Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

checkpoint_advisories
checkpoint_advisories
•added 2009/09/17 12:0 a.m.•27 views

Novell GroupWise Email Address Processing Buffer Overflow (CVE-2009-1636)

Novell GroupWise is a client-server collaborative software and email system provided by Novell. A buffer overflow vulnerability has been reported in Novell GroupWise Internet Agent GWIA software.The vulnerability is due to an error while processing specially crafted SMTP requests.Specifically, th...

10CVSS7.6AI score0.08435EPSS
Exploits5
checkpoint_advisories
checkpoint_advisories
•added 2009/06/28 12:0 a.m.•27 views

Sun Solaris sadmind RPC Request Buffer Overflow (CVE-2008-3869; CVE-2008-3870)

sadmind is a daemon used to control the servers running Sun Solaris operating system. A buffer overflow vulnerability was identified in the sadmind service within the Sun Solaris operating system. The vulnerability is triggered in sadmind when decoding request parameters. This can be exploited to...

10CVSS6.6AI score0.078EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2009/06/09 12:0 a.m.•27 views

Microsoft Works Oversized Font Buffer Overflow (MS09-024; CVE-2009-1533)

Microsoft Works is home productivity software suite with fewer features than the Microsoft Office suite.The Microsoft Works Converter allows the user to open, edit, and save files in the Microsoft Works file format. A remote code execution vulnerability has been discovered in Microsoft Works...

9.3CVSS7.2AI score0.3562EPSS
Exploits5
checkpoint_advisories
checkpoint_advisories
•added 2009/05/12 12:0 a.m.•27 views

Microsoft PowerPoint Converter CoCollection Record Handling Error (MS09-017; CVE-2009-0226)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote code execution vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory corruption error in Microsoft PowerPoint when reading sound data from specially craft...

9.3CVSS7.3AI score0.34794EPSS
Exploits5
checkpoint_advisories
checkpoint_advisories
•added 2009/04/13 12:0 a.m.•27 views

Update Protection against Microsoft Windows GDIplus GpFont.SetData Integer Overflow

A vulnerability has been reported in Microsoft Windows Graphics Device Interface GDI. GDI is a Microsoft standard for representing graphical objects and outputting these representations to devices such as monitors and printers. The vulnerability occurs when an application that uses the affected...

4.3CVSS6.2AI score0.16327EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2008/12/09 12:0 a.m.•27 views

Workaround for Microsoft Windows Saved Search Remote Code Execution Vulnerability (MS08-075)

A remote code execution vulnerability was reported in the way Windows Explorer saves specially crafted search files. Windows Search is a standard component of Windows Vista that allows instant search capabilities for most common file and data types. Windows Search has XML-based files that save...

8.5CVSS7AI score0.20682EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2008/08/12 12:0 a.m.•27 views

Microsoft Excel COUNTRY Record Parsing Memory Corruption (MS08-043; CVE-2008-3006)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in the way Microsoft Excel parses record values. The vulnerability is due to an error in Microsoft Excel that fails to perform sufficient validation when parsing record values while...

9.3CVSS7.6AI score0.35649EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2008/07/28 12:0 a.m.•27 views

Novell iPrint Client ActiveX Control Stack Buffer Overflow (CVE-2008-2908)

Novell iPrint is an application that enables users to install and manage printers, or submit print job from a web browser. A stack buffer overflow vulnerability has been reported in Novell iPrint Client. The vulnerability is due to a boundary error in a Novell iPrint ActiveX control. To trigger...

9.3CVSS7.2AI score0.35423EPSS
Exploits7
checkpoint_advisories
checkpoint_advisories
•added 2008/07/08 12:0 a.m.•27 views

Microsoft Access Snapshot Viewer ActiveX Control Arbitrary File Download (CVE-2008-2463)

Microsoft Snapshot Viewer is an application that allows viewing of snapshots created with any version of Microsoft Access. A remote code execution vulnerability has been discovered in the Snapshot Viewer for Microsoft Access. The vulnerability is due to an error in the Snapshot Viewer ActiveX...

