Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2017/04/23 12:0 a.m.•2 views

Trend Micro SafeSync for Enterprise storage.pm discovery_iscsi_device Command Injection

A command injection vulnerability exists in Trend Micro's SafeSync for Enterprise storage pm page. The vulnerability is due to insufficient validation of the user-supplied parameters defining an iSCSI device to be discovered. A remote, authenticated attacker could exploit this vulnerability by...

3.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/23 12:0 a.m.•5 views

URSoft W32Dasm Disassembler Function Buffer Overflow (CVE-2005-0308)

A buffer overflow exists in URSoft W32Dasm. The vulnerability is due to improper bounds checking by the Disassembler process. A remote unauthenticated attacker could exploit this vulnerability by sending crafted .exe file. Successful exploitation can result in arbitrary code execution within the...

7.5CVSS6.3AI score0.63881EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2017/04/23 12:0 a.m.•5 views

Adobe Acrobat and Reader Integer Overflow (APSB17-11: CVE-2017-3034)

An integer overflow vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a parsing error in XML Forms Architecture XFA engine in Adobe Reader and Acrobat. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

9.3CVSS8.9AI score0.05215EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/23 12:0 a.m.•7 views

OpenSSH kex_input_kexinit Denial of Service (CVE-2016-8858)

A denial of service vulnerability has been reported in OpenSSH. The vulnerability is due to improper implementation of the kexinputkexinit function in the kex module allowing the function to be repeated after receipt of a message. A remote attacker could exploit this vulnerability by sending...

7.8CVSS3.8AI score0.29462EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/23 12:0 a.m.•7 views

Adobe Flash Player Memory Corruption (APSB17-10: CVE-2017-3061)

A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.7AI score0.24728EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2017/04/23 12:0 a.m.•25 views

Adobe Flash Player Memory Corruption (APSB17-10: CVE-2017-3060)

A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.7AI score0.0763EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/23 12:0 a.m.•3 views

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3038)

A memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to improper parsing of True Type font TTF format stream data resulting in out of bounds memory access. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted...

9.3CVSS8.5AI score0.03983EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/23 12:0 a.m.•14 views

VIPA Controls WinPLC7 recv Stack-based Buffer Overflow (CVE-2017-5177)

A stack-based buffer overflow exists in VIPA Controls WinPLC7. The vulnerability is due to improper validation of a length field within received TCP packet data before copying the contents to a stack-based buffer. A remote attacker could exploit this vulnerability by sending maliciously crafted...

5CVSS4.4AI score0.17711EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2017/04/20 12:0 a.m.•3 views

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3033)

An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

4.3CVSS6.3AI score0.03159EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/19 12:0 a.m.•1 views

Trend Micro SafeSync for Enterprise restartService Command Injection

A command injection vulnerability exists in Trend Micro's SafeSync for Enterprise. The vulnerability is due to insufficient validation of the user-supplied parameter sent to restartService end point. A remote, authenticated attacker could exploit this vulnerability by sending a crafted input to t...

3.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/19 12:0 a.m.•1 views

Trend Micro SafeSync for Enterprise storage.pm device_id role Command Injection

A command injection vulnerability exists in Trend Micro's SafeSync for Enterprise storage.pm page. The vulnerability is due to insufficient validation of the user-supplied role and deviceid parameters. A remote, authenticated attacker could exploit this vulnerability by sending a crafted input to...

4.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/19 12:0 a.m.•9 views

Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3027)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

9.3CVSS8.3AI score0.04069EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/18 12:0 a.m.•2 views

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3029)

An information disclosure vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

4.3CVSS6.1AI score0.028EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/18 12:0 a.m.•6 views

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3030)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

9.3CVSS8.5AI score0.0346EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/18 12:0 a.m.•10 views

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3032)

An Information Disclosure exists in JPEG 2000 code-stream parser in Adobe Acrobat and Reader. This vulnerability is due to improper handling of objects in memory. Attackers can exploit the vulnerability by using the out of bounds access for information leak attacks...

4.3CVSS6.4AI score0.03959EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/18 12:0 a.m.•6 views

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3031)

An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF...

4.3CVSS6.3AI score0.03159EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/16 12:0 a.m.•11 views

Microsoft Windows Uniscribe Information Disclosure (MS17-011: CVE-2017-0085)

An information disclosure vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows Uniscribe handles objects in the memory. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted ttf file...

4.3CVSS4.7AI score0.22471EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2017/04/13 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3028)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing to unintended memory in a specially crafted TIFF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted TIFF...

9.3CVSS8.5AI score0.04306EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/13 12:0 a.m.•10 views

Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3026)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

9.3CVSS8.3AI score0.04069EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2017/04/13 12:0 a.m.•6 views

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3021)

An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF...

4.3CVSS6.3AI score0.02455EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/13 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3024)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in the way Adobe Reader and Acrobat handles objects in memory. A remote attacker could trigger this issue via a specially crafted PDF file...

9.3CVSS8.3AI score0.05309EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/13 12:0 a.m.•9 views

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3023)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

9.3CVSS8.5AI score0.04458EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/13 12:0 a.m.•5 views

Adobe Acrobat And Reader Memory Corruption (APSB17-11: CVE-2017-3025)

A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

9.3CVSS8.4AI score0.0346EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/13 12:0 a.m.•5 views

Adobe Acrobat and Reader Heap Overflow (APSB17-11: CVE-2017-3055)

A code execution vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to heap overflow vulnerability in the JPEG decoder routine. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

9.3CVSS8.9AI score0.14452EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/13 12:0 a.m.•6 views

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3022)

An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing to unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted...

