Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2008/03/11 12:0 a.m.•26 views

Microsoft Office Outlook mailto URI Handling Code Execution (MS08-015; CVE-2008-0110)

Microsoft Office Outlook is a personal information manager that provides an e-mail application, a calendar and task and contact management.A remote code execution vulnerability has been reported in Microsoft Office Outlook. The vulnerability is due to an error in Microsoft Office Outlook that fai...

9.3CVSS6.9AI score0.31934EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2008/02/12 12:0 a.m.•26 views

Microsoft Visual FoxPro ActiveX Control Buffer Overflow (MS08-010; CVE-2007-4790)

Microsoft Visual FoxPro is an application development tool for building database applications. This vulnerability is due to a memory corruption error in certain ActiveX objects of Microsoft Visual FoxPro when it is used in Microsoft Internet Explorer. A remote attacker could exploit this issue by...

7.5CVSS7AI score0.54908EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2008/01/09 12:0 a.m.•26 views

Microsoft Windows ICMP Fragmented Packet Denial of Service (MS08-001; CVE-2007-0066)

The Internet Control Message Protocol ICMP is one of the core protocols of the Internet protocol suite. The vulnerability is due to an error in the way that Windows Kernel processes fragmented router advertisement ICMP queries. Successful exploitation could allow a denial of service on the affect...

7.1CVSS6AI score0.31525EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2007/08/30 12:0 a.m.•26 views

Internet Explorer Pdwizard.ocx ActiveX Object Memory Corruption (MS07-045; CVE-2007-3041)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer IE ActiveX control pdwizard.ocx. ActiveX controls are reusable software components based on Microsoft Component Object Model COM. To trigger the vulnerability, an attacker can create a malicious web page that...

9.3CVSS7.4AI score0.28979EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2007/04/11 12:0 a.m.•26 views

Preemptive Protection against Mercury Mail IMAP Buffer Overflow Vulnerability

Multiple buffer overflow vulnerabilities exist in Mercury Mail Transport System. Mercury Mail Transport System is a free mail server program that supports various email access and exchange protocols, including the Internet Message Access Protocol IMAP. IMAP is a standard protocol for accessing...

10CVSS7.5AI score0.72459EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2006/12/26 12:0 a.m.•26 views

Internet Explorer Undisclosed Script Handler Buffer Overflow (MS06-072; CVE-2006-5579)

Microsoft Internet Explorer IE contains a remote code execution vulnerability. By convincing a user to visit a specially crafted Web page, a remote attacker may trigger this vulnerability to deny service from legitimate users by causing the victim's Web browser to crash or execute arbitrary code ...

9.3CVSS7.6AI score0.31068EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2006/08/13 12:0 a.m.•26 views

Preemptive Protection against Malformed DNS Resource Records Vulnerability (MS06-041)

The Domain Name System DNS client service resolves and caches DNS names. The Microsoft DNS Client service fails to handle specific overly long resource records. An attacker could exploit the vulnerability by sending a specially crafted DNS record to an affected client. Successful exploitation cou...

10CVSS6.1AI score0.65532EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2006/07/05 12:0 a.m.•26 views

Update Protection against AWStats Remote Command Execution Vulnerability

AWStats is a free tool that collects and graphically displays advanced web, ftp or mail server statistics. Lack of input validation on one of the parameters may allow an attacker to compromise a vulnerable server. Successful exploitation allows remote attackers to execute arbitrary commands under...

7.5CVSS7.1AI score0.74941EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2006/03/26 12:0 a.m.•26 views

Update Protection against ezDatabase Remote File Inclusion Vulnerability

ezDatabase is a Web based application designed for creating online databases. A vulnerability in ezDatabase allows remote attackers to execute arbitrary PHP code via several parameters. Attackers may be able to disclose sensitive information and compromise an affected system...

7.5CVSS6.1AI score0.02873EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2005/06/29 12:0 a.m.•26 views

Microsoft Telnet Client Information Disclosure (MS05-033; CVE-2005-1205)

...

