Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2021/11/17 12:0 a.m.•65 views

Stivasoft Fundraising Script SQL Injection (CVE-2020-22223; CVE-2020-22225; CVE-2020-22226)

An SQL injection vulnerability exists in Stivasoft Fundraising Script. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS9.9AI score0.01096EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/11/16 12:0 a.m.•65 views

PlaySMS index.php Remote Code Execution (CVE-2020-8644)

A remote code execution vulnerability exists in PlaySMS. Successful exploitation could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.5AI score0.86689EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2021/11/09 12:0 a.m.•65 views

Microsoft Defender Remote Code Execution (CVE-2021-42298)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS8.1AI score0.05293EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/02/16 12:0 a.m.•65 views

CSE Bookstore SQL Injection (CVE-2020-36112)

An SQL injection vulnerability exists in CSE Bookstore. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.4AI score0.17383EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/11/21 12:0 a.m.•65 views

Inductive Automation Ignition Insecure Deserialization (CVE-2020-12004; CVE-2020-10644)

An insecure deserialization vulnerability exists in Inductive Automation Ignition. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

5CVSS7.2AI score0.20208EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2017/08/28 12:0 a.m.•65 views

Microsoft Browser Scripting Engine Memory Corruption (CVE-2017-8636)

A memory corruption vulnerability exists in Microsoft browser. The vulnerability is due to an error in the way that Microsoft browser accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a specially...

7.6CVSS7.5AI score0.72116EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•65 views

Oracle Database Server Network Authentication AUTH_SESSKEY Buffer Overflow - Ver2 (CVE-2009-1979)

Oracle Database Server is an enterprise-level relational database application suite. A buffer overflow vulnerability exists in the Oracle Database server, the vulnerability is due to an error in the Oracle Database server that fails to sufficiently validate the length field of the AUTHSESSKEY...

10CVSS7.5AI score0.76361EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2010/10/04 12:0 a.m.•65 views

Adobe Shockwave Player Director File FFFFFF88 Record Integer Overflow (CVE-2010-2876; CVE-2010-4192)

Adobe Shockwave is a multimedia player that allows users to view interactive web content such as games, business presentations, entertainment, and advertisements from the web browser. It allows Adobe Director applications to be published on the Internet and viewed in a web browser on systems whic...

9.3CVSS7.3AI score0.06051EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/09/05 12:0 a.m.•65 views

Adobe ColdFusion Directory Traversal (APSB10-18; CVE-2010-2861)

Adobe ColdFusion is a rapid application development platform that includes advanced features for enterprise integration and development of rich Internet applications. A directory traversal vulnerability has been reported in Adobe ColdFusion. The vulnerability is due to a design weakness in the...

7.5CVSS9.6AI score0.99721EPSS
Exploits13
Check Point Advisories
Check Point Advisories
•added 2010/05/11 12:0 a.m.•65 views

Microsoft Outlook Express and Windows Mail Integer Overflow (MS10-030; CVE-2010-0816)

Windows Mail formerly Outlook Express is an online communication tool for use with Windows. A remote code execution vulnerability has been reported in the way that Windows Mail Client handles specially crafted mail responses. The vulnerability is caused when a common library used by Outlook Expre...

9.3CVSS7.7AI score0.20325EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2005/02/01 12:0 a.m.•65 views

SSL - General Settings (CVE-2003-0719; CVE-2004-0826)

SSL Protections use a SSL protocol parser which uses a default port of TCP/443, but this port can be reconfigured...

7.5CVSS6.3AI score0.83412EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2022/11/13 12:0 a.m.•64 views

TP Link Wr940N Routers Buffer Overflow (CVE-2017-13772)

A buffer overflow vulnerability exists in TP Link Wr940N Firmware. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

9CVSS6.9AI score0.52559EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2021/11/17 12:0 a.m.•64 views

Froxlor SQL Injection (CVE-2021-42325)

An SQL injection vulnerability exists in Froxlor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS9.9AI score0.11812EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/12/20 12:0 a.m.•64 views

Web Servers Cross-Site Scripting Attempt (CVE-2020-10820; CVE-2020-10821; CVE-2020-11930; CVE-2020-12256; CVE-2020-12259; CVE-2020-1943; CVE-2020-2096)

Remote attackers may attempt to exploit web servers vulnerable to cross-site scripting vulnerabilities. Successful exploitation could result in damaging user systems...

