Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2016/07/19 12:0 a.m.•2 views

Magnitude Exploit Kit Redirection

Magnitude exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Magnitude exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code...

5.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/19 12:0 a.m.•6 views

Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4177)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.4AI score0.17585EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2016/07/19 12:0 a.m.•27 views

Ruby on Rails Remote Code Execution (CVE-2016-2098)

A remote code execution vulnerability exists in Ruby on Rails. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.3AI score0.81445EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2016/07/19 12:0 a.m.•41 views

CGI Namespace Conflict Man-In-The-Middle (httpoxy; CVE-2016-1000109; CVE-2016-1000110; CVE-2016-5385; CVE-2016-5386; CVE-2016-5387; CVE-2016-5388)

Namespace conflict related to HTTP proxy headers allows an attacker to configure the HTTPPROXY environment variable. A successful exploitation might allow an attacker to launch a man-in-the-middle attack and redirect traffic to an arbitrary host...

6.8CVSS3.8AI score0.55724EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2016/07/18 12:0 a.m.•8 views

Adobe Acrobat and Reader Use After Free (APSB16-14: CVE-2016-1070)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

10CVSS3AI score0.0641EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/18 12:0 a.m.•38 views

Apache Struts URLValidator Denial of Service (CVE-2016-4465)

A denial of service vulnerability exists in Apache Struts URLValidator. The vulnerability is due to insufficient validation of crafted URLs by the URLValidator. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted HTTP request to a Struts 2 application...

5CVSS2.2AI score0.10638EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•1 views

Tiki Wiki ELFinder Unauthenticated File Upload

An unauthenticated file upload vulnerability exists in Tiki Wiki. By uploading a malicious file to Tiki Wiki, a remote attacker can exploit this vulnerability for execution of arbitrary code in the security context of the web server...

3.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•3 views

Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4228)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

10CVSS3.7AI score0.33134EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•3 views

Digium Asterisk PJSIP Channel Driver REGISTER Denial of Service

A denial of service vulnerability exists in Digium Asterisk. The vulnerability is due to errors when processing incoming REGISTER requests with lengthy Contact Header URI. A remote authenticated attacker can exploit this vulnerability to cause a denial of service condition...

4.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•1 views

Adobe Flash Player Security Bypass (APSB16-25: CVE-2016-4178)

A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient security restrictions while handling specially crafted SWF files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file using...

5CVSS2.8AI score0.03185EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•4 views

Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4222)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

6.8CVSS3.7AI score0.0854EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4182)

A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.7AI score0.04999EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•4 views

Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4174)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS3.5AI score0.0604EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•3 views

Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4173)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

10CVSS3.7AI score0.0604EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•4 views

Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4176)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.4AI score0.17585EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•3 views

Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4248)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

10CVSS3.7AI score0.0672EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4185)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.4AI score0.04493EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•1 views

Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4225)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

6.8CVSS4.4AI score0.07391EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•2 views

Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4231)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

10CVSS3.7AI score0.32891EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•2 views

Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4229)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

10CVSS3.7AI score0.32465EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•3 views

Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4226)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

10CVSS3.7AI score0.33134EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4188)

A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.7AI score0.04934EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•2 views

Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4227)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

10CVSS3.7AI score0.32891EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•2 views

Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4224)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

6.8CVSS4.4AI score0.07391EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•10 views

HP LoadRunner Controller Scenario File Stack Buffer Overflow (CVE-2015-5426)

A stack-based buffer overflow vulnerability exists in HP LoadRunner Controller. The vulnerability is due to insufficient boundary checks while parsing scenario files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted ".lrs" files with the...

4.6CVSS2.6AI score0.00825EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•7 views

Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4230)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

10CVSS3.7AI score0.32226EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•4 views

Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4232)

A memory leak vulnerability exists in Adobe Flash Player. The vulnerability is due to a dangling reference error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with ...

5CVSS3AI score0.36456EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2016/07/17 12:0 a.m.•6 views

Adobe Flash Player Memory Corruption (APSB16-25: CVE-2016-4223)

A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

6.8CVSS4.7AI score0.07391EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/14 12:0 a.m.•5 views

Adobe Acrobat Reader XFA FormCalc replace Integer Overflow (CVE-2016-1043)

An integer overflow vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to improper validation of the parameters for a certain function. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted document. Successful exploitation of the...

10CVSS9.4AI score0.06567EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/13 12:0 a.m.•0 views

D-Link DCS-930L Authenticated Remote Command Execution

A command execution vulnerability exists in D-Link DCS-930L. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

5.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•23 views

Microsoft Office Remote Code Execution (MS16-088: CVE-2016-3279)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to improper handling of objects in memory while parsing a specially crafted Office file. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted Office fil...

