Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2016/06/14 12:0 a.m.•37 views

Microsoft Windows WPAD Proxy Discovery Elevation of Privilege (MS16-077; CVE-2016-3236)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to improper handling of certain proxy discovery scenarios using the Web Proxy Autodiscovery WPAD protocol method. A remote attacker can exploit this issue by sending specially crafted NBNS responses...

10CVSS8.7AI score0.77658EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2016/06/14 12:0 a.m.•19 views

Microsoft Internet Explorer Memory Corruption (MS16-063: CVE-2016-0199)

A remote code execution vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to a type confusion when handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory...

9.3CVSS2.9AI score0.50996EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2016/06/14 12:0 a.m.•14 views

Oracle Application Testing Suite ActionServlet Authentication Bypass (CVE-2016-0487)

An authentication bypass vulnerability has been reported in the Oracle Application Testing Suite. The vulnerability is due to insufficient input validation by the ActionServlet servlet when processing HTTP requests. A remote, unauthenticated attacker could exploit this vulnerability by sending a...

6.4CVSS1.6AI score0.50888EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/14 12:0 a.m.•13 views

Microsoft Internet Explorer Memory Corruption (MS16-063: CVE-2016-3206)

A remote code execution vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an out-of-bound write access. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption in a way that would...

7.6CVSS8.1AI score0.1466EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/14 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB16-18: CVE-2016-4150)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

9.3CVSS4.4AI score0.04539EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/14 12:0 a.m.•31 views

Microsoft Edge Memory Corruption (MS16-068: CVE-2016-3222)

A memory corruption vulnerability has been reported in Microsoft Edge. The vulnerability is due to improper handling of objects in memory. A remote attacker could exploit the vulnerability by enticing the target user to open a specially crafted web page. Successful exploitation could lead to...

9.3CVSS8.7AI score0.56767EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2016/06/14 12:0 a.m.•53 views

Microsoft Windows Win32k Elevation of Privilege (MS16-074: CVE-2016-3219)

An elevation of privilege vulnerability exists in Microsoft Windows Win32k. A remote attacker can bypass the ProcessFontDisablePolicy check in win32k to load a custom font from an arbitrary file on disk. A successful exploitation could allow an attacker to run arbitrary code with elevated...

6.9CVSS6.9AI score0.06129EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2016/06/14 12:0 a.m.•21 views

Microsoft Windows PDF Library Information Disclosure (MS16-080: CVE-2016-3201)

An out of bound memory access vulnerability was discovered within Microsoft Edge PDF reader and Windows PDF Library. The vulnerability is due to an error in parsing a malformed PDF document. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted PDF file...

4.3CVSS6.3AI score0.2363EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/14 12:0 a.m.•12 views

Microsoft Internet Explorer Memory Corruption (MS16-063: CVE-2016-3211)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the drag and drop API call operations. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory...

9.3CVSS8.8AI score0.31828EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•3 views

Adobe Flash Player Heap Overflow (APSB16-18: CVE-2016-4136)

A Heap Overflow vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

9.3CVSS4.4AI score0.16385EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•26 views

Adobe Flash Player Heap Overflow (APSB16-18: CVE-2016-4135)

A Heap Overflow vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

9.3CVSS4.4AI score0.16544EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•2 views

WordPress Pingback Denial Of Service

WordPress XML-RPC pingback mechanism is used to link a blog to another. This mechanism can be exploited to execute a distributed denial of service DDoS attack either on the vulnerable website or to force the website to take part in a DDoS attack on a third party...

3.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•2 views

Adobe Flash Player Use After Free Code Execution (APSB16-15: CVE-2016-4121)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

7.5CVSS8.9AI score0.10004EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•10 views

Squid Long String Header Processing Assertion Failure (CVE-2016-2569)

A denial-of-service vulnerability has been reported in Squid. The vulnerability is due to the way Squid uses a String object of a certain maximum length to store incoming headers, such as the Vary header, in HTTP responses. Long strings in headers can cause an assertion failure...

5CVSS0.5AI score0.31187EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•2 views

Adobe Flash Player Memory Corruption (APSB16-18: CVE-2016-4133)

A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

9.3CVSS4.7AI score0.0381EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•4 views

WordPress LoginWall Plugin Remote File Inclusion

A Remote File Inclusion vulnerability exists in WordPress LoginWall Plugin. Successful exploitation of this vulnerability would allow a non-authenticated attacker to include remote files and execute arbitrary code on the vulnerable system...

5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•6 views

Adobe Flash Player Memory Corruption (APSB16-18: CVE-2016-4132)

A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

9.3CVSS4.7AI score0.03977EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•2 views

Adobe Flash Player Use After Free Code Execution (APSB16-18: CVE-2016-4147)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

9.3CVSS3.5AI score0.0381EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB16-18: CVE-2016-4155)

A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

9.3CVSS4.7AI score0.04387EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB16-18: CVE-2016-4156)

A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

9.3CVSS4.7AI score0.04387EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•5 views

Adobe Flash Player Type Confusion (APSB16-18: CVE-2016-4149)

A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...

9.3CVSS3.1AI score0.0381EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•2 views

Adobe Flash Player Type Confusion (APSB16-18: CVE-2016-4144)

A type confusion vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected...

