Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/11/26 12:0 a.m.•23 views

IBM Tivoli Storage Manager FastBack Server Opcode 1329 Directory Traversal (CVE-2015-1941)

A directory traversal vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient input validation of parameters in opcode 1329 requests. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port...

7.8CVSS8.7AI score0.0596EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•23 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6077)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.19795EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/10/15 12:0 a.m.•23 views

Stack-based Buffer Overflow in Artegic Dana IRC Client (CVE-2008-2922)

Stack-based buffer overflow in artegic Dana IRC client 1.3 and earlier allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long IRC message...

7.5CVSS7.5AI score0.05048EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/10/13 12:0 a.m.•23 views

Microsoft Internet Explorer Information Disclosure (MS15-106: CVE-2015-6059)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to improperly handling requests for module resources. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of...

4.3CVSS7.2AI score0.16331EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/20 12:0 a.m.•23 views

Bugzilla Mail Authentication Mechanism Bypass (CVE-2015-4499)

An authentication mechanism bypass vulnerability has been found in Bugzilla. Any unauthenticated remote attacker may leverage this vulnerability to gain access to database information regarding unpatched bugs, and exploit them to attack the affected pieces of software before security patches are...

7.5CVSS3AI score0.03371EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•23 views

Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2486)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory . A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...

9.3CVSS7.1AI score0.20243EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•23 views

Microsoft Windows Graphics Component Denial of Service (MS15-097; CVE-2015-2510)

A denial of service vulnerability exists in Microsoft Windows Graphics Component. The vulnerability is due to an error while parsing certain files. A remote attacker can exploit this issue by enticing a target user to open a specially crafted file...

9.3CVSS6AI score0.35639EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/12 12:0 a.m.•23 views

Google Android Stagefright 3GPP Integer Underflow (CVE-2015-3828)

A remote code execution vulnerability, known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to an integer underflow condition in multiple MP4 atoms. Successful exploitation would allow an attacker to execute arbitrary code on the target system...

10CVSS4.2AI score0.85378EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•23 views

Microsoft Office Integer Underflow (MS15-081: CVE-2015-2470)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially crafted office...

9.3CVSS6.9AI score0.26857EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•23 views

Microsoft Office Component Use After Free (MS15-081: CVE-2015-1642)

A remote code execution vulnerability has been reported in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a...

9.3CVSS5AI score0.53213EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•23 views

Turnkey Web Tools PHP Live Helper 1.8 Remote File Inclusion (CVE-2006-1477)

A file inclusion vulnerability has been reported in Turnkey Web Tools PHP Live Helper. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS3.3AI score0.04696EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/06/25 12:0 a.m.•23 views

HP SiteScope Log Analyzer Information Disclosure (CVE-2015-2120)

A privilege escalation vulnerability exists in HP SiteScope. The vulnerability is due to improper validation of the log path, allowing the user to read the users.config file. A remote, authenticated attacker may exploit this vulnerability by submitting a crafted log path...

8.7CVSS6.3AI score0.03484EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/06/21 12:0 a.m.•23 views

LANDesk Management Suite AMTVersion Cross-Site Scripting (CVE-2014-5360)

A cross-site scripting vulnerability exists in LANDesk Management Suite. The vulnerability is due to improper validation of a user-supplied parameter AMTVersion. A remote attacker could exploit this vulnerability by enticing a target user to view crafted web content...

4.3CVSS2.9AI score0.00991EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•23 views

Microsoft Office Graphics Image Filter WPG Heap Overflow - Ver2 (CVE-2008-3460)

A buffer overflow vulnerability has been reported in Microsoft Works, Microsoft Office Converter Pack and Microsoft Office. An attacker could exploit this vulnerability via a crafted WPG file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on...

9.3CVSS7.4AI score0.32172EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•23 views

Microsoft Internet Explorer Table Layout Memory Corruption - Ver2 (CVE-2008-2258)

A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to a memory corruption in the way Internet Explorer handles HTML tables. Remote attackers can entice target users to visit a malicious web page via a vulnerable version of the Internet...

9.3CVSS3.2AI score0.35038EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•23 views

Oracle Secure Backup Administration property_box.php Command Injection - Ver2 (CVE-2010-0899)

Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The server allows for single point of management of data present on network attached storage NAS devices and distributed hosts which may have different operating systems. The data in transit is kept secure ...

9CVSS7.4AI score0.02243EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/03/30 12:0 a.m.•23 views

SolarWinds Firewall Security Manager userlogin.jsp Policy Bypass (CVE-2015-2284)

A policy bypass vulnerability exists in SolarWinds Firewall Security Manager. The vulnerability is due to a design weakness in the userlogin.jsp page which sets the "username" session value to a user supplied value prior to authentication. A remote unauthenticated attacker could exploit this...