4.3CVSS6.3AI score0.11764EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/12 12:0 a.m.•6 views

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3017)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

9.3CVSS8.5AI score0.0428EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/12 12:0 a.m.•15 views

Aerospike Database Server RW Fabric Message Code Execution (CVE-2016-9053)

An out-of-bounds array indexing vulnerability has been reported in Aerospike Database Server. The vulnerability is due to improper handling of a fabric message containing a request to write a record element with malicious type value. A remote attacker could exploit this vulnerability by sending a...

7.5CVSS1.8AI score0.07249EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/04/12 12:0 a.m.•7 views

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3020)

An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF...

4.3CVSS6.3AI score0.028EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/12 12:0 a.m.•10 views

Adobe Flash Player Use After Free Code Execution (APSB17-10: CVE-2017-3063)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

10CVSS3.7AI score0.08894EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/12 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3019)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

9.3CVSS8.4AI score0.0346EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/12 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3056)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error while loading a PDF containing a malicious JavaScript code. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected version of Adobe...

9.3CVSS8.5AI score0.03362EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/12 12:0 a.m.•4 views

Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3057)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

9.3CVSS8.3AI score0.05192EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/12 12:0 a.m.•9 views

Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3014)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

9.3CVSS8.3AI score0.05122EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/12 12:0 a.m.•6 views

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3036)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while opening a PCX file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PCX file with Adobe Reader...

9.3CVSS8.5AI score0.04458EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/12 12:0 a.m.•5 views

Adobe Flash Player Use After Free Code Execution (APSB17-10: CVE-2017-3062)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

10CVSS3.7AI score0.09511EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•2 views

Microsoft Edge Memory Corruption (CVE-2017-0205)

A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to a type confusion when handling certain objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...

7.6CVSS2.9AI score0.23593EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•2 views

Microsoft Internet Explorer Elevation of Privilege (CVE-2017-0210)

An elevation of privilege vulnerability exists in Internet Explorer. The vulnerability is due to Internet Explorer not properly enforcing cross-domain policies. This could allow an attacker to access information from one domain and inject it into another domain...

4.3CVSS4.2AI score0.19522EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•8 views

Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2017-0158)

A Use-After-Free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error in the way VBScript engine manipulates the assignment of dynamic-array variables. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...

7.6CVSS7.3AI score0.12558EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•15 views

Microsoft Outlook Remote Code Execution (CVE-2017-0199)

A remote code execution vulnerability exists in Microsoft Outlook. The vulnerability is due to the way that Microsoft Outlook parses specially crafted email messages. Successful exploitation of this vulnerability may result to take control of an affected system...

9.3CVSS5.9AI score0.99933EPSS
Exploits29
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•8 views

Microsoft Office DLL Loading (CVE-2017-0197)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is caused due to an incorrect link to a dynamic-link library file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file which will lead to arbitrary code execution...

9.3CVSS5.4AI score0.19075EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•17 views

Microsoft Windows Elevation of Privilege (CVE-2017-0165)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to an error in the way Microsoft Windows sanitizes handles in memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

7.2CVSS4.3AI score0.03338EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•6 views

Microsoft Win32k Information Disclosure (CVE-2017-0188)

An Information Disclosure vulnerability exists in the Windows Common Log File System CLFS driver of Microsoft Windows. The vulnerability is due to the way Windows improperly handles objects in memory. An attacker could exploit this vulnerability to bypass security measures on the affected system...

2.1CVSS5.7AI score0.02977EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•10 views

Microsoft Outlook Remote Code Execution (CVE-2017-0106)

A remote code execution vulnerability exists in Microsoft Outlook. The vulnerability is due to the way Microsoft Outlook parses specially crafted email messages. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted email message...

9.3CVSS7.7AI score0.28355EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (CVE-2017-0202)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an...

7.6CVSS7.8AI score0.45648EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•6 views

Microsoft Win32k Elevation of Privilege (CVE-2017-0189)

An elevation of privilege vulnerability exists in Windows. The vulnerability occurs when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode with full user rights...

7.2CVSS6.2AI score0.0205EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•6 views

Microsoft Windows Kernel Information Disclosure (CVE-2017-0167)

An information disclosure vulnerability exists within Microsoft Windows. The vulnerability is caused when Microsoft Windows kernel improperly handles objects in memory. Successful exploitation of this issue might lead to leakage of sensitive information from the kernel...

2.1CVSS5.6AI score0.05587EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•7 views

Microsoft Windows Graphics Component Elevation of Privilege (CVE-2017-0156)

An elevation of privilege vulnerability exists in Windows Graphics Component. The vulnerability is caused when the Windows Graphics Component fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted file...

6.9CVSS7AI score0.01144EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•7 views

Microsoft ATMFD.dll Information Disclosure (CVE-2017-0192)

An information disclosure vulnerability exists in Adobe Type Manager Font Driver ATMFD.dll. The vulnerability is caused when the Adobe Type Manager Font Driver ATMFD.dll improperly handles objects in memory. An attacker can exploit this vulnerability by enticing a user to open a specially crafted...

4.3CVSS5.2AI score0.06034EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•7 views

Microsoft Office Memory Corruption (CVE-2017-0194)

An Out-of-Bounds-Write vulnerability exists in Microsoft Office. The vulnerability is due to a failure of Office software to properly handle objects in memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

4.3CVSS3.1AI score0.2552EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/04/11 12:0 a.m.•8 views

Microsoft Edge Memory Corruption (CVE-2017-0200)

A type confusion memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to an error when handling objects in memory. A remote attacker can exploit this vulnerability and execute arbitrary code in the context of the current user...

7.6CVSS7.9AI score0.13774EPSS
Exploits0
Total number of security vulnerabilities13538