Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

checkpoint_advisories
checkpoint_advisories
•added 2015/03/02 12:0 a.m.•66 views

ManageEngine Multiple Products FailOverHelperServlet copyfile Information Disclosure (CVE-2014-7863)

An information disclosure vulnerability exists in ManageEngine OpManager, Applications Manager and IT360. The vulnerability is due to lack of authentication and insufficient input validation of the a parameter sent to FailOverHelperServlet in HTTP requests. A remote unauthenticated attacker can...

5CVSS1.4AI score0.83399EPSS
Exploits11
checkpoint_advisories
checkpoint_advisories
•added 2014/07/28 12:0 a.m.•66 views

Western Digital Arkeia Remote Code Execution (CVE-2014-2846)

A remote code execution vulnerability has been reported in WD Arkeia appliance. A remote attacker may exploit this vulnerability by uploading a malicious php file using the lang cookie in order to parse this file. Successful exploitation could result in an arbitrary code execution...

7.5CVSS7AI score0.08828EPSS
Exploits6
checkpoint_advisories
checkpoint_advisories
•added 2013/11/04 12:0 a.m.•66 views

Corel PDF Fusion XPS Stack Buffer Overflow (CVE-2013-3248)

A code execution vulnerability exists in Corel PDF Fusion...

7AI score0.18483EPSS
Exploits8
checkpoint_advisories
checkpoint_advisories
•added 2013/10/27 12:0 a.m.•66 views

HP ProCurve Manager SNAC UpdateDomainControllerServlet Code Execution (CVE-2013-4811)

A vulnerability has been reported in HP ProCurve Manager SNAC...

6.3AI score0.71293EPSS
Exploits6
checkpoint_advisories
checkpoint_advisories
•added 2013/08/25 12:0 a.m.•66 views

Novell ZENworks Mobile Management MDM.php Code Execution (CVE-2013-1081)

A code execution vulnerability has been reported in ZENworks' Mobile Management system...

7AI score0.68079EPSS
Exploits10
checkpoint_advisories
checkpoint_advisories
•added 2012/06/12 12:0 a.m.•66 views

Internet Explorer Col Element Remote Code Execution (MS12-037; CVE-2012-1876)

A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer attempts to access a non-existent object. A remote attacker could trigger this vulnerability by enticing an unsuspecting victim to open a specially...

9.3CVSS7.1AI score0.64962EPSS
Exploits27
checkpoint_advisories
checkpoint_advisories
•added 2012/05/14 12:0 a.m.•66 views

Apache Struts 2 ParametersInterceptor OGNL Command Execution (CVE-2011-3923)

A command execution vulnerability has been reported in Apache Struts 2...

9.1AI score0.88829EPSS
Exploits16
checkpoint_advisories
checkpoint_advisories
•added 2011/02/08 12:0 a.m.•66 views

CA ARCserve D2D Axis2 Default Credentials Remote Code Execution (CVE-2010-0219)

CA ARCserve D2D is a disk-based backup solution that allows protecting and recovering business data on both physical and virtual servers. It includes a web 2.0 interface that proactively delivers updates. A remote code execution vulnerability has been reported in CA ARCserve D2D. The vulnerabilit...

10CVSS7.6AI score0.89871EPSS
Exploits17
checkpoint_advisories
checkpoint_advisories
•added 2010/12/02 12:0 a.m.•66 views

Microsoft PowerPoint Legacy File Parsing Memory Corruption (MS10-088; CVE-2010-2572)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file A remote code execution vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to an integer underflo...

9.3CVSS7.5AI score0.62598EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2010/08/03 12:0 a.m.•66 views

CA XOsoft Multiple Products xosoapapi.asmx Buffer Overflow (CVE-2010-1223)

CA ARCserve Backup products offer data protection for distributed servers, clients, databases and applications. They provide centralized control over a series of distributed operations including backup and restore, data migration, and threat management. A buffer overflow vulnerability has been...

