Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•24 views

VS News System show_news_inc.php newsordner Parameter PHP Code Execution - Ver2 (CVE-2007-1017)

A code execution vulnerability has been reported in Virtualsystem Vs-news-system. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.3AI score0.04136EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•24 views

Microsoft Word RTF Object Parsing Memory Corruption (MS08-072) - Ver2 (CVE-2008-4030)

Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...

9.3CVSS7.2AI score0.2339EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•24 views

Colloquy IRC Channel Invite Format String Denial of Service - Ver2 (CVE-2007-0344)

A denial-of-service vulnerability has been reported in Colloquy. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.5CVSS4.2AI score0.06558EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/02 12:0 a.m.•24 views

Symantec Encryption Management Server Database Backup Command Injection (CVE-2014-7288)

A command-injection vulnerability has been reported in Symantec Encryption Management Server. The vulnerability is due to insufficient sanitization of user-supplied input when processing database backup commands from the Web UI. A remote, authenticated attacker could exploit this vulnerability by...

9CVSS6.2AI score0.08116EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•24 views

InduSoft Web Studio Unauthenticated Insecure Remote Operations Code Execution - Ver2 (CVE-2011-4051)

A code execution vulnerability has been reported in the Remote Agent component of InduSoft Web Studio. The vulnerability is due to the absence of authentication for incoming requests to the Remote Agent service. An attacker could exploit this vulnerability by sending crafted requests to the...

10CVSS7.7AI score0.69458EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•24 views

Microsoft Excel RealTimeData Record Heap Corruption (MS10-038) - Ver2 (CVE-2010-1247)

Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. Its native file format is the Binary Interchange File Format BIFF, which is available is several versions. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data an...

9.3CVSS1.3AI score0.22392EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•24 views

Apache HTTP Server mod_deflate Denial of Service - Ver2 (CVE-2014-0118)

A denial of service vulnerability exists in Apache HTTP server. The vulnerability exists in the moddeflate module and is due to a resource exhaustion that is related to request body decompression configuration. A remote, unauthenticated attacker can leverage this vulnerability by sending a...

4.3CVSS1.7AI score0.37156EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•24 views

Digium Asterisk Manager User Shell Command Execution - Ver2 (CVE-2012-2414)

A security bypass vulnerability has been reported in Digium Asterisk. The vulnerability is due to an error in the way the server validates permissions while executing shell commands from unauthorized users. A remote attacker can exploit this issue by sending specially crafted AMI requests to the...

6.5CVSS1.9AI score0.02717EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•24 views

Mac OS X Safari Archive Metadata Command Execution - Ver2 (CVE-2006-0397)

A command execution vulnerability has been reported in Apple Mac OS X and Apple Mac OS X Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.6AI score0.01537EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•24 views

Microsoft Windows Agent ACF File Handling Memory Corruption (MS06-068) - Ver2 (CVE-2006-3445)

A remote code execution vulnerability exists in Microsoft Agent. Microsoft Agent is a software technology that enables an enriched form of user interaction that can make using and learning to use a computer easier and more natural. . The vulnerability is due to a memory corruption error in the...

7.5CVSS7.6AI score0.40143EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•24 views

Internet Explorer 70 Beta 2 BGSOUND DoS - Ver2 (CVE-2006-0544)

A denial-of-service vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.5CVSS4.3AI score0.21516EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/09 12:0 a.m.•24 views

Microsoft Internet Explorer Memory Corruption (MS14-080: CVE-2014-6369)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.24646EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/12/02 12:0 a.m.•24 views

RomPager Authorization Buffer Overflow Denial of Service (CVE-2014-9223)

A buffer overflow vulnerability exist in RomPager Web Server. A remote attacker could exploit this vulnerability by sending a crafted request to the vulnerable server causing a denial of service...

10CVSS4.7AI score0.06026EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/11/27 12:0 a.m.•24 views

Advantech WebAccess SCADA webeye.ocx ip_address Parameter Buffer Overflow (CVE-2014-8388)

A stack buffer overflow exists in Advantech's WebAccess SCADA software. The vulnerability is due to insufficient input validation of the ipaddress parameter contained in the webeye.ocx ActiveX control, a part of the WebAccess Client. A remote, unauthenticated attacker could exploit this...