10CVSS2.7AI score0.74054EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•23 views

Interactive Data eSignal Listener Buffer Overflow - Ver2 (CVE-2004-1868)

eSignal is a real-time market data and support tool provided by Interactive Data Corporation. The product supplies financial market data and more for traders over the internet. To facilitate the receipt of incoming data, eSignal opens a local, listening socket on TCP Port 80. There exists a buffe...

7.5CVSS6.5AI score0.06708EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•23 views

Microsoft Internet Explorer Malformed BMP File Buffer Overrun Code Execution - Ver2 (CVE-2004-0566)

A code execution vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.4AI score0.38477EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•23 views

Microsoft Excel Sheet Name Memory Corruption - Ver2 (CVE-2007-3490)

Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...

7.5CVSS3.8AI score0.36551EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/10 12:0 a.m.•23 views

Microsoft Office Component Use After Free (MS15-022: CVE-2015-0085)

A remote code execution vulnerability has been reported in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a...

9.3CVSS7AI score0.17279EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•23 views

Advantech WebAccess HMI and SCADA Software CrossSite Scripting - Ver2 (CVE-2012-0233)

A cross-site scripting vulnerability has been reported in Advantech Webaccess. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS5.8AI score0.00989EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•23 views

Facebook Photo Uploader ActiveX Control FileMask Method Buffer Overflow - Ver2 (CVE-2008-0660)

Facebook is a social networking website which allows its users to publish their photos. The website publishes an ActiveX control, ImageUploader4.ocx, to assist photo uploading. A buffer overflow vulnerability exists in the Facebook Photo Uploader ActiveX control. The flaw is due to a boundary err...

9.3CVSS4.6AI score0.37762EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•23 views

Novell Groupwise Addressbook Integer Overflow - Ver2 (CVE-2012-0418)

A code execution vulnerability has been reported in Novell GroupWise. The vulnerability is due to a heap buffer overflow while parsing tokens within a specially crafted Novell Address Book .nab file. A remote attacker can exploit this issue by enticing a target user to open a specially crafted .n...

9.3CVSS4.1AI score0.03753EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•23 views

Mitsubishi MCWorkX ActiveX Control File Execution Command Execution - Ver2 (CVE-2013-2817)

A command execution vulnerability has been reported in Mitsubishielectric Mc-worx Suite. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9.3CVSS5.4AI score0.0593EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•23 views

RDesktop process_redirect_pdu BSS Overflow Buffer Overflow - Ver2 (CVE-2008-1802)

A buffer overflow vulnerability has been reported in Rdesktop. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

9.3CVSS5AI score0.12978EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•23 views

Internet Explorer 70 Beta 2 BGSOUND DoS - Ver2 (CVE-2006-0544)

A denial-of-service vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.5CVSS4.3AI score0.21516EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/18 12:0 a.m.•23 views

Microsoft Graphics Component Information Disclosure (MS14-085) - ver 2 (CVE-2014-6355)

An information disclosure vulnerability has been reported in the Microsoft Graphics Component. The vulnerability is due to the way Microsoft Graphics Component improperly handles the decoding of JPEG images in memory. A remote attacker can exploit this vulnerability by enticing a user to download...

5CVSS5.7AI score0.34203EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/11/11 12:0 a.m.•23 views

Microsoft Internet Explorer Memory Corruption (MS14-065: CVE-2014-6348)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15682EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/11/10 12:0 a.m.•23 views

XOOPS Module Tiny Event Remote SQL Injection (CVE-2007-1811)

An SQL injection vulnerability has been reported in Chapi Tiny Event. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS4.9AI score0.01029EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/11/10 12:0 a.m.•23 views

Joomla Component com_ezautos SQL Injection (CVE-2010-4929)

An SQL injection vulnerability has been reported in Joostina-cms Com Ezautos. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS8.1AI score0.00929EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/11/10 12:0 a.m.•23 views

Joomla Component com_mojo Remote File Include (CVE-2009-4789)

A code execution vulnerability has been reported in Mojoblog. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.2AI score0.02098EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/11/10 12:0 a.m.•23 views

XOOPS Module dictionary SQL Injection (CVE-2009-4582)

An SQL injection vulnerability has been reported in Xoops Dictionary. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5AI score0.00961EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/11/10 12:0 a.m.•23 views

Joomla Component com_wmtpic SQL Injection (CVE-2010-4968)

An SQL injection vulnerability has been reported in Webmaster-tips Com Wmtpic. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS4.9AI score0.0101EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/11/10 12:0 a.m.•23 views

Joomla component com_estateagent SQL Injection (CVE-2011-4571)

An SQL injection vulnerability has been reported in Eaimproved Com Estateagent. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.3AI score0.01003EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/10/14 12:0 a.m.•23 views

Microsoft Internet Explorer Elevation of Privilege (MS14-056: CVE-2014-4124)

An elevation of privilege vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer validates permissions under specific conditions, potentially allowing script to be run with elevated privileges...