10CVSS7.4AI score0.16755EPSS
Exploits5
checkpoint_advisories
checkpoint_advisories
•added 2010/02/03 12:0 a.m.•66 views

Microsoft Windows Win32k EOT Parsing Integer Overflow (MS09-065; CVE-2009-2514)

Microsoft Windows kernel, the core of the operating system, contains a device driver win32k.sys. This device driver is an important component that controls window displays, receives keyboard and device input, offers functions for graphic output devices, and provides many other valuable services...

9.3CVSS6.8AI score0.47489EPSS
Exploits7
checkpoint_advisories
checkpoint_advisories
•added 2009/12/16 12:0 a.m.•66 views

Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow (CVE-2009-3031; CVE-2009-3033)

Symantec Altiris Deployment Solution software provides tools to deploy software on desktops and servers. It runs on Windows platforms, offering Operating System OS deployment, configuration, software deployment across hardware platforms and OS types, among other tasks. This product can be used...

9.3CVSS7.5AI score0.45435EPSS
Exploits26
checkpoint_advisories
checkpoint_advisories
•added 2009/11/19 12:0 a.m.•66 views

Update Protection against HP Power Manager Remote Code Execution

A remote code execution vulnerability exists within HP Power Manager, a web-based application for managing a HP Uninterruptible Power System UPS. The vulnerability is due to insufficient bounds checking in the HP Power Manager while processing URL parameters in the login form of the web based...

10CVSS7.5AI score0.76706EPSS
Exploits9
checkpoint_advisories
checkpoint_advisories
•added 2009/07/15 12:0 a.m.•66 views

ASPX Spy (CVE-2008-1436; CVE-2009-0078; CVE-2009-0079; CVE-2009-0080)

ASPX Spy, is an ASPX program that allows easy control over a compromised web server. Using this program, an attacker can upload files through the web browser and execute them. A remote attacker may exploit web application vulnerabilities that will allow him to upload the ASPX Spy tool to a target...

9CVSS7AI score0.36829EPSS
Exploits5
checkpoint_advisories
checkpoint_advisories
•added 2009/01/15 12:0 a.m.•66 views

Update Protection against Roundcubemail PHP Arbitrary Code Injection

A vulnerability has been identified in RoundCube Webmail, a browser-based IMAP client. The vulnerability could be triggered via a specially crafted POST request to compromise a vulnerable web server...

10CVSS6.2AI score0.54003EPSS
Exploits15
checkpoint_advisories
checkpoint_advisories
•added 2007/02/13 12:0 a.m.•66 views

Sun Solaris Telnet Service Unauthorized Remote Login (CVE-2007-0882)

A vulnerability has been reported in Sun Solaris telnet daemon. The vulnerability is due to an error in the Sun Solaris telnet daemon in.telnetd that fails to properly validate authentication information prior to passing it to the 'login' process. An attacker can exploit this flaw to bypass...

10CVSS6.8AI score0.97848EPSS
Exploits13
checkpoint_advisories
checkpoint_advisories
•added 2022/11/13 12:0 a.m.•65 views

D-Link Central WiFiManager CWM-100 Remote Code Execution (CVE-2019-13372)

A remote code execution vulnerability exists in D-Link Central WiFiManager CWM-10. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.5AI score0.80682EPSS
Exploits4
checkpoint_advisories
checkpoint_advisories
•added 2022/11/10 12:0 a.m.•65 views

Part-DB Project Unrestricted File Upload (CVE-2022-0848)

An unrestricted file upload vulnerability exists in Part-DB Project. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5AI score0.35436EPSS
Exploits5
checkpoint_advisories
checkpoint_advisories
•added 2022/10/31 12:0 a.m.•65 views

Advantech iView Command Injection (CVE-2022-2143)

A command injection vulnerability exists for Advantech iView. This vulnerability is due to improper input validation of the backupfilename parameter while updating NetworkServlet database...