7.2CVSS3.6AI score0.01051EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/11/11 12:0 a.m.•24 views

Microsoft Windows Schannel Remote Code Execution (MS14-066; CVE-2014-6321)

A remote code execution vulnerability has been reported in Secure Channel Schannel security package. The vulnerability is caused when Schannel in a server system improperly processes specially crafted packets. An attacker could attempt to exploit this vulnerability by sending specially crafted...

10CVSS7.1AI score0.95988EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/11/11 12:0 a.m.•24 views

Microsoft Internet Explorer Memory Corruption (MS14-065: CVE-2014-6343; CVE-2015-1662)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/11/10 12:0 a.m.•24 views

Joomla Component com_liveticker SQL Injection (CVE-2008-6148)

An SQL injection vulnerability has been reported in Raven-worx Liveticker. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.1AI score0.00973EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/08/19 12:0 a.m.•25 views

Microsoft Windows Kodak Image Viewer Code Execution (MS07-055) - ver 2 (CVE-2007-2217)

A buffer overflow vulnerability has been reported in Microsoft Windows Kodak Image Viewer. The vulnerability is due to improper parsing of specially crafted image files, such as TIFF files. An attacker can exploit this vulnerability by constructing a specially crafted image and enticing a victim ...

9.3CVSS6.1AI score0.41415EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/07/23 12:0 a.m.•24 views

Sixnet Sixview Web Console Directory Traversal (CVE-2014-2976)

Sixnet Sixview contains a flaw that allows traversing outside of a restricted path. The issue is due to the program not properly sanitizing user input. With a specially crafted request, a remote attacker can gain access to arbitrary files...

5CVSS5.4AI score0.03743EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2014/07/16 12:0 a.m.•24 views

CA ERwin Web Portal ConfigServiceProvider Remote File Creation (CVE-2014-2210)

A remote file creation/overwrite vulnerability exists in CA ERwin Web Portal. This vulnerability is due to lack of authentication and insufficient input validation in the ConfigServiceProvider servlet when processing HTTP requests. By sending crafted HTTP requests to the target system, a remote...

2.2AI score0.05289EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/07/13 12:0 a.m.•24 views

Oracle Data Quality FileChooserDlg onChangeDirectory Untrusted Pointer Dereference (CVE-2014-2418)

A remote code execution vulnerability exists in Oracle Data Profiling and Data Quality for Data Integrator. The vulnerability is due to dereferencing an arbitrary pointer within the TSS12.DscTools.FileChooserDlg ActiveX control. A remote attacker can exploit this vulnerability by enticing a user ...

3.8AI score0.01343EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/06/18 12:0 a.m.•24 views

Oracle Data Quality DscXB onloadstatechange Untrusted Pointer Dereference (CVE-2014-2417)

A remote code execution vulnerability exists in Oracle Data Profiling and Data Quality for Data Integrator. The vulnerability is due to dereferencing an arbitrary pointer within the TSS12.DscXB.XB ActiveX control. A remote attacker can exploit this vulnerability by enticing a user to open a...

5CVSS7.2AI score0.01343EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/06/01 12:0 a.m.•24 views

Microsoft Office Chinese Grammar Checker Insecure Library Loading (MS14-023; CVE-2014-1756)

An insecure library loading vulnerability has been reported in Microsoft Office proofing tools. The vulnerability is due to the way that the Chinese Simplified Grammar Checker component handles the loading of dynamic-link library .dll files. A remote attacker could exploit this vulnerability by...

9.3CVSS1.5AI score0.086EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•24 views

Microsoft Office Excel Label Record Buffer Overflow (MS11-021) - Ver2 (CVE-2011-0098)

A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to a flaw in the parsing of Label record in Excel documents, causing a buffer overflow. Remote attackers can exploit this vulnerability by enticing target users to open a malicious Excel file. In ...