6.8CVSS7.3AI score0.59125EPSS
Exploits9
checkpoint_advisories
checkpoint_advisories
•added 2008/05/09 12:0 a.m.•27 views

Update Protection against HP OpenView Network Node Manager HTTP Handling Buffer Overflow Vulnerability

A buffer overflow vulnerability has been discovered in HP OpenView Network Node Manager. The Network Node Manager NNM is an HP OpenView product which manages networks. It determines and displays physical and logical connectivity in networks, as well as information referring to protocols running...

10CVSS7.4AI score0.74345EPSS
Exploits10
checkpoint_advisories
checkpoint_advisories
•added 2007/07/10 12:0 a.m.•27 views

Preemptive Protection against Digium Asterisk SIP Invalid Response Code Denial of Service Vulnerability

A denial of service vulnerability has been discovered in Digium Asterisk. Asterisk is an open source telephone system. It supports a wide range of Voice over IP VOIP protocols, including SIP. SIP Session Initiation Protocol is a protocol that can establish, modify, and terminate numerous multimed...

7.8CVSS6.2AI score0.02617EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2007/05/01 12:0 a.m.•27 views

Symantec Products SupportSoft ActiveX Control Multiple Buffer Overflows (CVE-2006-6490)

Multiple vulnerabilities have been reported in Symantec SupportSoft ActiveX controls. SupportSoft provides third party ActiveX controls used for remote assistance and other technical support functions. A remote attacker could cause the browser to crash allowing execution of arbitrary commands.The...

10CVSS8AI score0.1034EPSS
Exploits4
checkpoint_advisories
checkpoint_advisories
•added 2007/02/28 12:0 a.m.•27 views

Trend Micro OfficeScan Client ActiveX Control Buffer Overflow (CVE-2007-0325)

A vulnerability has been reported in the Trend Micro OfficeScan Client ActiveX control.OfficeScan Client is an integrated client which provides security protection for the network endpoints.A remote attacker could cause the browser to crash allowing execution of arbitrary commands.The vulnerabili...

9.3CVSS7.2AI score0.34006EPSS
Exploits6
checkpoint_advisories
checkpoint_advisories
•added 2007/01/01 12:0 a.m.•27 views

Microsoft IIS HTR Request Buffer Overflow (CVE-2002-0071)

...

7.5CVSS6.4AI score0.26054EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2006/09/14 12:0 a.m.•27 views

Update Protection against Indexing Service Cross-Site Scripting Vulnerability (MS06-053)

A cross-site scripting XSS vulnerability exists in Microsoft Windows Indexing Service. Indexing Service is a feature that supports rapid searching of file contents and properties by extracting information from files and storing it in indexes organized for fast searching. A remote attacker can...

4.3CVSS5.8AI score0.33221EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2006/07/05 12:0 a.m.•27 views

Update Protection against Microsoft JScript Remote Code Execution Vulnerability (MS06-023)

JScript is Microsoft's implementation of the ECMA 262 language specification ECMAScript Edition 3. Microsoft JScript contains a memory corruption vulnerability. By convincing a user to visit a Web site or read an e-mail message containing a specially crafted JScript file, a remote attacker may be...

6.8CVSS6.4AI score0.28602EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2006/06/06 12:0 a.m.•27 views

Update Protection against Ipswitch WhatsUp Professional 2006 Multiple Vulnerabilities

WhatsUp is a tool from Ipswitch that monitors application and network. WhatsUp runs a custom web server for the application Web interface on port 8022. Multiple flaws have been identified in the server including XSS vulnerabilities, page redirection via cross site scripting and header spoofing...

5CVSS1.8AI score0.0353EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2006/05/21 12:0 a.m.•27 views

Preemptive Protection against Nagios "Content-Length" Header Buffer Overflow Vulnerability

Nagios is an open source host, service and network monitoring program. The product?s functionality is implemented through a number of CGI programs. A vulnerability has been identified in Nagios, specifically due to buffer overflow errors in various CGI scripts that do not properly process a...

5CVSS2.1AI score0.04728EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2006/02/22 12:0 a.m.•27 views

Microsoft Windows Web Client Remote Code Execution (MS06-008; CVE-2006-0013)

Web Client WebDAV is a system service that allows Web-based Distributed Authoring and Versioning. Remote code execution vulnerability exists in the way that Windows processes Web Client requests that could allow an attacker who successfully exploited this vulnerability to take complete control of...