4.3CVSS3.2AI score0.97309EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2020/12/17 12:0 a.m.•64 views

Web Servers SQL Injection Attempt (CVE-2020-10220; CVE-2020-15533; CVE-2020-23833; CVE-2020-23973; CVE-2020-23976; CVE-2020-23978; CVE-2020-23979)

An SQL Injection vulnerability exists in web servers due to lack of input validation. Successful exploitation of this vulnerability could result in damaging target systems...

7.5CVSS3.7AI score0.99683EPSS
Exploits19
Check Point Advisories
Check Point Advisories
•added 2020/12/16 12:0 a.m.•64 views

Aerospike Community Remote Code Execution (CVE-2020-13151)

A remote code execution vulnerability exists in Aerospike Community. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.7AI score0.86749EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2020/11/21 12:0 a.m.•64 views

SMA Solar Technology Sunny WebBox Cross-Site Request Forgery (CVE-2019-13529)

A cross-site request forgery vulnerability exists in SMA Solar Technology Sunny WebBox. A remote attacker can exploit this vulnerability by enticing a target authenticated user to visit a specially crafted page...

6.8CVSS8.2AI score0.03087EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/09/29 12:0 a.m.•64 views

PHP-Fusion Remote Command Execution (CVE-2020-24949)

A command execution vulnerability exists in PHP-Fusion. Successful exploitation of this vulnerability could allow a remote authenticated attacker to execute arbitrary commands on the affected system...

5.9AI score0.67289EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/03/17 12:0 a.m.•64 views

Microsoft SQL Server Remote Code Execution (CVE-2020-0618)

A remote code execution vulnerability exists in Microsoft SQL server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.8AI score0.99022EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2020/02/05 12:0 a.m.•64 views

Redis Buffer Overflow (CVE-2019-10192; CVE-2019-10193)

A buffer overflow vulnerability exists in Redis. Successful exploitation of this vulnerability could result in the execution of arbitrary code on the affected system...

6.5CVSS4.8AI score0.26048EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/11/26 12:0 a.m.•64 views

OMRON CX-One CX-Protocol Type Confusion (CVE-2018-19027)

A type confusion vulnerability exists in OMRON CX-One CX-Protocol. This vulnerability occurs due to improper parsing of the project file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS6.8AI score0.01424EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2019/07/07 12:0 a.m.•64 views

Schneider Electric Modicon Multiple Information Disclosure Vulnerabilities (CVE-2018-7844; CVE-2018-7845; CVE-2019-6806)

Multiple information disclosure vulnerabilities exist in Schneider Electric Modicon. Successful exploitation of those vulnerabilities would allow a remote attacker to obtain sensitive information...

5CVSS2.6AI score0.03413EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2018/05/14 12:0 a.m.•64 views

OMRON CX-One CX-FLnet Version and Node Name Heap-based Buffer Overflow (CVE-2018-8834)

A heap-based overflow exists in OMRON CX-One CX-FLnet module. The vulnerability is due to input validation error when processing Version and Node Name parameter of the FLN configuration file. A remote attacker could exploit these vulnerabilities by enticing a target user into opening a maliciousl...

4.6CVSS5.2AI score0.00318EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/05/10 12:0 a.m.•64 views

Microsoft Internet Explorer Memory Corruption (MS16-051: CVE-2016-0189)

A use after free vulnerability exists in Microsoft Internet Explorer. The root cause is a heap corruption when dealing with a corrupted VBScript array size. A successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system...

7.6CVSS3.6AI score0.93165EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2015/04/05 12:0 a.m.•64 views

Eclipse Foundation Jetty Web Server HttpParser Remote Information Disclosure (CVE-2015-2080)

An information disclosure vulnerability exists in Eclipse Foundation Jetty Web Server. The vulnerability is due to improper parsing of HTTP requests that can lead to information disclosure via HTTP responses from the server. A remote attacker can exploit this vulnerability by sending HTTP request...

5CVSS0.9AI score0.74881EPSS
Exploits16
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•64 views

Persistent Systems Radia Client Automation Command Execution - Ver2 (CVE-2015-1497)

A command execution vulnerability exists in Persistent Systems Radia Client Automation. The vulnerability is due to missing authentication while processing requests to the radexecd process. A remote unauthenticated attacker can exploit this vulnerability by sending crafted requests to the affecte...