9.3CVSS7.1AI score0.30499EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•24 views

Microsoft Excel Corrupted Table Records Code Execution (MS10-080) - Ver2 (CVE-2010-3232)

Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. A memory corruption vulnerability has been identified in Microsoft...

9.3CVSS6.7AI score0.21413EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•24 views

Microsoft Word UPX Data Stack Validation Buffer Overflow - Ver2 (CVE-2010-3214)

A memory corruption vulnerability has been reported in Microsoft Office Word. The vulnerability is due to an error in Microsoft Word that fails to properly validate UPX structures within specially crafted Word files. Successful exploitation of this vulnerability could allow a remote attacker to...

7.1AI score0.24787EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/09 12:0 a.m.•24 views

RealNetworks RealPlayer SWF Frame Handling Buffer Overflow - ver 2 (CVE-2007-5400)

There exists a heap buffer overflow vulnerability in the RealNetworks RealPlayer product. The vulnerability is due to a design error within the handling of frames in Shockwave Flash SWF files. A remote attacker can exploit this vulnerability to create a heap overflow condition in the target...

2.6AI score0.06765EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•24 views

Novell ZENworks Asset Management File Upload Directory Traversal - Ver2 (CVE-2010-4229)

A directory traversal vulnerability has been reported in Novell ZENworks. The vulnerability is due to improper handling of path names when uploading files via ZENworks Asset Management. Successful exploitation of this vulnerability would allow a remote attacker to list directories, create arbitra...

7.2AI score0.25428EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•24 views

Microsoft GDI+ WMF Integer Overflow (MS09-062) - Ver2 (CVE-2009-2500)

The Microsoft Windows graphics device interface GDI enables applications to use graphics and formatted text on the video display and on the printer.Windows Metafile WMF is a 16-bit metafile image format optimized for the Windows operating system that can contain both vector information and bitmap...

9.3CVSS7.3AI score0.23647EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•24 views

Microsoft Internet Explorer Memory Corruption (MS14-012: CVE-2014-0304)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

9.3CVSS7.6AI score0.2098EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•24 views

CCRP Control BrowseDialog Denial of Service - Ver2 (CVE-2007-0371)

A denial-of-service vulnerability has been reported in Common Controls Replacement Project Browsedialog Server. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.2AI score0.02222EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•24 views

WordPress Backdoor iz Parameter Passthru (CVE-2007-1277)

A command execution vulnerability has been reported in WordPress. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.3AI score0.27006EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/02/03 12:0 a.m.•24 views

Microsoft OpenType Font Index Privilege Escalation - Ver2 (CVE-2010-3956)

A privilege escalation vulnerability has been reported in the OpenType Font OTF format driver. The vulnerability is due to an error in the OpenType Font OTF format driver that fails to properly index an array when parsing OpenType fonts. A remote attacker could exploit this vulnerability via a...

6.7AI score0.08274EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/02/03 12:0 a.m.•24 views

CA BrightStor Arcserve Media Server Stack Buffer Overflow - Ver2 (CVE-2007-2139)

A buffer overflow vulnerability has been reported in CA BrightStor ARCserve Media Server. The vulnerability is due to insufficient boundary checking when processing crafted strings supplied in SUN RPC requests. Successful exploitation of this vulnerability could allow a remote attacker to execute...

7.5AI score0.77996EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•24 views

Microsoft IIS ASP Handling Code Execution (MS08-006) - Ver2 (CVE-2008-0075)

Microsoft Internet Information Services IIS is a multi-featured server product that ships with all versions of Microsoft. The product provides FTP, SMTP, NNTP and HTTP services. The HTTP component, known as the WWW Publishing Service, allows for the serving of dynamic content, notably in the form...

10CVSS7.4AI score0.57167EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•24 views

Mac OS X Safari x-man-page URI Terminal Escape Command Execution - Ver2 (CVE-2005-1342)

A command execution vulnerability has been reported in Apple Mac OS X. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS7.2AI score0.05213EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/08/20 12:0 a.m.•24 views

NTR ActiveX Control StopModule() Remote Code Execution (CVE-2012-0267)

A remote code execution vulnerability has been reported in the NTR ActiveX 1.1.8...