4.3CVSS6.2AI score0.16423EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•1 views

WordPress All In One SEO Pack Plugin Cross-site Scripting

A cross-site scripting vulnerability exists in WordPress All In One SEO Pack plugin. Successful exploitation of this vulnerability would allow a remote attacker to insert malicious code into the effected system...

3.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•10 views

Microsoft Browser Spoofing (MS16-084: CVE-2016-3276)

A spoofing vulnerability exists in Microsoft Internet Explorer and EDGE browsers. The vulnerability is due to improper parsing of HTTP content. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...

2.6CVSS6.2AI score0.07221EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•16 views

Microsoft Internet Explorer Memory Corruption (MS16-084 : CVE-2016-3259)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to a type confusion when handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption in...

9.3CVSS8.8AI score0.36361EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•10 views

Microsoft Windows GDI Component Information Disclosure (MS16-090: CVE-2016-3251)

An Information disclosure vulnerability exists in Windows GDI component. The vulnerability is due to the way Microsoft Graphics Component improperly discloses contents of its memory. An attacker who successfully exploited the vulnerabilities could obtain information to further compromise the user...

2.1CVSS5.7AI score0.58073EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•12 views

Microsoft Office Memory Corruption (MS16-088: CVE-2016-3281)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS7.6AI score0.20447EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•5 views

Microsoft Edge Memory Corruption (MS16-085: CVE-2016-3246)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to a type confusion when handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption in...

7.6CVSS8.2AI score0.14121EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•9 views

Microsoft Office Memory Corruption (MS16-088: CVE-2016-3283)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS7.6AI score0.19641EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•3 views

WordPress WP Live Chat Support Plugin Cross-Site Scripting

A cross-site scripting vulnerability exists in WordPress WP Live Chat Support Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

4.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS16-084: CVE-2016-3242)

A memory corruption vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error while handling certain objects when processing HTML and script code. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could...

7.6CVSS7.7AI score0.13848EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•10 views

Microsoft Windows Win32k Elevation of Privilege (MS16-090: CVE-2016-3250)

An elevation of privilege vulnerability exists in Microsoft Windows Win32k. A remote attacker can bypass a security check in win32k to load a custom font from an arbitrary file on disk. Successful exploitation could allow an attacker to run arbitrary code with elevated privileges...

7.2CVSS7.3AI score0.02531EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•12 views

Microsoft Windows Win32k Elevation of Privilege (MS16-090: CVE-2016-3254)

An elevation of privilege vulnerability exists in Microsoft Windows Win32k. A remote attacker can bypass a security check in win32k to load a custom font from an arbitrary file on disk. A successful exploitation could allow an attacker to run arbitrary code with elevated privileges...

7.2CVSS7.6AI score0.01432EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•14 views

Microsoft Office Memory Corruption (MS16-088: CVE-2016-3282)

A memory corruption vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

9.3CVSS7.2AI score0.26291EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•13 views

Nagios XI SQL Injection (CVE-2018-8734)

An SQL injection vulnerability exists in Nagios XI. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...

7.5CVSS4.2AI score0.53247EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•10 views

Microsoft Edge Security Feature Bypass (MS16-085: CVE-2016-3244)

A security feature bypass exists in Microsoft Edge. The vulnerability is due to an error in the way Microsoft Edge implements Address Space Layout Randomization ASLR. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of...

4.3CVSS6.3AI score0.18752EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•12 views

Microsoft Internet Explorer Memory Corruption (MS16-084: CVE-2016-3240)

A memory corruption vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error while handling certain objects when processing HTML and script code. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could...

7.6CVSS2.3AI score0.13848EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•2 views

Tiki-Wiki CMS Calendar Remote Command Execution

A remote command injection vulnerability exists in Tiki-Wiki CMS's calendar module. By exploiting this vulnerability, a remote attacker can execute arbitrary code on the affected server...

4.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•6 views

Microsoft Internet Explorer Information Disclosure (MS16-084 : CVE-2016-3277)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...

2.6CVSS6.3AI score0.32385EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•6 views

Microsoft Browser Spoofing (MS16-084: CVE-2016-3274)

A spoofing vulnerability exists in Microsoft Internet Explorer and EDGE browsers. The vulnerability is due to improper parsing of HTTP content. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...

2.6CVSS6.2AI score0.08297EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/07/12 12:0 a.m.•12 views

Microsoft Edge Memory Corruption (MS16-085: CVE-2016-3264)

A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to an error in the way Microsoft Edge accesses objects in memory. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption i...

7.6CVSS8.4AI score0.14006EPSS
Exploits0
Total number of security vulnerabilities13538