10CVSS6.6AI score0.75116EPSS
Exploits16
Check Point Advisories
Check Point Advisories
•added 2013/10/06 12:0 a.m.•64 views

Foreman Red Hat OpenStack bookmarks Code Injection (CVE-2013-2121)

A remote code execution vulnerability has been reported in ForemanRed Hat OpenStack. The vulnerability is due to improper sanitization of certain parameters. A remote attacker can exploit this issue by sending a specially crafted packet to the target server. Successful exploitation would allow an...

6CVSS7.7AI score0.24782EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2013/06/06 12:0 a.m.•64 views

Novell ZENworks Asset Management Directory Traversal (CVE-2011-2653)

A Directory Traversal vulnerability has been reported in the Novell ZENworks Asset Management. The vulnerability is due to insufficient input validation when parsing the FileUpload parameter. A remote attacker can exploit this issue by sending a specially crafted packet to the target server...

10CVSS6.8AI score0.73929EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2013/05/14 12:0 a.m.•64 views

Internet Explorer VML Objects Use After Free (MS13-037; CVE-2013-2551)

A buffer overflow vulnerability exists in Internet Explorer while accessing a dynamic array of attributes of a VML shape object. The vulnerability may lead to memory corruption in such a way that will allow code execution in the context of the current user...

8.7AI score0.74096EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2010/05/09 12:0 a.m.•64 views

Microsoft Excel Malformed FNGROUPCOUNT Value Code Execution (MS06-037; CVE-2006-1308)

Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...

9.3CVSS7.5AI score0.09278EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/03/28 12:0 a.m.•64 views

Microsoft Excel Malformed Range Code Execution (MS06-012; CVE-2005-4131)

Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. Its native file format is the Binary Interchange File Format BIFF, which is available is several versions. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data an...

6.8CVSS7.3AI score0.31108EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2009/02/27 12:0 a.m.•64 views

Update Protection against UltraVNC VNCViewer Authenticate Buffer Overflow

A buffer overflow vulnerability was reported in multiple Virtual Network Computing VNC based applications. Virtual Network Computing VNC is a graphical desktop sharing technology desigend to remotely control another computer. The flaw is due to improper validation of length value in network...

10CVSS6.7AI score0.13334EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2008/11/11 12:0 a.m.•64 views

Microsoft Visual Basic ActiveX Controls Remote Code Execution (MS08-070; CVE-2008-3704; CVE-2008-4252; CVE-2008-4253; CVE-2008-4254; CVE-2008-4255; CVE-2008-4256)

Visual Basic is an event-driven programming language that was created by Microsoft for building stand alone Windows-based programs. Developers can use it for quickly building GUI applications. Several remote code execution vulnerabilities have been reported in Microsoft Visual Basic: CVE-2008-425...

9.3CVSS7.7AI score0.55917EPSS
Exploits17
Check Point Advisories
Check Point Advisories
•added 2022/11/24 12:0 a.m.•63 views

GE MDS PulseNET XML External Entity Expansion (CVE-2018-10613)

An XML external entity expansion vulnerability exists in GE MDS PulseNET. Successful exploitation of this vulnerability could result in the disclosure of file contents from the target system...

5CVSS2.1AI score0.18282EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/11/06 12:0 a.m.•63 views

Veeam Backup and Replication Authentication Bypass (CVE-2022-26501)

An authentication bypass vulnerability exists in Veeam Backup and Replication. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...

10CVSS6.4AI score0.04278EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/08/15 12:0 a.m.•63 views

Microsoft Windows Parse Server Prototype Pollution (CVE-2022-24760)

A prototype pollution vulnerability exists in Microsoft Windows Parse Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS6.8AI score0.49081EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/04/20 12:0 a.m.•63 views

Oracle MySQL Cluster Buffer Overflow (CVE-2022-21279)

A buffer overflow vulnerability exists in Oracle MySQL. The vulnerability exists in the MySQL NDB Cluster component...