6.5CVSS6.6AI score0.34854EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2006/02/16 12:0 a.m.•27 views

Built-In Protection against IGMPv3 Denial of Service Vulnerability (MS06-007)

A denial of service vulnerability exists in the handling of IGMPv3 Internet Group Management Protocol. IGMP is a routing protocol used by hosts and routers to dynamically register and discover multicast group memberships. By sending a specially crafted IGMP packet, a remote attacker could stop th...

7.8CVSS6.1AI score0.62882EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2005/02/01 12:0 a.m.•27 views

MS-SQL Monitor Protocol (CVE-2002-0649; CVE-2002-0650)

...

7.5CVSS6.4AI score0.8475EPSS
Exploits7
checkpoint_advisories
checkpoint_advisories
•added 2022/11/21 12:0 a.m.•26 views

Apache httpd mod_proxy NULL Pointer Dereference (CVE-2021-44224)

A NULL pointer dereference vulnerability exists in the modproxy module of Apache httpd. The vulnerability is due to improper handling of malformed Request-URIs sent to servers configured as a forward proxy. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted...

6.4CVSS1.1AI score0.82295EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2022/10/31 12:0 a.m.•26 views

Delta Electronics DIAEnergie SQL Injection (CVE-2022-1366)

An SQL injection exists in Delta Industrial Automation DIAEnergie. The vulnerability is due to insufficient input validation when processing requests...

10CVSS4AI score0.19365EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2022/10/31 12:0 a.m.•26 views

Oracle WebLogic Server Remote Code Execution (CVE-2021-2394)

A remote code execution vulnerability exists in Oracle WebLogic Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.5AI score0.76567EPSS
Exploits3
checkpoint_advisories
checkpoint_advisories
•added 2022/10/31 12:0 a.m.•26 views

Zoho ManageEngine SQL Injection (CVE-2022-27908)

A SQL injection vulnerability exists in ManageEngine OpManager. This vulnerability is due to insufficient validation of the parameters in the HTTP requests processed by the Inventory Reports module...

6.5CVSS2.2AI score0.37719EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2022/10/13 12:0 a.m.•26 views

Adobe ColdFusion Arbitrary File Read And Deletion (APSB22-44: CVE-2022-38424)

A arbitrary file read and deletion vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

5.6AI score0.45159EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2022/10/13 12:0 a.m.•26 views

Adobe ColdFusion Heap-based Buffer Overflow (APSB22-44: CVE-2022-35711)

A buffer overflow vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

5.5AI score0.73487EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2022/10/02 12:0 a.m.•26 views

SalesAgility SuiteCRM Remote Code Execution (CVE-2022-23940)

A remote code execution vulnerability exists in SalesAgility SuiteCRM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.8AI score0.53235EPSS
Exploits2
checkpoint_advisories
checkpoint_advisories
•added 2022/08/15 12:0 a.m.•26 views

Moodle Directory Traversal (CVE-2022-35650)

A Directory Traversal vulnerability exists in Moodle. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...

5.4AI score0.49102EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2022/07/28 12:0 a.m.•26 views

Tenda M3 Router Buffer Overflow (CVE-2022-32035)

A buffer overflow vulnerability exists in Tenda M3 Router. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

7.8CVSS5.8AI score0.1335EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2022/07/12 12:0 a.m.•26 views

Adobe Acrobat and Reader Access of Uninitialized Pointer (APSB22-32: CVE-2022-34228)

A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

6.3AI score0.03377EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2022/06/01 12:0 a.m.•26 views

Microsoft Support Diagnostic Tool Remote Code Execution (CVE-2022-30190)

A remote code execution vulnerability exists in Microsoft Support Diagnostic Tool, also known as, "Follina". Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.7AI score0.99374EPSS
Exploits62
checkpoint_advisories
checkpoint_advisories
•added 2022/05/30 12:0 a.m.•26 views

Jira Server-Side Request Forgery (CVE-2019-8451)

A Server Side Request Forgery vulnerability exists in Jira. A remote attacker may exploit this issue by making a specially crafted HTTP request. Successful exploitation would allow attackers to create HTTP requests on behalf of the vulnerable server...