3.3AI score0.59184EPSS
Exploits4
checkpoint_advisories
checkpoint_advisories
•added 2021/11/09 12:0 a.m.•65 views

Microsoft Defender Remote Code Execution (CVE-2021-42298)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS8.1AI score0.05293EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2021/04/25 12:0 a.m.•65 views

WordPress Super Cache Plugin Remote Code Execution (CVE-2021-24209)

A remote code execution vulnerability exists inWordPress Super Cache Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.1AI score0.23844EPSS
Exploits3
checkpoint_advisories
checkpoint_advisories
•added 2021/02/15 12:0 a.m.•65 views

Apache Druid Remote Code Execution (CVE-2021-25646)

A remote code execution vulnerability exists in Apache Druid. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.8AI score0.99301EPSS
Exploits7
checkpoint_advisories
checkpoint_advisories
•added 2020/05/17 12:0 a.m.•65 views

TP-LINK Cloud Cameras Command Injection (CVE-2020-12111; CVE-2020-12109)

A command injection vulnerability exists in TP-LINK cloud cameras. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.7AI score0.74338EPSS
Exploits10
checkpoint_advisories
checkpoint_advisories
•added 2017/08/28 12:0 a.m.•65 views

Microsoft Browser Scripting Engine Memory Corruption (CVE-2017-8636)

A memory corruption vulnerability exists in Microsoft browser. The vulnerability is due to an error in the way that Microsoft browser accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a specially...

7.6CVSS7.5AI score0.72116EPSS
Exploits9
checkpoint_advisories
checkpoint_advisories
•added 2014/01/07 12:0 a.m.•65 views

Oracle Database Server Network Authentication AUTH_SESSKEY Buffer Overflow - Ver2 (CVE-2009-1979)

Oracle Database Server is an enterprise-level relational database application suite. A buffer overflow vulnerability exists in the Oracle Database server, the vulnerability is due to an error in the Oracle Database server that fails to sufficiently validate the length field of the AUTHSESSKEY...

10CVSS7.5AI score0.76361EPSS
Exploits11
checkpoint_advisories
checkpoint_advisories
•added 2010/10/04 12:0 a.m.•65 views

Adobe Shockwave Player Director File FFFFFF88 Record Integer Overflow (CVE-2010-2876; CVE-2010-4192)

Adobe Shockwave is a multimedia player that allows users to view interactive web content such as games, business presentations, entertainment, and advertisements from the web browser. It allows Adobe Director applications to be published on the Internet and viewed in a web browser on systems whic...

9.3CVSS7.3AI score0.06051EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2010/09/05 12:0 a.m.•65 views

Adobe ColdFusion Directory Traversal (APSB10-18; CVE-2010-2861)

Adobe ColdFusion is a rapid application development platform that includes advanced features for enterprise integration and development of rich Internet applications. A directory traversal vulnerability has been reported in Adobe ColdFusion. The vulnerability is due to a design weakness in the...

7.5CVSS9.6AI score0.99721EPSS
Exploits13
checkpoint_advisories
checkpoint_advisories
•added 2010/05/11 12:0 a.m.•65 views

Microsoft Outlook Express and Windows Mail Integer Overflow (MS10-030; CVE-2010-0816)

Windows Mail formerly Outlook Express is an online communication tool for use with Windows. A remote code execution vulnerability has been reported in the way that Windows Mail Client handles specially crafted mail responses. The vulnerability is caused when a common library used by Outlook Expre...

9.3CVSS7.7AI score0.20325EPSS
Exploits6
checkpoint_advisories
checkpoint_advisories
•added 2009/11/10 12:0 a.m.•65 views

Microsoft Office Excel Featheader Record Memory Corruption (MS09-067; CVE-2009-3129)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this...

9.3CVSS7.2AI score0.85731EPSS
Exploits10
checkpoint_advisories
checkpoint_advisories
•added 2005/02/01 12:0 a.m.•65 views

SSL - General Settings (CVE-2003-0719; CVE-2004-0826)

SSL Protections use a SSL protocol parser which uses a default port of TCP/443, but this port can be reconfigured...