5CVSS6.4AI score0.33261EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/11/28 12:0 a.m.•25 views

Tenda AC15 Command Injection (CVE-2022-28557)

A command injection vulnerability exists in Tenda AC15. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.7AI score0.2197EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/11/17 12:0 a.m.•25 views

Tenda M3 Router Command Injection (CVE-2022-26289)

A command injection vulnerability exists in Tenda M3 Router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS6AI score0.02654EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/11/09 12:0 a.m.•25 views

Lansweeper SQL Injection (CVE-2022-21234)

An SQL injection vulnerability exists in Lansweeper. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

6.5CVSS5.1AI score0.72601EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/11/06 12:0 a.m.•25 views

Tenda TX9 Pro Router Command Injection (CVE-2022-29592)

A command injection vulnerability exists in Tenda TX9 Pro Router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS6.1AI score0.1956EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/10/27 12:0 a.m.•25 views

Microsoft Azure Service Fabric Explorer Cross Site Scripting (CVE-2022-35829)

A cross-site scripting vulnerability exists in Microsoft Azure Service Fabric Explorer. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.8AI score0.19762EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/10/24 12:0 a.m.•25 views

Jenkins Directory Traversal (CVE-2018-1999002)

A directory traversal vulnerability exists in Jenkins. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...

5CVSS4.9AI score0.86641EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2022/08/09 12:0 a.m.•25 views

Adobe Acrobat and Reader Improper Input Validation (APSB22-39: CVE-2022-35668)

A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

6AI score0.04055EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/08/09 12:0 a.m.•25 views

Microsoft Windows Hyper-V Elevation of Privilege (CVE-2022-35751)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.8AI score0.05461EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/08/09 12:0 a.m.•25 views

Microsoft Win32k Elevation of Privilege (CVE-2022-35750)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6AI score0.06478EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/07/20 12:0 a.m.•25 views

Google Chrome Browser V8 Memory Corruption (CVE-2017-5030)

A memory corruption vulnerability exists in Google Chrome Browser V8. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.6AI score0.41603EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/07/12 12:0 a.m.•25 views

Adobe Acrobat and Reader Use After Free (APSB22-32: CVE-2022-34227)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.6AI score0.02749EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/06/15 12:0 a.m.•25 views

Aruba ArubaOS Memory Corruption (CVE-2022-23676)

A memory corruption vulnerability exists in Aruba ArubaOS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.3AI score0.21877EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/05/02 12:0 a.m.•25 views

RiteCMS Remote Code Execution (CVE-2021-46367)

A remote code execution vulnerability exists in RiteCMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.5AI score0.29715EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/04/12 12:0 a.m.•25 views

Adobe Acrobat and Reader Use After Free (APSB22-16: CVE-2022-28230)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.6AI score0.12508EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/04/03 12:0 a.m.•25 views

Pulse Connect Secure Authentication Bypass (CVE-2021-22893)

An authentication bypass vulnerability exists in Pulse Connect Secure. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...

7.5CVSS4.5AI score0.47172EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2022/03/30 12:0 a.m.•25 views

TP-Link WR886N Buffer Overflow (CVE-2021-44864)

A buffer overflow vulnerability exists in TP-Link WR886N. Successful exploitation of this vulnerability could result in a denial of service of the affected system...

4CVSS4.5AI score0.10187EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/03/16 12:0 a.m.•25 views

Zoho ManageEngine Desktop Central Authentication Bypass (CVE-2021-44515)

An authentication bypass vulnerability exists in Zoho ManageEngine Desktop Central. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

10CVSS8.8AI score0.99867EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2022/02/02 12:0 a.m.•25 views

October CMS Authentication Bypass (CVE-2021-32648)

An authentication bypass vulnerability exists in October CMS. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

6.4CVSS6AI score0.90418EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•25 views

Symantec Web Gateway Local File Inclusion (CVE-2012-2957)

A local file inclusion vulnerability exists in Symantec Web Gateway. Successful exploitation of this vulnerability could allow a remote attacker to damage user systems...

7.2CVSS6AI score0.59287EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/09/22 12:0 a.m.•25 views

Form Tools SQL Injection (CVE-2021-38145)

An SQL injection vulnerability exists in Form Tools. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS10AI score0.02152EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/08/03 12:0 a.m.•25 views

Latrix Project SQL Injection (CVE-2021-30000)

An SQL injection vulnerability exists in Latrix Project. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.3AI score0.02118EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/07/26 12:0 a.m.•25 views

Microsoft Internet Explorer Out-of-Bounds Write (CVE-2021-33742)

An out-of-bounds write vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could lead to arbitrary code execution in the context of the affected application...

6.8CVSS3.5AI score0.59139EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•25 views

Jenkins Claim Plugin Cross-Site Scripting (CVE-2021-21619)

A stored cross-site scripting vulnerability exists in Jenkins Claim plugin. This vulnerability is due to insufficient validation of the displayName shown in claims...