6.4CVSS4.2AI score0.94453EPSS
Exploits2
checkpoint_advisories
checkpoint_advisories
•added 2022/04/12 12:0 a.m.•26 views

Adobe Acrobat and Reader Access of Uninitialized Pointer (APSB22-16: CVE-2022-27794)

A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

9.3CVSS6.3AI score0.14263EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2022/03/31 12:0 a.m.•26 views

Spring Cloud Function Remote Code Execution (CVE-2022-22963)

A remote code execution vulnerability exists in Spring Cloud Function. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.6AI score0.99939EPSS
Exploits36
checkpoint_advisories
checkpoint_advisories
•added 2022/03/08 12:0 a.m.•26 views

Microsoft Remote Desktop Client Remote Code Execution (CVE-2022-21990)

A remote code execution vulnerability exists in Microsoft Remote Desktop Client. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS8.9AI score0.18842EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2022/03/08 12:0 a.m.•26 views

Microsoft Remote Desktop Client Remote Code Execution (CVE-2022-23285)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS8.8AI score0.25715EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2021/12/29 12:0 a.m.•26 views

Delta Electronics DIAEnergie SQL Injection (CVE-2021-38391)

An SQL injection exists in Delta Industrial Automation DIAEnergie. The vulnerability is due to an input validation error when processing the type parameter in the AMHandler.ashx endpoint...

10CVSS4.2AI score0.03455EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2021/11/24 12:0 a.m.•26 views

WordPress Pie Register Plugin SQL Injection (CVE-2021-24731)

An SQL injection vulnerability exists in WordPress Pie Register plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS10AI score0.07542EPSS
Exploits2
checkpoint_advisories
checkpoint_advisories
•added 2021/11/07 12:0 a.m.•26 views

FrogCMS SentCMS Remote Code Execution (CVE-2021-26794)

A remote code execution vulnerability exists in FrogCMS SentCMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.5AI score0.01552EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2021/10/20 12:0 a.m.•26 views

DRK Odenwaldkreis Testerfassung Command Injection (CVE-2021-35062)

A command injection vulnerability exists in NETGEAR. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9.3CVSS8.6AI score0.01462EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2021/08/26 12:0 a.m.•26 views

Oracle Fusion Middleware BI Publisher Arbitrary File Upload (CVE-2021-2392)

An arbitrary file upload vulnerability exists in Oracle Business Intelligence. This vulnerability is due to insufficient input validation in the UploadFndDBCPage class...

9CVSS2.7AI score0.03119EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2021/08/24 12:0 a.m.•26 views

Centreon MediaWiki SQL Injection (CVE-2021-37558)

An SQL injection vulnerability exists in Centreon MediaWiki. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS6AI score0.02115EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2021/07/20 12:0 a.m.•26 views

FiberHome Routers Command Injection (CVE-2021-42912)

A command injection vulnerability exists in FiberHome routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS7.8AI score0.10865EPSS
Exploits0
checkpoint_advisories
checkpoint_advisories
•added 2021/06/01 12:0 a.m.•26 views

WordPress Core External Entity Injection (CVE-2021-29447)

An XXE vulnerability exists in WordPress Core. The vulnerability is due to insufficient validation of XML data when parsing RIFF WAV file metadata...

4CVSS4.8AI score0.85719EPSS
Exploits20
checkpoint_advisories
checkpoint_advisories
•added 2021/04/18 12:0 a.m.•26 views

Course Registration Management System Cross Site Scripting (CVE-2021-29663)

A cross-site scripting vulnerability exists in Course Registration Management System. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

3.5CVSS4.8AI score0.00806EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2021/03/14 12:0 a.m.•26 views

F5 BIG-IP Buffer Overflow (CVE-2021-22992)

A buffer overflow vulnerability exists in F5 BIG-IP. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

9.3CVSS5.7AI score0.72711EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2021/02/22 12:0 a.m.•26 views

Cockpit CMS Remote Code Execution (CVE-2020-35131)

A remote code execution vulnerability exists in Cockpit CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.4AI score0.51299EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2021/02/15 12:0 a.m.•26 views

Yccms Remote Code Execution (CVE-2020-20287)

A remote code execution vulnerability exists in Yccms. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.6AI score0.02827EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
•added 2021/01/17 12:0 a.m.•26 views

Apache Flink Directory Traversal (CVE-2020-17518; CVE-2020-17519)

A directory traversal vulnerability exists in Apache Flink. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

5CVSS5.2AI score0.97856EPSS
Exploits14
Total number of security vulnerabilities5000