Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2019/11/26 12:0 a.m.•26 views

Microsoft Office Word Information Disclosure (CVE-2019-0561)

An information disclosure vulnerability exists in the Word component of Microsoft Office. This vulnerability is due to improper handling of fields. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information...

4.3CVSS3.2AI score0.08243EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/11/26 12:0 a.m.•26 views

Dovecot Submission-Login Service NULL Pointer Dereference Denial of Service (CVE-2019-11494)

A denial-of-service vulnerability exists in the Dovecot server. The vulnerability is due to a NULL pointer dereference in the submission-login service when authentication is aborted. Successful exploitation of this vulnerability could cause a partial denial of service of the affected system...

5CVSS3.3AI score0.02433EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/11/12 12:0 a.m.•26 views

Microsoft VBScript Remote Code Execution (CVE-2019-1390)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS9AI score0.06435EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/11/12 12:0 a.m.•26 views

Microsoft Win32k Information Disclosure (CVE-2019-1436)

An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

2.1CVSS6.5AI score0.01659EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/11/05 12:0 a.m.•26 views

Electronic Arts Origin Client URI Handler Remote Code Execution (CVE-2019-12828)

A remote code execution vulnerability exists in the Electronic Arts Origin Client. The vulnerability is due to improper sanitization of user-supplied data which may be passed to the application as an option regarding the DLL loading path. A remote attacker could exploit the vulnerability by...

6.8CVSS2.7AI score0.13274EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2019/10/22 12:0 a.m.•26 views

Schneider Electric IIoT Monitor downloadCSV Directory Traversal (CVE-2018-7835)

A directory traversal vulnerability exists in Schneider Electric IIoT. The vulnerability is due to insufficient validation of a user supplied path prior to using it in file operations...

7.8CVSS3.9AI score0.01761EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/10/03 12:0 a.m.•26 views

Foxit Reader and PhantomPDF XFA xdpContent Information Disclosure (CVE-2018-3956)

An information disclosure exists in Foxit Reader and PhantomPDF. This vulnerability is due to improper handling of the xdpContent property of a submit object...

5.8CVSS0.7AI score0.49566EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2019/09/23 12:0 a.m.•26 views

Microsoft Visual Studio Vscontent Information Disclosure (CVE-2019-0537)

An information disclosure vulnerability exists in Microsoft visual studio. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

4.3CVSS2.1AI score0.07614EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/08/13 12:0 a.m.•26 views

Adobe Acrobat and Reader Out-of-Bounds Write (APSB19-41: CVE-2019-8098)

An out of bounds write vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

7.5CVSS3.5AI score0.03828EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2019/08/13 12:0 a.m.•26 views

Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-1197)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS5.1AI score0.01934EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/07/24 12:0 a.m.•26 views

WordPress WP Live Chat Plugin Arbitrary File Upload (CVE-2019-11185)

An Arbitrary File Upload vulnerability exists in WordPress Live Chat Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the effected system...

7.5CVSS4.5AI score0.04349EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2019/07/18 12:0 a.m.•26 views

Citrix SD-WAN Center Command Injection (CVE-2019-10883)

A Command Injection vulnerability exists in Citrix SD-WAN Center. This vulnerability is due to insufficient validation of user-supplied data in one of the controllers. Successful exploitation of this vulnerability would allow remote attacker to execute arbitrary OS commands on the remote host...

10CVSS6.9AI score0.65488EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2019/06/11 12:0 a.m.•26 views

Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0989)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS5.1AI score0.02403EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/06/11 12:0 a.m.•26 views

Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0992)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS5.1AI score0.0256EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/06/11 12:0 a.m.•26 views

Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-1024)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS7.9AI score0.02403EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/05/14 12:0 a.m.•26 views

Microsoft Edge Elevation of Privilege (CVE-2019-0938)

An elevation of privilege vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS6.2AI score0.03442EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/05/14 12:0 a.m.•26 views

Microsoft Windows Kernel Elevation of Privilege (CVE-2019-0881)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS8.2AI score0.02643EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2019/05/14 12:0 a.m.•26 views

Adobe Flash Player Use After Free (APSB19-26: CVE-2019-7837)

A use-after-free vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS4.9AI score0.09732EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/04/09 12:0 a.m.•26 views

Microsoft Windows LUAFV Elevation of Privilege (CVE-2019-0730)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS5.6AI score0.04352EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2019/03/12 12:0 a.m.•26 views

Microsoft Browser Scripting Engine Memory Corruption (CVE-2019-0609)

A memory corruption vulnerability exists in Microsoft Browser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS5AI score0.09846EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/02/20 12:0 a.m.•26 views

WordPress Core Local File Inclusion Remote Code Execution (CVE-2019-8942)

A remote code execution vulnerability exists in WordPress Core. Successful exploitation of this vulnerability could allow a remote attacker with at least author privileges to execute arbitrary code on the target server...