3.5CVSS5.4AI score0.0939EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/08 12:0 a.m.•25 views

VMware vCenter Server Remote Code Execution (CVE-2021-21985)

A remote code execution vulnerability exists in VMware vCenter Server. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary code on the affected system...

10CVSS7.9AI score0.99999EPSS
Exploits13
Check Point Advisories
Check Point Advisories
•added 2021/05/12 12:0 a.m.•25 views

Nagios XI Remote Code Execution (CVE-2019-15949)

A remote code execution vulnerability exists in Nagios XI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.7AI score0.77741EPSS
Exploits13
Check Point Advisories
Check Point Advisories
•added 2021/04/25 12:0 a.m.•25 views

SaltStack Salt Method Directory Traversal (CVE-2021-25282)

A directory traversal vulnerability exists in the WheelClient for Salt API, a component of SaltStack Salt. The vulnerability is due to improper validation of user-supplied in the pillarroots.write method...

6.4CVSS3.7AI score0.92312EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/03/28 12:0 a.m.•25 views

Netgear ProSAFE Integer Overflow (CVE-2020-35230)

An integer overflow vulnerability exists in Netgear ProSAFE. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

6.7CVSS5.3AI score0.00418EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/03/14 12:0 a.m.•25 views

yWorks yEd Desktop Remote Code Execution (CVE-2020-25216)

A remote code execution vulnerability exists in yWorks yEd Desktop. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.2AI score0.02424EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/02/16 12:0 a.m.•25 views

CmsWing Project SQL Injection (CVE-2020-20296)

An SQL injection vulnerability exists in CmsWing Project. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.2AI score0.01355EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/02/07 12:0 a.m.•25 views

Microsoft Windows Audio Service Privilege Escalation (CVE-2019-1086)

A privilege escalation vulnerability exists in Microsoft Windows Audio Service. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system...

4.6CVSS8.4AI score0.00856EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/22 12:0 a.m.•25 views

Nagios XI Graph Explorer Cross-Site Scripting (CVE-2020-15902)

A cross-site scripting vulnerability exists in Nagios XI. This vulnerability is due to improper validation of the link parameter in visFunctions.inc.php...

4.3CVSS1.6AI score0.35135EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/11/21 12:0 a.m.•25 views

Zoho ManageEngine Applications Manager SQL Injection (CVE-2020-27995)

A SQL injection vulnerability exists in the Zoho ManageEngine Applications Manager. The vulnerability is due to improper validation of user-supplied input in processing MyPage.do action...

7.5CVSS3.2AI score0.08729EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/28 12:0 a.m.•25 views

Cacti utilities.php Cross-Site Scripting (CVE-2010-2544)

A cross site scripting vulnerability exists in Cacti. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS5.2AI score0.04309EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/13 12:0 a.m.•25 views

Microsoft Win32k Elevation of Privilege (CVE-2020-16913)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS8.2AI score0.01EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/09/01 12:0 a.m.•25 views

Cisco UCS Director saveStaticConfig Directory Traversal (CVE-2020-3248)

A directory traversal vulnerability exists in Cisco UCS Directory. The vulnerability is due to insufficient validation of user input in the saveStaticConfig method...

10CVSS3.1AI score0.7391EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/07/14 12:0 a.m.•25 views

Microsoft Windows Address Book Contact File Parsing Integer Overflow (CVE-2020-1410)

An integer overflow vulnerability has been reported in Microsoft Windows Address Book. This vulnerability is due to improper handling of Contact files. A remote attacker could exploit this vulnerability by enticing a target user to open a Windows Contacts file. Successful exploitation could resul...

9.3CVSS8.4AI score0.11536EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/07/12 12:0 a.m.•25 views

DrayTek Command Injection (CVE-2020-15415)

A command injection vulnerability exists in DrayTek. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.9AI score0.84203EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/07/01 12:0 a.m.•25 views

Zivif Webcams Remote Code Execution (CVE-2017-17107)

A remote code execution vulnerability exists in Zivif Webcams. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS6.1AI score0.03879EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/06/30 12:0 a.m.•25 views

Innotube ITGuard-Manager Remote Code Execution (CVE-2017-18025)

A remote code execution vulnerability exists in Innotube ITGuard-Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.4AI score0.03346EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/06/17 12:0 a.m.•25 views

PHP-Fusion Administration banners.php Cross-Site Scripting (CVE-2020-12438)

A stored cross-site scripting vulnerability exists in PHP-Fusion Banner feature. The vulnerability is due to improper validation of user input in HTTP requests...

3.5CVSS0.8AI score0.00582EPSS
Exploits1
Total number of security vulnerabilities5000