to JScript and VBScript engines not using Address Space Layout Randomization ASLR security feature when rendered in Internet Explorer. A remote attacker can exploit this issue by...

4.3CVSS6.2AI score0.16265EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/01 12:0 a.m.•35 views

Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX Control Buffer Overflow (CVE-2008-0955)

A remote code execution vulnerability has been reported inCreative Software AutoUpdate Engine. The vulnerability is due to boundary errors within the AutoUpdate Engine ActiveX control CTSUEng.ocx. A remote attacker can exploit this vulnerability by enticing a user to open a malicious web page...

9.3CVSS7.3AI score0.41231EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/23 12:0 a.m.•35 views

PHP-Fusion Multiple SQL Injections (CVE-2014-8596)

SQL injection vulnerability has been reported in PHP-Fusion. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS4.9AI score0.03255EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/12/01 12:0 a.m.•35 views

WinFTP Server NLST Command Denial of Service (CVE-2008-5666)

A denial of service vulnerability has been reported in WinFTP Server. The vulnerability is due to WinFTP Server failure to handle a NLST command when in PASV mode. A remote attacker can exploit this vulnerability by sending a specially crafted connection request to the vulnerable server...

3.5CVSS1.9AI score0.20591EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/11/10 12:0 a.m.•35 views

Joomla Component com_rokdownloads Local File Inclusion (CVE-2010-1056)

A file inclusion vulnerability has been reported in Joomla Com Rokdownloads. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.7AI score0.11414EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/09/28 12:0 a.m.•35 views

Splunk collect file Directory Traversal (CVE-2013-6771)

A directory traversal vulnerability has been found in Splunk. The vulnerability is due to insufficient sanitization of user-provided input to the advanced search functionality in the "file" parameter of the "collect" script...

9.3CVSS2.5AI score0.04804EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•35 views

Microsoft PowerPoint Techno-color Time Bandit Code Execution - Ver2 (CVE-2011-0655)

A code execution vulnerability has been reported in Microsoft PowerPoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.3AI score0.22593EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•35 views

Microsoft Excel SxView Record Parsing Memory Corruption (MS10-038) - Ver2 (CVE-2010-0821)

Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. Its native file format is the Binary Interchange File Format BIFF, which is available is several versions. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data an...

9.3CVSS6.7AI score0.24265EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•35 views

Microsoft Outlook AttachMethods Remote Code Execution - Ver2 (CVE-2010-0266)

A code execution inclusion vulnerability has been reported in Microsoft Office Outlook. The vulnerability is due to an error in Microsoft Office Outlook that fails to properly verify the file extension of an attachment in a specially crafted e-mail message. Successful exploitation of this...

7.3AI score0.55278EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•35 views

Apple Quicktime RTSP URL Buffer Overflow - Ver2 (CVE-2007-0015)

A buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to lack of boundary checks when processing the "rtsp://" URLs. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause...

7.5AI score0.48419EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•35 views

Apache Win32 DOS Batch File Arbitrary Command Execution - Ver2 (CVE-2002-0061)

A command execution vulnerability has been reported in Apache Software Foundation Apache HTTP Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.2AI score0.56701EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•35 views

Microsoft Office Smart Tag WordCount Memory Corruption - Ver2 (CVE-2008-2244)

A memory corruption vulnerability has been reported in July. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.3AI score0.32139EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•35 views

Microsoft Media Player HeaderExtensionObject Heap Overflow (MS09-052) - Ver2 (CVE-2009-2527)

ASF Advanced Systems Format is a file format that stores audio and video information and is specially designed to run over networks like the Internet. It is a compressed format that contains streaming audio, video, slide shows, and synchronized events. ASF enables content to be delivered as a...

9.3CVSS7AI score0.26901EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/06 12:0 a.m.•35 views

Cisco Prime Data Center Network Manager processImageSave.jsp Arbitrary File Upload (CVE-2013-5486)

An arbitrary file upload vulnerability exists in Cisco Prime Data Center Network Manager...

2.6AI score0.75962EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2013/10/27 12:0 a.m.•35 views

Microsoft Internet Explorer EUC-JP Character Encoding Cross Site Scripting (MS13-059; CVE-2013-3192)

A universal cross site scripting vulnerability exists in Microsoft Internet Explorer...

5.8AI score0.11469EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/10/27 12:0 a.m.•35 views

Novell Netware FTP Server DELE Command Stack Buffer Overflow (CVE-2010-4228)

A code execution vulnerability exists in Novell Netware...

7AI score0.14658EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/10/08 12:0 a.m.•35 views

Microsoft .NET Framework Entity Expansion Denial of Service (MS13-082; CVE-2013-3860)

A denial of service vulnerability exists in the .NET Framework...

6.2AI score0.31646EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•35 views

Sun Java Web Start Double Quote Injection (CVE-2012-1533)

A remote code execution vulnerability has been in Java Web Start...

6.1AI score0.68532EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/06/30 12:0 a.m.•35 views

Novell ZENworks Configuration Management File Upload (CVE-2013-1080)

A file upload vulnerability has been reported in Novel ZENworks Configuration Management...

6.5AI score0.77049EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2013/04/09 12:0 a.m.•35 views

Microsoft Windows RDP ActiveX Control Remote Code Execution (MS13-029; CVE-2013-1296)

A remote code execution vulnerability in the way the Remote Desktop ActiveX control, mstscax.dll, attempts to access an object in memory that has been deleted. An attacker could exploit this vulnerability by convincing the user to visit a specially crafted webpage. An attacker who successfully...

