Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/03/04 12:0 a.m.•25 views

OpenSSL TLS Export Cipher Suite Downgrade (CVE-2015-0204; CVE-2015-1637)

A vulnerability has been detected in the way OpenSSL handles TLS handshakes that use weak, legacy cipher suites. An attacker might leverage this vulnerability to intercept secure communications...

4.3CVSS0.9AI score0.98685EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/16 12:0 a.m.•25 views

ManageEngine Multiple Products WsDiscoveryServlet Directory Traversal (CVE-2014-5302)

A directory traversal vulnerability exists in ManageEngine ServiceDesk Plus, AssetExplorer and IT360. The vulnerability is due to lack of authentication and insufficient input validation on the "computerName" parameter sent in HTTP requests to the WsDiscoveryServlet. A remote unauthenticated...

9CVSS1.9AI score0.1073EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2015/01/12 12:0 a.m.•25 views

Adobe Reader Javascript API Information Disclosure (APSB14-28: CVE-2014-8451)

An Information Disclosure vulnerability has been reported in Adobe Reader. The vulnerability is due to an improper implementation of a Javascript API. A remote attacker can exploit this issue by enticing a victim to open a specially crafted PDF file...

5CVSS6AI score0.094EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•25 views

Microsoft Fax Cover Page Editor Buffer Overflow - Ver2 (CVE-2010-4701)

A heap buffer overflow vulnerability has been discovered in Microsoft Windows Fax Services. The Windows Fax Service is a component that allows a Windows system to act as a Fax server. One of the tools within this fax suite is the Fax Console, which allows a user to monitor the sending and receivi...

7.6CVSS7.5AI score0.47832EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•25 views

Digium Asterisk Manager User Shell Command Execution - Ver2 (CVE-2012-2414)

A security bypass vulnerability has been reported in Digium Asterisk. The vulnerability is due to an error in the way the server validates permissions while executing shell commands from unauthorized users. A remote attacker can exploit this issue by sending specially crafted AMI requests to the...

6.5CVSS1.9AI score0.02717EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•25 views

Microsoft Windows Agent ACF File Handling Memory Corruption (MS06-068) - Ver2 (CVE-2006-3445)

A remote code execution vulnerability exists in Microsoft Agent. Microsoft Agent is a software technology that enables an enriched form of user interaction that can make using and learning to use a computer easier and more natural. . The vulnerability is due to a memory corruption error in the...

7.5CVSS7.6AI score0.40143EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/09 12:0 a.m.•25 views

Microsoft Internet Explorer Memory Corruption (MS14-080: CVE-2014-6374)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.1253EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/11/10 12:0 a.m.•25 views

Joomla Component com_content SQL Injection (CVE-2008-6923)

SQL injection vulnerability has been reported in Joomla Com Content. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.3AI score0.00928EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/10/29 12:0 a.m.•25 views

Digium Asterisk HTTP Connections Denial of Service (CVE-2014-4047)

A denial of service vulnerability exists in Digium Asterisk. The vulnerability is due to the way HTTP sessions are being handled. A remote, unauthenticated attacker can exploit this vulnerability by establishing an excessive number of TCP connections to the configured HTTP or HTTPS port...

5CVSS1.7AI score0.0491EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/09/17 12:0 a.m.•25 views

Apache HTTP Server mod_deflate Denial of Service (CVE-2014-0118)

A denial of service vulnerability exists in Apache HTTP server. The vulnerability exists in the moddeflate module and is due to a resource exhaustion that is related to request body decompression configuration. A remote, unauthenticated attacker can leverage this vulnerability by sending a...

4.3CVSS1.7AI score0.37156EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/09/09 12:0 a.m.•25 views

Microsoft Internet Explorer Memory Corruption (MS14-052: CVE-2014-4092)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS4.1AI score0.15993EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/08/12 12:0 a.m.•25 views

Microsoft Internet Explorer Memory Corruption (MS14-051: CVE-2014-4057)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS4.1AI score0.16463EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/07/28 12:0 a.m.•25 views

D-Link HNAP Request Stack Buffer Overflow (CVE-2014-3936)

A remote code execution vulnerability exists in D-Link routers. The vulnerability is due to a stack buffer overflow while processing crafted HTTP POST requests addressed to the HNAP handler. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code on the affected...

10CVSS5.7AI score0.76555EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/07/16 12:0 a.m.•25 views

Advantech WebAccess SCADA webvact.ocx GotoCmd Buffer Overflow (CVE-2014-0765)

A stack buffer overflow has been reported in Advantech's WebAccess SCADA software. This vulnerability is due to insufficient input validation on the GotoCmd parameter of the webvact.ocx ActiveX control, a part of the WebAccess Client. A remote, unauthenticated attacker could exploit this...

6.6AI score0.02672EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/07/14 12:0 a.m.•25 views

Rocket Servergraph Admin Center userRequest and tsmRequest Command Execution (CVE-2014-3915)

Multiple vulnerabilities exist in Rocket Servergraph, an interface for monitoring backup solutions such as IBM Tivoli Storage Manager, Symantec NetBackup etc. These vulnerabilities are due to input validation errors when handling requests to the URIs userRequest and tsmRequest. A remote...