7.4AI score0.38975EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•24 views

Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3193)

A remote code execution vulnerability has been reported in Internet Explorer...

7.4AI score0.19338EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/07/23 12:0 a.m.•24 views

Trimble Navigation SketchUp PICT File Buffer Overflow - Improved Performance (CVE-2013-3664)

A remote code execution vulnerability has been reported in Trimble SketchUp. The vulnerability is due to a stack buffer overflow while processing PICT files which contain a malicious number of ARGB entries. A remote attacker can exploit this vulnerability by enticing a target user to open a...

9.3CVSS7.5AI score0.29778EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•24 views

FreeBSD NFS Server READDIR Request Memory Corruption (CVE-2013-3266)

A memory corruption vulnerability has been reported in nfsrvdreaddir function in FreeBSD NFS server. The vulnerability is due to insufficient sanitation of READDIR requests and can result in the underlying filesystem to interpret a file as a directory. A remote attacker can exploit this...

7.5CVSS7.3AI score0.0351EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/09 12:0 a.m.•24 views

Microsoft Internet Explorer Deleted HTML Object Code Execution (MS13-055; CVE-2013-3164)

A remote code execution vulnerability has been reported in Internet Explorer...

7.4AI score0.23587EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/07/09 12:0 a.m.•24 views

Microsoft Internet Explorer Memory Corruption (MS13-055; CVE-2013-3115)

A use after free vulnerability has been reported in Microsoft Internet Explorer...

6.4AI score0.25039EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/06/30 12:0 a.m.•24 views

Novell GroupWise Client ActiveX gwabdlg.dll Untrusted Pointer Dereference (CVE-2013-0804)

An untrusted pointer dereference vulnerability has been reported in Novell GroupWise Client for Windows...

6.4AI score0.12398EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/06/30 12:0 a.m.•24 views

Digium Asterisk SIP SDP Header Parsing Stack Buffer Overflow (CVE-2013-2685)

A buffer overflow vulnerability exists in Asterisk Open Source...

6.8AI score0.02621EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/04/21 12:0 a.m.•24 views

Apple QuickTime Plugin Content-Type Buffer Overflow - Improved Performance (CVE-2012-3753)

A stack buffer overflow vulnerability has been reported in Apple QuickTime plugin. The vulnerability is due to insufficient bounds checking. A remote attacker could exploit this vulnerability by enticing the target user to view a specially crafted web page. Successful exploitation would allow...

7.2AI score0.35078EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2013/04/04 12:0 a.m.•24 views

EMC NetWorker nsrindexd RPC Service Buffer Overflow (CVE-2012-4607)

A buffer overflow vulnerability has been reported in EMC NetWorker. The vulnerability is due to a boundary error when processing crafted RPC requests. A remote unauthenticated attacker could trigger this flaw by sending a crafted RPC request to the server...

6.8AI score0.03189EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/03/12 12:0 a.m.•24 views

Internet Explorer CTreeNode Use After Free Remote Code Execution (MS13-021; CVE-2013-1288)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

7.3AI score0.18477EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/03/07 12:0 a.m.•24 views

Symantec Gateway Products DNS Cache Poisoning - High Confidence (CVE-2005-0817)

The Symantec Firewall has a DNS proxy service, DNSD.exe, that acts as a proxy and cache server for the DNS requests generated by internal systems...

6.5AI score0.01615EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/02/12 12:0 a.m.•24 views

Postfix IPv6 Relaying Security Issue (CVE-2005-0337)

There is a vulnerability in the way Postfix handles the relaying of e-mail messages A successful attack allows an attacker to use the target Postfix as an open relay to MX hosts with IPv6addresses...

6.2AI score0.02806EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/02/12 12:0 a.m.•24 views

Internet Explorer VML Objects Memory Corruption (MS13-009; CVE-2013-0030)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way VML buffers are allocated. A remote attacker could trigger this vulnerability by enticing an unsuspecting victim to open a specially crafted web page. An attacke...

9.3CVSS7AI score0.26696EPSS
Exploits0
Total number of security vulnerabilities5000