6.8CVSS3.6AI score0.116EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/10/13 12:0 a.m.•23 views

Red Hat JBoss RESTEasy PARAMETER ENTITY XXE Information Disclosure (CVE-2014-3490)

An information disclosure vulnerability has been reported in Red Hat JBoss RESTEasy. This is due to an incorrectly configured XML parser accepting XML eXternal Entities XXE from the RESTEasy endpoint. A remote unauthenticated attacker may exploit this vulnerability on a web application powered by...

7.5CVSS1.2AI score0.04572EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/08/12 12:0 a.m.•23 views

Microsoft Internet Explorer Memory Corruption (MS14-051: CVE-2014-2823)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS4.1AI score0.16463EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/08/03 12:0 a.m.•23 views

McAfee Cloud Single Sign On ExtensionAccessServlet Directory Traversal (CVE-2014-2536)

A directory traversal vulnerability has been reported in the ExtensionAccessServlet included in McAfee Cloud Single Sign On. The vulnerability is due to insufficient input sanitization on the GET request URI passed to the ExtensionAccessServlet. A remote unauthenticated attacker can exploit this...

4.4AI score0.02393EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/08/03 12:0 a.m.•23 views

Microsoft Windows TCP Denial of Service (MS14-031; CVE-2014-1811)

A denial-of-service vulnerability exists in Microsoft Windows and Windows Server. The vulnerability is due to TCP/IP stack failing to properly handle crafted packets. A remote unauthenticated attacker can exploit this vulnerability by sending crafted packets to the target system...

3.7AI score0.18221EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/07/27 12:0 a.m.•23 views

libav LZO Integer Overflow (CVE-2014-4609)

A code execution vulnerability exists in the libav library. The vulnerability is due to an integer overflow while processing literal runs in the LZO compressed data. A remote unauthenticated attacker could exploit this vulnerability by enticing a target user to open a crafted file with an...

6.8CVSS4.5AI score0.05739EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/07/08 12:0 a.m.•23 views

Microsoft Internet Explorer Memory Corruption (MS14-037; CVE-2014-1765)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

4.1AI score0.1565EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/06/25 12:0 a.m.•23 views

ISC BIND Recursive Nameservers Prefetch Denial of Service (CVE-2014-3214)

A denial of service vulnerability has been reported in ISC BIND. The vulnerability is due to an assertion failure when processing queries involved in the prefetch feature of recursive nameservers. A remote attacker may exploit this vulnerability by sending a specially crafted query to the affecte...

5CVSS3.8AI score0.17259EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/05/22 12:0 a.m.•23 views

Yokogawa CENTUM CS 3000 SCADA Service Buffer Overflow (CVE-2014-0783)

A remote code execution vulnerability has been reported in Yokogawa CENTUM CS 3000. A remote attacker can exploit this vulnerability by sending specially crafted packets...

9CVSS7.3AI score0.68359EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/05/14 12:0 a.m.•23 views

Red Hat CloudForms Management Engine SQL Injection (CVE-2013-2050)

An SQL injection has been reported in Red Hat CloudForms Management Engine. The vulnerability is due to improper sanitization of in the "explorer" action of "miqpolicy" controller. A remote attacker can exploit this vulnerability via the profile parameter in an explorer action...

7.5CVSS7.6AI score0.15659EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•23 views

Microsoft Windows Signature Validation Remote Code Execution - Ver2 (CVE-2012-0151)

A code execution vulnerability has been reported in Windows Authenticode Signature Verification function used for portable executable PE files. The vulnerability is due to an error in the way the Authenticode Signature Verification function validates the file digest of a specially crafted PE file...

4.2AI score0.8878EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•23 views

Microsoft Access ACCDB Memory Corruption - Ver2 (CVE-2013-3155)

A code execution vulnerability has been reported in Microsoft Access. The vulnerability is due to an error in the way that Microsoft Access parses ACCDB files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.3AI score0.20184EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•23 views

Ultra Crypto Component AcquireContext Buffer Overflow - Ver2 (CVE-2007-4903)

A buffer overflow vulnerability has been reported in Ultra Crypto Component. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.7AI score0.09389EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•23 views

Altnet Download Manager ActiveX Buffer Overflow - Ver2 (CVE-2007-5217)

A buffer overflow vulnerability has been reported in Altnet Download Manager. An attacker could exploit this vulnerability a long argument to the Install method. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause...

6.8CVSS7.6AI score0.2999EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•23 views

Microsoft Internet Explorer Memory Corruption (MS14-018: CVE-2014-1751)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.20344EPSS
Exploits1
Total number of security vulnerabilities5000