7.5CVSS6.3AI score0.83412EPSS
Exploits9
checkpoint_advisories
checkpoint_advisories
•added 2022/11/13 12:0 a.m.•64 views

TP Link Wr940N Routers Buffer Overflow (CVE-2017-13772)

A buffer overflow vulnerability exists in TP Link Wr940N Firmware. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

9CVSS6.9AI score0.52559EPSS
Exploits8
checkpoint_advisories
checkpoint_advisories
•added 2021/12/16 12:0 a.m.•64 views

Dolibarr Website Builder Remote Code Execution (CVE-2021-33816)

A remote code execution vulnerability exists in Dolibarr Website Builder module. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.5AI score0.03815EPSS
Exploits3
checkpoint_advisories
checkpoint_advisories
•added 2021/11/17 12:0 a.m.•64 views

Froxlor SQL Injection (CVE-2021-42325)

An SQL injection vulnerability exists in Froxlor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS9.9AI score0.11812EPSS
Exploits4
checkpoint_advisories
checkpoint_advisories
•added 2021/08/26 12:0 a.m.•64 views

Omron CX-One Stack Buffer Overflow (CVE-2020-27261)

A stack-based overflow exists in the CX-Position module of OMRON CX-One. The vulnerability is due to input validation error when processing NCI configuration files...

6.8CVSS4.1AI score0.07612EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2021/03/16 12:0 a.m.•64 views

Doctor Appointment System SQL Injection (CVE-2021-27314; CVE-2021-27315; CVE-2021-27316)

An SQL injection vulnerability exists in Doctor Appointment System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.2AI score0.12394EPSS
Exploits5
checkpoint_advisories
checkpoint_advisories
•added 2021/02/01 12:0 a.m.•64 views

Laravel Ignition Remote Code Execution (CVE-2021-3129)

A remote code execution vulnerability exists in Laravel Ignition. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.9AI score0.99943EPSS
Exploits36
checkpoint_advisories
checkpoint_advisories
•added 2020/12/20 12:0 a.m.•64 views

Web Servers Cross-Site Scripting Attempt (CVE-2020-10820; CVE-2020-10821; CVE-2020-11930; CVE-2020-12256; CVE-2020-12259; CVE-2020-1943; CVE-2020-2096)

Remote attackers may attempt to exploit web servers vulnerable to cross-site scripting vulnerabilities. Successful exploitation could result in damaging user systems...

4.3CVSS3.2AI score0.97309EPSS
Exploits9
checkpoint_advisories
checkpoint_advisories
•added 2020/11/21 12:0 a.m.•64 views

SMA Solar Technology Sunny WebBox Cross-Site Request Forgery (CVE-2019-13529)

A cross-site request forgery vulnerability exists in SMA Solar Technology Sunny WebBox. A remote attacker can exploit this vulnerability by enticing a target authenticated user to visit a specially crafted page...

6.8CVSS8.2AI score0.03087EPSS
Exploits4
checkpoint_advisories
checkpoint_advisories
•added 2020/09/29 12:0 a.m.•64 views

PHP-Fusion Remote Command Execution (CVE-2020-24949)

A command execution vulnerability exists in PHP-Fusion. Successful exploitation of this vulnerability could allow a remote authenticated attacker to execute arbitrary commands on the affected system...

5.9AI score0.67289EPSS
Exploits4
checkpoint_advisories
checkpoint_advisories
•added 2020/08/17 12:0 a.m.•64 views

Roundcube Webmail Command Injection (CVE-2020-12641)

A command injection vulnerability exists in Roundcube Webmail . Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.7AI score0.84456EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2020/03/17 12:0 a.m.•64 views

Microsoft SQL Server Remote Code Execution (CVE-2020-0618)

A remote code execution vulnerability exists in Microsoft SQL server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.8AI score0.99022EPSS
Exploits14
checkpoint_advisories
checkpoint_advisories
•added 2020/02/05 12:0 a.m.•64 views

Redis Buffer Overflow (CVE-2019-10192; CVE-2019-10193)

A buffer overflow vulnerability exists in Redis. Successful exploitation of this vulnerability could result in the execution of arbitrary code on the affected system...