6.5CVSS5.4AI score0.82736EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2019/02/12 12:0 a.m.•26 views

Microsoft Windows SMB Remote Code Execution (CVE-2019-0633)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.4AI score0.13039EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/01/24 12:0 a.m.•26 views

Rockwell RSLogix 5000 RNA Denial of Service (CVE-2011-3489)

A denial of service vulnerability exists in Rockwell RSLogix 5000. A remote attacker could exploit this vulnerability by sending a specially crafted request to the target system...

5CVSS5.2AI score0.08977EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2019/01/08 12:0 a.m.•26 views

Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0568)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS5.1AI score0.69455EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2018/12/25 12:0 a.m.•26 views

IBM Operational Decision Manager External Entity Injection (CVE-2018-1821)

An XML external entity XXE injection vulnerability exist in IBM Operational Decision. The vulnerability is due to a failure to properly handle external entity references in XML files. A remote attacker could exploit this vulnerability by enticing a target user into opening a crafted XML file with...

6.4CVSS1.9AI score0.15801EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2018/12/11 12:0 a.m.•26 views

Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-8643)

A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS7.9AI score0.09906EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/11/13 12:0 a.m.•26 views

Adobe Flash Player Out-of-bounds read (APSB18-39: CVE-2018-15978)

A out of bounds read vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

5CVSS2.9AI score0.0743EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/11/11 12:0 a.m.•26 views

Western Digital MyBook Live Remote Code Execution (CVE-2018-18472)

A command injection vulnerability exist in WD MyBook Live and WD MyCloud NAS models. The vulnerability is due to the language change and modifies functionality in the REST API. A remote, unauthenticated attacker can exploit the vulnerability by sending a maliciously crafted packet to the target...

10CVSS3.7AI score0.30284EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/11/07 12:0 a.m.•26 views

Yi Technology Home Camera cloudAPI SSID Code Execution (CVE-2018-3910)

A remote code execution vulnerability exists in Yi Home Camera. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.4CVSS4.9AI score0.01635EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2018/10/07 12:0 a.m.•26 views

Google PDFium Out-of-bounds read (CVE-2018-16076)

An out-of-bounds and vulnerability exists in Google PDFium. The vulnerability is due to an error in parsing a malformed JBIG2 image stream in a PDF document. Successful exploitation could result in sensitive data exposure and memory corruption...

6.8CVSS3AI score0.01469EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/09/11 12:0 a.m.•26 views

Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-8459)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS7.9AI score0.14633EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/08/14 12:0 a.m.•26 views

Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-8371)

A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS4.9AI score0.14443EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/07/10 12:0 a.m.•26 views

Adobe Acrobat and Reader Out-of-bounds read (APSB18-21: CVE-2018-5044; CVE-2019-7771; CVE-2019-7780)

A out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

5CVSS3.6AI score0.08425EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•26 views

Microsoft Windows Remote Code Execution (CVE-2018-8210)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS8.2AI score0.24706EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•26 views

Microsoft Win32k Elevation of Privilege (CVE-2018-8233)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS8AI score0.01317EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/02 12:0 a.m.•26 views

Oracle WebLogic Remote Diagnosis Assistant rda_tfa_hrs Command Injection (CVE-2018-2616)

A command injection vulnerability exists in the web console of the Oracle WebLogic Remote Diagnosis Assistant. The vulnerability is due to a failure on the part of the application to properly parse input supplied to the rdatfahrs menu command...