9.3CVSS7.2AI score0.20661EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/02/25 12:0 a.m.•35 views

Oracle Outside In CorelDRAW File Parser Heap Buffer Overflow (CVE-2013-0418)

A heap buffer overflow vulnerability exists in Oracle Outside In. The vulnerability is due to an error when processing Coords structure for loda chunks of type 3 Line/Curve. Remote attackers could exploit the vulnerability to inject and execute arbitrary code in the context of the vulnerable...

6.8CVSS7.5AI score0.08347EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2012/07/30 12:0 a.m.•35 views

LANDesk ThinkManagement Suite SetTaskLogByFile Arbitrary File Deletion (CVE-2012-1196)

A directory traversal vulnerability has been reported in LANDesk ThinkManagement Suite...

6.4AI score0.55495EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2012/07/23 12:0 a.m.•35 views

Microsoft Web Proxy TCP State Limited Denial of Service (MS09-016; CVE-2009-0077)

A denial of service vulnerability has been reported in Microsoft Internet Security and Acceleration ISA Server...

6.2AI score0.78496EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2011/11/15 12:0 a.m.•35 views

Multiple Products NCTAudioFile2 ActiveX Control Buffer Overflow (CVE-2007-0018)

A remote code execution vulnerability has been reported in the NCTAudioFile2 ActiveX control. The vulnerability is due to a data validation failure by the NCTAudioFile2 ActiveX control. A remote attacker may exploit this vulnerability by enticing an affected user to open a specially crafted...

9.3CVSS7.3AI score0.35162EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2011/11/01 12:0 a.m.•35 views

Zenturi ProgramChecker ActiveX Components ActiveX Controls Buffer Overflows (CVE-2007-2987)

Multiple buffer overflow vulnerabilities have been reported in Zenturi ProgramChecker. The vulnerabilities are due to a data validation failure, resulting in a buffer overflow. A remote attacker may exploit these vulnerabilities by enticing a target user to open a specially crafted HTML file...

9.3CVSS7.7AI score0.32704EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2011/05/02 12:0 a.m.•35 views

Apache HTTP Server mod_tcl Module Format String (CVE-2006-4154)

Apache HTTP server is the most widely deployed web server product on the Internet. Apache HTTP server is capable of running on many platforms, including Microsoft Windows and a wide variety of Unix-like platforms. The Apache HTTP server is very flexible and customizable in many aspects of its...

6.8CVSS7.3AI score0.15972EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2011/04/05 12:0 a.m.•35 views

Internet Explorer Layouts Handling Memory Corruption (MS11-018; CVE-2011-0094)

A remote code execution vulnerability has been reported in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. The vulnerability is due to a memory corruption error in Internet Explorer when handling layouts. To trigger this issue, an...

9.3CVSS7.6AI score0.21905EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2011/04/04 12:0 a.m.•35 views

Microsoft DNS Resolution LLMNR Query Remote Code Execution (MS11-030; CVE-2011-0657)

Link-local Multicast Name Resolution LLMNR is a new protocol that provides an additional method to resolve the names of neighboring computers. It is especially useful for networks that do not have a DNS server. LLMNR uses a simple exchange of request and reply messages to resolve computer names t...

7.5CVSS7.2AI score0.63335EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2011/03/09 12:0 a.m.•35 views

Novell GroupWise Internet Agent RRULE Parsing Buffer Overflow (CVE-2010-4326; CVE-2011-2662; CVE-2011-2663)

Novell GroupWise is a client-server collaborative software and email system provided by Novell. Novell GroupWise Internet Agent is a component of Novell GroupWise and provides email services, supporting SMTP, POP, and IMAP protocols. A buffer overflow vulnerability has been reported in Novell...

10CVSS7.5AI score0.10245EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2011/02/24 12:0 a.m.•35 views

HP OpenView NNM nnmRptconfig.exe schdParams and nameParams Buffer Overflow (CVE-2011-0267)

The Network Node Manager NNM is an HP OpenView product which manages networks. It determines and displays physical and logical connectivity in networks, as well as information referring to protocols running over the network. A buffer overflow vulnerability has been reported in the HP OpenView...

10CVSS7.3AI score0.7166EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2010/12/14 12:0 a.m.•35 views

Microsoft Office Publisher pubconv.dll Size Value Heap Corruption (MS10-103; CVE-2010-2569)

Microsoft Publisher is a desktop publishing application for creating marketing materials, managing customer lists and more. The vulnerability is due to an error in pubconv.dll, Publisher Converter DLL that is used to open Publisher files created in versions earlier than Microsoft Publisher 2007. ...

9.3CVSS6.7AI score0.21001EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/11/09 12:0 a.m.•35 views

Microsoft Word Unchecked Index Value Remote Code Execution (MS10-079; CVE-2010-2750)

Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in the way that Microsoft Word handles index values inside a specially crafted Word file. The vulnerability is due to an error in Microsoft Word that fails to properly parse specially...

9.3CVSS7.1AI score0.20833EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2010/11/02 12:0 a.m.•35 views

CA Alert Notification Server RPC Request Buffer Overflow (CVE-2007-3825)

Computer Associates, or CA, develop and sell various software to enterprise users. Several products, such as the Threat Manager, Protection Suites, and BrightStor ARCserve Backup share a set of common components. One of these common component is the Alert Notification Server. This component is ru...

9.3CVSS8AI score0.14029EPSS
Exploits5
Total number of security vulnerabilities5000