6.5CVSS4.8AI score0.26048EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2019/11/26 12:0 a.m.•64 views

OMRON CX-One CX-Protocol Type Confusion (CVE-2018-19027)

A type confusion vulnerability exists in OMRON CX-One CX-Protocol. This vulnerability occurs due to improper parsing of the project file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS6.8AI score0.01424EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2019/07/07 12:0 a.m.•64 views

Schneider Electric Modicon Multiple Information Disclosure Vulnerabilities (CVE-2018-7844; CVE-2018-7845; CVE-2019-6806)

Multiple information disclosure vulnerabilities exist in Schneider Electric Modicon. Successful exploitation of those vulnerabilities would allow a remote attacker to obtain sensitive information...

5CVSS2.6AI score0.03413EPSS
Exploits3
checkpoint_advisories
checkpoint_advisories
•added 2018/05/14 12:0 a.m.•64 views

OMRON CX-One CX-FLnet Version and Node Name Heap-based Buffer Overflow (CVE-2018-8834)

A heap-based overflow exists in OMRON CX-One CX-FLnet module. The vulnerability is due to input validation error when processing Version and Node Name parameter of the FLN configuration file. A remote attacker could exploit these vulnerabilities by enticing a target user into opening a maliciousl...

4.6CVSS5.2AI score0.00318EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2016/05/10 12:0 a.m.•64 views

Microsoft Internet Explorer Memory Corruption (MS16-051: CVE-2016-0189)

A use after free vulnerability exists in Microsoft Internet Explorer. The root cause is a heap corruption when dealing with a corrupted VBScript array size. A successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system...

7.6CVSS3.6AI score0.93165EPSS
Exploits10
checkpoint_advisories
checkpoint_advisories
•added 2015/03/26 12:0 a.m.•64 views

Persistent Systems Radia Client Automation Command Execution - Ver2 (CVE-2015-1497)

A command execution vulnerability exists in Persistent Systems Radia Client Automation. The vulnerability is due to missing authentication while processing requests to the radexecd process. A remote unauthenticated attacker can exploit this vulnerability by sending crafted requests to the affecte...

10CVSS6.6AI score0.75116EPSS
Exploits16
checkpoint_advisories
checkpoint_advisories
•added 2013/10/06 12:0 a.m.•64 views

Foreman Red Hat OpenStack bookmarks Code Injection (CVE-2013-2121)

A remote code execution vulnerability has been reported in ForemanRed Hat OpenStack. The vulnerability is due to improper sanitization of certain parameters. A remote attacker can exploit this issue by sending a specially crafted packet to the target server. Successful exploitation would allow an...

6CVSS7.7AI score0.24782EPSS
Exploits5
checkpoint_advisories
checkpoint_advisories
•added 2013/06/06 12:0 a.m.•64 views

Novell ZENworks Asset Management Directory Traversal (CVE-2011-2653)

A Directory Traversal vulnerability has been reported in the Novell ZENworks Asset Management. The vulnerability is due to insufficient input validation when parsing the FileUpload parameter. A remote attacker can exploit this issue by sending a specially crafted packet to the target server...

10CVSS6.8AI score0.73929EPSS
Exploits10
checkpoint_advisories
checkpoint_advisories
•added 2013/05/14 12:0 a.m.•64 views

Internet Explorer VML Objects Use After Free (MS13-037; CVE-2013-2551)

A buffer overflow vulnerability exists in Internet Explorer while accessing a dynamic array of attributes of a VML shape object. The vulnerability may lead to memory corruption in such a way that will allow code execution in the context of the current user...

8.7AI score0.74096EPSS
Exploits9
Total number of security vulnerabilities5000