4CVSS3.7AI score0.78951EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/11/24 12:0 a.m.•63 views

WordPress Asgaros Forum Plugin SQL Injection (CVE-2021-24827)

An SQL injection vulnerability exists in WordPress Asgaros Forum plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS10AI score0.13285EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/09/24 12:0 a.m.•63 views

UDP Technology IP Camera Command Injection (CVE-2021-33544)

A command injection vulnerability exists in UDP Technology IP Camera. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

6.5CVSS8.5AI score0.95547EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/05/18 12:0 a.m.•63 views

Tenda Routers Buffer Overflow (CVE-2021-31755; CVE-2021-31756; CVE-2021-31757; CVE-2021-31758)

A buffer overflow vulnerability exists in Tenda routers. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

10CVSS7.2AI score0.85849EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/12/27 12:0 a.m.•63 views

WordPress Canto Plugin Server-Side Request Forgery (CVE-2020-28976; CVE-2020-28977; CVE-2020-28978)

A sever-side request forgery vulnerability exists in WordPress Canto Plugin. The vulnerability is due to a lack of validation on the subdomain parameter in HTTP requests. Successful exploitation of this vulnerability could allow an unauthenticated attacker to make a request to any internal and...

5CVSS1.3AI score0.27771EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2020/09/21 12:0 a.m.•63 views

Microsoft Exchange Memory Corruption (CVE-2020-16875)

A memory corruption vulnerability exists in Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS8.1AI score0.47145EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2019/09/18 12:0 a.m.•63 views

ZeroMQ libzmq Buffer Overflow (CVE-2019-13132)

A buffer overflow vulnerability exists in ZeroMQ libzmq. Successful exploitation of this vulnerability could allow the execution of arbitrary code on the target machine...

7.5CVSS4.4AI score0.42464EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2016/10/26 12:0 a.m.•63 views

ASUSWRT LAN Backdoor Remote Command Execution (CVE-2014-9583)

A remote command execution vulnerability exists in Asuswrt. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS5.9AI score0.80731EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•63 views

Microsoft Windows Graphics Rendering Engine Buffer Overflow (MS04-032) - Ver2 (CVE-2004-0209)

The Microsoft Windows Metafile Format WMF is used to store pictures and other graphical renderings as either vector or bitmap-format graphical data. The vector data stored in WMF files is described as Microsoft Windows Graphics Device Interface GDI commands. The WMF format is the original 16-bit...

10CVSS2AI score0.62054EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2014/07/21 12:0 a.m.•63 views

Microsoft .NET Framework TypeFilterLevel Code Execution (MS14-026; CVE-2014-1806)

A code execution vulnerability exists in Microsoft .NET Framework. The vulnerability is due to the way the .NET framework handles TypeFilterLevel checks for some malformed objects. A remote attacker could exploit this vulnerability by sending specially crafted data to the target server that uses...

10CVSS6.7AI score0.39589EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/07/14 12:0 a.m.•63 views

AlienVault OSSIM av-centerd SOAP Requests Multiple Command Execution (CVE-2014-3804)

Multiple command execution vulnerabilities has been reported in AlienVault OSSIM. The vulnerabilities are due to failure to safely sanitize user data while handling av-centerd SOAP service requests. A remote unauthenticated attacker can exploit these vulnerabilities by sending crafted requests to...

10CVSS6.9AI score0.72376EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/06/09 12:0 a.m.•63 views

ISPConfig Authenticated Arbitrary PHP Code Execution (CVE-2013-3629)

A code execution vulnerability has been reported in ISPConfig. The vulnerability is due to a flaw in the /content.php script that is triggered when parsing language files. An attacker could trigger this flaw via a specially crafted language file. Successful exploitation of this vulnerability coul...

6.5CVSS8.9AI score0.43103EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•63 views

Microsoft Windows Cinepak Codec Remote Code Execution (MS10-055) - Ver2 (CVE-2010-2553)

The Cinepak codec is a media encoder and decoder supported by the Windows Media Player. A remote code execution vulnerability has been reported in the way the Cinepak codec handles supported format files. The vulnerability is due to an error in the Cinepak codec that fails to properly handle...

9.3CVSS7.2AI score0.30895EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•63 views

Internet Explorer Option Element Memory Corruption (MS11-081) - Ver2 (CVE-2011-1996)

A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer attempts to access objects that have not been initialized or have been deleted. A remote attacker could trigger this vulnerability by enticing an...

9.3CVSS7.2AI score0.60456EPSS
Exploits5
Total number of security vulnerabilities5000