9.3CVSS3.2AI score0.0381EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•3 views

Adobe Flash Player Use After Free Code Execution (APSB16-18: CVE-2016-4143)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

9.3CVSS3.7AI score0.0381EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•3 views

Adobe Flash Player Use After Free Code Execution (APSB16-18: CVE-2016-4148)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

9.3CVSS3.5AI score0.0381EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•4 views

Adobe Flash Player Use After Free Code Execution (APSB16-18: CVE-2016-4146)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

9.3CVSS3.5AI score0.0381EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•2 views

Adobe Flash Player Memory Corruption (APSB16-18: CVE-2016-4154)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

9.3CVSS4.4AI score0.04387EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•4 views

Adobe Flash Player Memory Corruption (APSB16-18: CVE-2016-4151)

A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

9.3CVSS4.7AI score0.04387EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB16-18: CVE-2016-4153)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

9.3CVSS4.4AI score0.04387EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/13 12:0 a.m.•6 views

Adobe Flash Player Memory Corruption (APSB16-18: CVE-2016-4152)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

9.3CVSS4.4AI score0.04387EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/08 12:0 a.m.•1 views

BlindElephant Web Application Fingerprinter

A reconnaissance tool is designed to gather information from servers. Such scans might indicate an attempt to disclose sensitive information. Remote attackers can use BlindElephant Web Application Fingerprinter to detect vulnerabilities on a target server...

2.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/08 12:0 a.m.•7 views

MySQL Failed Memory Allocation Denial of Service (CVE-2015-4870)

A vulnerability exists in MySQL server. The vulnerability is triggered due to failed memory allocation. Successful exploitation of this vulnerability causes the server process to terminate...

4CVSS3AI score0.30146EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2016/06/08 12:0 a.m.•13 views

Microsoft Edge JavaScript Engine Memory Corruption (MS16-052: CVE-2016-0186)

A memory corruption vulnerability exists in Microsoft Edge Chakra JavaScript Engine. This vulnerability is due to an improper validation in Array.unshift or Array.shift methods. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...

7.6CVSS7.9AI score0.19448EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/07 12:0 a.m.•0 views

WordPress Simple Backup Plugin Unauthorized File Access

An Information Disclosure vulnerability exists in WordPress Simple Backup Plugin. Successful exploitation would allow a remote attacker to copy restricted files with privileged information from the affected system...

4.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/06 12:0 a.m.•5 views

Adobe Acrobat Reader Use-After-Free (APSB16-14: CVE-2016-1061)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

10CVSS3.2AI score0.0641EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/05 12:0 a.m.•3 views

Magento Braintree Credit Card Stealer

A code execution vulnerability has been reported in Braintree extension of Magento. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary code on the affected system, thereby gaining access to confidential credit card information...

5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/05 12:0 a.m.•1 views

WordPress WP Mobile Detector Plugin Arbitrary File Upload

An Arbitrary File Upload vulnerability exists in WordPress WP Mobile Detector Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/05 12:0 a.m.•10 views

Adobe Acrobat Reader Security Bypass (APSB16-14: CVE-2016-1062)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

10CVSS3.2AI score0.06316EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/01 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB16-14: CVE-2016-1093)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS5.3AI score0.03716EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/06/01 12:0 a.m.•32 views

DotNetNuke Administration Authentication Bypass (CVE-2015-2794)

An authentication bypass vulnerability exists in DotNetNuke. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information and gain unauthorized access into the affected system...

7.5CVSS6.4AI score0.74552EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2016/05/31 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB16-14: CVE-2016-1088)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS5.3AI score0.03716EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/05/31 12:0 a.m.•4 views

Adobe Acrobat and Reader Use After Free (APSB16-14: CVE-2016-1094)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS4.8AI score0.0641EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/05/31 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Leak (APSB16-14: CVE-2016-1092)

A memory leak vulnerability exists in Adobe Reader. The vulnerability is due to an error in Adobe Reader while handling specially crafted PDF files. A remote attacker can exploit this issue by enticing a target user to open a malicious website containing a specially crafted PDF file...

5CVSS2.8AI score0.04054EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/05/31 12:0 a.m.•2 views

ManageEngine Firewall Analyzer runQuery guest user SQL Injection

An SQL injection vulnerability exists in ManageEngine Firewall Analyzer. This vulnerability is due to the use of hardcoded credentials and insufficient validation of request parameters in HTTP requests to the runQuery servlet. By sending crafted requests to an affected server, a remote attacker c...

1.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/05/31 12:0 a.m.•19 views

GnuTLS DistinguishedName Decoding Double Free - ver 2 (CVE-2015-6251)

A double-free vulnerability has been reported in GnuTLS. The vulnerability is due to an error within gnutlsx509dntostring while processing very long Distinguished Name values in X.509 certificates. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted certificate ...

5CVSS2.8AI score0.1903EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/05/30 12:0 a.m.•0 views

WordPress CP Polls Plugin Cross-Site Scripting

A cross-site scripting vulnerability exists in WordPress CP Polls Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

4.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/05/30 12:0 a.m.•0 views

WordPress WP Advanced Importer Plugin Cross-Site Scripting

A cross-site scripting vulnerability exists in WordPress WP Advanced Importer Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

4.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/05/30 12:0 a.m.•6 views

Adobe Acrobat And Reader Memory Corruption (APSB16-14: CVE-2016-1095)

A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS5AI score0.05825EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/05/30 12:0 a.m.•3 views

WordPress Booking Calendar Contact Form Plugin SQL injection

An SQL injection exists in the WordPress Booking Calendar Contact Form Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...

4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/05/30 12:0 a.m.•4 views

WordPress RobotCPA Plugin Local File Inclusion

An information disclosure vulnerability exists in WordPress RobotCPA Plugin. Successful exploitation of this vulnerability could allow a remote attacker to access the content of files found on the web server...

3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2016/05/30 12:0 a.m.•1 views

WordPress Jetpack Shortcode Embeds Module Code Injection

A cross-site scripting vulnerability exist reported in WordPress JetPack plugin Shortcode Embeds module. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

4AI score
Exploits0
Total number of security vulnerabilities13538