10CVSS2.6AI score0.03119EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/05/13 12:0 a.m.•25 views

Adobe ColdFusion Server invoke() Method Code Execution (CVE-2013-3350)

A remote code execution has been reported in Adobe ColdFusion server. The vulnerability is due to a bug in the invoke method. A remote attacker can exploit this issue by changing values on a page hosted on the affected server...

10CVSS7.2AI score0.07563EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/27 12:0 a.m.•25 views

Novell ZENworks Configuration Management PreBoot Directory Traversal (CVE-2013-3706)

A directory traversal vulnerability has been reported in Novell ZENworks Configuration Manager. The vulnerability is due to the preboot service which supports an opcode that allows files to be downloaded through directory traversal. A remote attacker can exploit this vulnerability to disclose the...

5CVSS6.4AI score0.07615EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•25 views

Internet Explorer ActiveX Navigate Handling Code Execution (MS08-073) - Ver2 (CVE-2008-4258)

Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Internet Explorer that fails to properly validate parameters made during a method call in the...

8.5CVSS7.1AI score0.17841EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•25 views

Microsoft Word Access Violation Code Execution - Ver2 (CVE-2011-1983)

A code execution vulnerability has been reported in Microsoft Office Word. The vulnerability is due to an error in the way Microsoft Word handles objects in memory. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.3AI score0.22724EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•25 views

Microsoft Excel Record Parsing Code Execution - Ver2 (CVE-2011-3403)

A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to improper handling of certain records in Microsoft Excel while parsing malformed Excel files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary cod...

7.4AI score0.20786EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•25 views

Microsoft Excel Biff Record PtgName Entries Code Execution (MS10-080) - Ver2 (CVE-2010-3235)

Microsoft Excel is a popular spreadsheet application. A memory corruption vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly validate formula information upon opening a specially crafted Excel file. A remote...

9.3CVSS6.8AI score0.21413EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•25 views

Microsoft Word RTF Drawing Primitives Remote Code Execution (MS08-072) - Ver2 (CVE-2008-4028)

Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...

9.3CVSS7.2AI score0.38057EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•25 views

Wim Fleischhauer Docpile INIT_PATH Parameter PHP Code Execution - Ver2 (CVE-2006-4076)

A code execution vulnerability has been reported in Wim Fleischhauer Docpile. An attacker could exploit this vulnerability via a URL in the INITPATH parameter to lib/access.inc.php, lib/folders.inc.php, lib/init.inc.php or lib/templates.inc.php. Successful exploitation of this vulnerability could...

7.6AI score0.01868EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•25 views

IBM WebSphere Application Server Cross-Site Scripting - Ver2 (CVE-2009-0855)

A cross-site scripting vulnerability has been reported in IBM WebSphere Application Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS5.7AI score0.05979EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•25 views

GomPlayer wav Buffer Overflow - Ver2 (CVE-2013-5716)

A buffer overflow vulnerability has been reported in Gomlab Gom Player. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.6AI score0.02154EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•25 views

Microsoft Internet Explorer Memory Corruption (MS14-012; CVE-2014-0298)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

4.9AI score0.12736EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•25 views

Internet Explorer Mouse Drag Hijack Arbitrary File Execution - Ver2 (CVE-2004-0841)

An arbitrary file execution vulnerability has been reported in Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute and install arbitrary programs on the affected system...

6.8AI score0.48733EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/02/16 12:0 a.m.•25 views

FreeBSD bsnmpd GETBULK PDU Stack Buffer Overflow (CVE-2014-1452)

A remote code execution vulnerability exists in the FreeBSD. The vulnerability is caused due to improper handling of crafted GETBULK PDU requests. A remote,unauthenticated attacker can exploit these vulnerabilities to execute arbitrary code on the target system within the security context of bsnm...

5.8CVSS7.8AI score0.01894EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/02/11 12:0 a.m.•25 views

Microsoft Internet Explorer Memory Corruption (MS14-010: CVE-2014-0271)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...

9.3CVSS7.1AI score0.38434EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/02/03 12:0 a.m.•25 views

PHP POST File Upload Buffer Overflow - Ver2 (CVE-2002-0081)

A buffer overflow vulnerability has been reported in PHP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5AI score0.24256EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/19 12:0 a.m.•25 views

NTP Servers Monlist Command Denial of Service (CVE-2013-5211)

There exists a design flaw in NTP servers that can allow attackers to perform DoS attacks against target machines. A remote attacker can leverage this flaw by sending a specially crafted request to an affected NTP server...