6.5CVSS8.7AI score0.27068EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/03/13 12:0 a.m.•26 views

Microsoft Access Remote Code Execution (CVE-2018-0903)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.6AI score0.16575EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/02/13 12:0 a.m.•26 views

Microsoft Windows Remote Code Execution (CVE-2018-0842)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.9CVSS7.6AI score0.01029EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/11/26 12:0 a.m.•26 views

ZyXEL PK5001Z Modem Authentication Bypass (CVE-2016-10401)

An Unauthorized Access Vulnerability exists in ZyXEL PK5001Z Modem. Successful exploitation of this vulnerability could allow a remote attacker to gain administrator level access on the affected device...

9CVSS5.4AI score0.12113EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2017/09/17 12:0 a.m.•26 views

HPE Intelligent Management Center userSelectPagingContent Expression Language Injection (CVE-2017-12521)

An Expression Language injection vulnerability exists in HPE Intelligent Management Center. The vulnerability is due to a lack of validation on a request parameter on requests sent to the server. A remote attacker can exploit this vulnerability by sending a crafted request to the target server...

9CVSS2.5AI score0.0572EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/09/11 12:0 a.m.•26 views

HPE Intelligent Management Center saveSelectedDevices Expression Language Injection (CVE-2017-12491)

An Expression Language injection vulnerability exists in HPE Intelligent Management Center. The vulnerability is due to insufficient handling of a parameter passed to the saveSelectedDevices method through a GWT RPC request. A remote, authenticated attacker can exploit this vulnerability by sendi...

9CVSS2.2AI score0.0572EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•26 views

Adobe Acrobat And Reader Use After Free (APSB17-24: CVE-2017-11224)

A use after free vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to a freed memory area being reused by another object. This provides a remote attacker with an unintended memory access -- potentially leading to code corruption, control-flow hijack, or information leak...

9.3CVSS9.2AI score0.09204EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/06/28 12:0 a.m.•26 views

HPE Intelligent Management Center dbman RestoreZipFile Command Injection (CVE-2017-5821)

A command injection vulnerability exists in the dbman component of HPE Intelligent Management Center. The vulnerability is due to missing validation of user-provided parameters when handling RestoreZipFile commands. A remote, unauthenticated attacker can exploit the vulnerability by sending a...

10CVSS9.4AI score0.16844EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/06/13 12:0 a.m.•26 views

Microsoft LNK Remote Code Execution (CVE-2017-8464; CVE-2018-0978)

A vulnerability has been found in the way Windows Explorer handles LNK files. An attacker exploiting this vulnerability could achieve Remote Code Execution...

9.3CVSS3.3AI score0.90026EPSS
Exploits20
Check Point Advisories
Check Point Advisories
•added 2017/06/13 12:0 a.m.•26 views

Microsoft Windows Cursor Elevation of Privilege (CVE-2017-8466)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is caused when Windows fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable file...

7.2CVSS8.1AI score0.01084EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/05/03 12:0 a.m.•26 views

Digium Asterisk CDR ast_cdr_setuserfield Buffer Overflow (CVE-2017-16671; CVE-2017-7617)

A buffer overflow exists in the CDR engine of Digium Asterisk. The vulnerability is due to a lack of size checking when setting the user field of a CDR. A remote, authenticated attacker can exploit this vulnerability by sending a crafted message to an affected Asterisk server...

6.5CVSS4.5AI score0.06243EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/16 12:0 a.m.•26 views

Microsoft Windows Uniscribe Information Disclosure (MS17-011: CVE-2017-0085)

An information disclosure vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows Uniscribe handles objects in the memory. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted ttf file...

4.3CVSS4.7AI score0.22471EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•26 views

Microsoft Outlook Remote Code Execution (CVE-2017-0106)

A remote code execution vulnerability exists in Microsoft Outlook. The vulnerability is due to the way Microsoft Outlook parses specially crafted email messages. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted email message...

9.3CVSS7.7AI score0.28355EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/03/14 12:0 a.m.•26 views

Microsoft Windows Graphics Component Remote Code Execution (MS17-013: CVE-2017-0014)

A remote code execution vulnerability exists in Windows Graphics Component. The vulnerability is due to the way Windows Graphics Component handles objects in memory. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted file...

7.6CVSS7.9AI score0.17594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/01/15 12:0 a.m.•26 views

Adobe Acrobat and Reader Use After Free (APSB17-01: CVE-2017-2956; CVE-2017-2957)

A remote code execution vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Reader and Acrobat while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a...

9.3CVSS8.9AI score0.03548EPSS
Exploits0
Total number of security vulnerabilities5000