5.3AI score0.97755EPSS
Exploits23
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•25 views

AINS function.inc.php path Parameter PHP Code Execution - Ver2 (CVE-2007-0570)

A code execution vulnerability has been reported in Johannes Gijsbers Ad Fundum Integratable News Script AINS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.0267EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•25 views

Internet Explorer Null Byte Information Disclosure (MS12-010) - Ver2 (CVE-2012-0012)

An information disclosure vulnerability has been reported in Internet Explorer. The vulnerability occurs during certain processes, in which Internet Explorer incorrectly allows attackers to view content from the process memory. A remote attacker may exploit this issue by enticing target users to...

4.3CVSS5.7AI score0.16915EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•25 views

MySQL Commander dbopen.php home Parameter PHP Code Execution - Ver2 (CVE-2007-1439)

A code execution vulnerability has been reported in bitesser MySQL Commander. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.4AI score0.05531EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•25 views

Microsoft Access Memory Corruption (MS13-074; CVE-2013-3155)

A remote code execution vulnerability exists in Microsoft Access...

7.2AI score0.20184EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•25 views

Microsoft Access ACCDB File Memory Corruption (MS13-074; CVE-2013-3157)

A memory corruption vulnerability has been reported in Microsoft Access...

2.9AI score0.18682EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/03 12:0 a.m.•25 views

Oracle BPEL Process Manager ScriptServlet Information Disclosure (CVE-2013-3828)

A directory traversal vulnerability has been reported in Oracle BPEL Process Manager. The vulnerability is due to insufficient input validation in ScriptServlet when processing HTTP request parameters. A remote unauthenticated attacker can leverage this vulnerability to obtain sensitive informati...

5CVSS5.9AI score0.01733EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/11/18 12:0 a.m.•25 views

Novell ZENworks Configuration Management umaninv Information Disclosure (CVE-2013-1084)

An information disclosure vulnerability exists in Novel ZENworks Configuration Management...

1.3AI score0.05676EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/10/27 12:0 a.m.•25 views

BlackHole Toolkit v2 JAVA Payload Stage Code Execution (CVE-2012-0507; CVE-2012-1723; CVE-2013-0422; CVE-2013-0431; CVE-2013-1493)

BlackHole is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with BlackHole by enticing them to visit a malicious web page. Successful infection will allow the attacker to download additional malware to the target...

10CVSS9AI score0.98113EPSS
Exploits76
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•25 views

Trimble Navigation SketchUp BMP File Buffer Overflow (CVE-2013-3664)

A remote code execution vulnerability exists in Trimble Navigation's Sketchup...

7.3AI score0.29778EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/09/18 12:0 a.m.•25 views

Microsoft Internet Explorer Memory Corruption (CVE-2013-3893)

A remote code execution vulnerability has been reported in Internet Explorer...

7.4AI score0.8593EPSS
Exploits18
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•25 views

Microsoft Excel Memory Corruption (MS13-067; CVE-2013-1315)

A remote code execution vulnerability exists in the way that Microsoft Excel parses content in Excel files...

7.2AI score0.28702EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/08/20 12:0 a.m.•25 views

NTR ActiveX Control Check() Method buffer overflow (CVE-2012-0266)

A remote code execution vulnerability has been reported in the NTR ActiveX 1.1.8...

7.4AI score0.42093EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2013/08/20 12:0 a.m.•25 views

Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Control Code Execution (CVE-2013-1559)

A remote code execution vulnerability exists in Oracle WebCenter Content...

7.3AI score0.58817EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2013/06/30 12:0 a.m.•25 views

3S Smart Software Solutions CoDeSys Gateway Server Denial Of Service (CVE-2012-4707)

A denial of service vulnerability has been reported in 3S Smart Software Solutions CoDeSys Gateway Server...

6.3AI score0.03562EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/06/30 12:0 a.m.•25 views

HP Intelligent Management Center IctDownloadServlet Information Disclosure (CVE-2012-5204)

An information disclosure vulnerability exists in HP Intelligent Management Center...

5.8AI score0.18464EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/06/11 12:0 a.m.•25 views

Internet Explorer Cache Control Heap Corruption (MS13-047; CVE-2013-3125)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer...

7.3AI score0.19345EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/06/11 12:0 a.m.•25 views

Microsoft Windows Print Spooler Elevation of Privilege (MS13-050; CVE-2013-1339)

An elevation of privilege vulnerability exists in Windows Print Spooler...

9CVSS6.4AI score0.23625EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/05/02 12:0 a.m.•25 views

Microsoft Visio SVG File Information Disclosure (MS13-044) - High Confidence (CVE-2013-1301)

An information disclosure vulnerability has been reported in Microsoft Visio. The vulnerability is caused when Microsoft Visio improperly handles XML external entities that are resolved within other XML external entity declarations. An attacker who successfully exploited this vulnerability could...

4.3CVSS5.4AI score0.16707EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/04/23 12:0 a.m.•25 views

Apple QuickTime ActiveX Control Clear Method Use After Free - Improved Performance (CVE-2012-3754)

A use-after-free vulnerability has been reported in Apple QuickTime's ActiveX control. The vulnerability is due to an error while handling a certain method. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted web page using Internet Explorer...

7AI score0.04365EPSS
Exploits1
Total number of security vulnerabilities5000