Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•4 views

Microsoft Windows Uniscribe Integer Underflow (MS15-130: CVE-2015-6130)

An integer underflow vulnerability exists in Microsoft Windows Uniscribe. The vulnerability is due to an improper alignment of table offsets leading to an integer underflow. A remote attacker can exploit this vulnerability by enticing the target to open a specially crafted ttf file. Successful...

9.3CVSS4.4AI score0.20725EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•2 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6083)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.18763EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•5 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6156)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13269EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•10 views

Microsoft Office Memory Corruption (MS15-131: CVE-2015-6040)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.13601EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•12 views

Microsoft Windows Library Loading Remote Code Execution (MS15-132: CVE-2015-6133)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to the way Windows improperly validates input before loading libraries. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted file...

7.2CVSS6.9AI score0.66581EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•5 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6154)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an out of bounds memory access. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affected version of Internet Explorer...

9.3CVSS7AI score0.16815EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•13 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6159)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.19795EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•5 views

Microsoft Office Memory Corruption (MS15-128: CVE-2015-6106)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.17321EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•14 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6155)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.16815EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6145)

A use-after-free vulnerability has been reported in Microsoft Internet Explorer which could result in remote code execution. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer...

9.3CVSS6.8AI score0.13269EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•10 views

Microsoft Windows Media Center Information Disclosure (MS15-134: CVE-2015-6127)

An information disclosure vulnerability has been reported in Microsoft Media Center. The vulnerability is due to an error in the way Media Center renders MCL files which redirects to the MCL file itself. A remote attacker can exploit this issue by enticing a user to open a specially crafted MCL...

4.3CVSS3.5AI score0.46006EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•4 views

Microsoft Office Memory Corruption (MS15-131: CVE-2015-6118)

A Memory corruption vulnerability exists in Microsoft Word. The vulnerability is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially crafted Word file...

9.3CVSS4.3AI score0.13601EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•6 views

Microsoft Edge Elevation of Privilege (MS15-125: CVE-2015-6170)

An elevation of privilege vulnerability has been reported in Microsoft Edge. The vulnerability is due to an error in the way that Microsoft Edge validates permissions under specific conditions. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with a...

6.8CVSS6.2AI score0.0945EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•4 views

Microsoft Office Memory Corruption (MS15-131: CVE-2015-6122)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.13601EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•9 views

Microsoft Internet Explorer Scripting Engine Information Disclosure (MS15-124: CVE-2015-6135)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way VBScript engine manipulates BSTR objects. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...

5CVSS5.7AI score0.23922EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•6 views

Microsoft Internet Explorer Scripting Engine Memory Corruption (MS15-124: CVE-2015-6139)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer parses an iCalendar ICS file. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...

9.3CVSS7.2AI score0.15718EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•4 views

Microsoft Internet Explorer Information Disclosure (MS15-124: CVE-2015-6157)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...

4.3CVSS5.8AI score0.16638EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•3 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6153)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an out of bounds memory access. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affected version of Internet Explorer...

9.3CVSS7AI score0.16815EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•6 views

Microsoft Office Memory Corruption (MS15-131: CVE-2015-6122) - ver 2

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.13601EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6134)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer verifies an argument of a certain function. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page wi...

9.3CVSS7AI score0.18763EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•8 views

Microsoft Graphics Component Memory Corruption (MS15-128: CVE-2015-6107)

A remote code execution vulnerability has been reported in Microsoft Graphics Component. The vulnerability involves an integer overflow leading to a buffer overflow in an internal graphics routine. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

9.3CVSS7.5AI score0.18247EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6150)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has been deleted. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page...

9.3CVSS7AI score0.18763EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6147)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

9.3CVSS7.1AI score0.18763EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•9 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6151)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.19795EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6162)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.1AI score0.13269EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6142)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.19956EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•4 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6140)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7AI score0.16815EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•6 views

Microsoft Scripting Engine Memory Corruption (MS15-124: CVE-2015-6136)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7AI score0.25169EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•7 views

Microsoft Edge Memory Corruption (MS15-125: CVE-2015-6168)

A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is because the program fails to detect a returned error value, resulting in an out-of-bounds read condition. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a...

9.3CVSS7.2AI score0.31254EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•12 views

Microsoft Windows Media Center Remote Code Execution (MS15-134: CVE-2015-6131)

A flaw has been reported in Windows Media Center when parsing MCL files. This flaw could allow malicious users to execute arbitrary code on a target Windows system by enticing the victim to open a specially crafted Media Center file...

9.3CVSS7AI score0.30538EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•5 views

Microsoft Office Memory Corruption (MS15-131: CVE-2015-6124)

A Memory corruption vulnerability exists in Microsoft Word. The vulnerability is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially crafted Word file...

9.3CVSS4.3AI score0.13715EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•36 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6152)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.34987EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•6 views

Microsoft Internet Explorer XSS Filter Bypass (MS15-124: CVE-2015-6164)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

6.8CVSS7AI score0.11686EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•6 views

Microsoft Outlook Embedded OLE Object (MS15-131: CVE-2015-6172)

A sandbox bypass vulnerability, known as BadWinMail, exists in Microsoft Outlook. The vulnerability is due to the support provided by Outlook for two file formats that are being parsed automatically by Outlook which does not run under a sandbox and has medium integrity level. A remote attacker ca...

9.3CVSS6.2AI score0.53941EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6141)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.1AI score0.18763EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6146)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13269EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•34 views

Microsoft Internet Explorer Memory Corruption (MS15-124: CVE-2015-6143)

A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error in manipulating CAttrArray objects. Successful exploitation could cause memory corruption in a way that would allow attackers to execute code on the target...

9.3CVSS6.8AI score0.18763EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/08 12:0 a.m.•4 views

Microsoft Internet Explorer Use After Free Remote Code Execution (MS15-124: CVE-2015-6148)

A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability occurs when Internet Explorer attempts to retrieve the common ancestor for nodes that are already dead, resulting in dereferences to invalid pointers. A remote attacker can exploit this issue by enticing a...

9.3CVSS6.8AI score0.19795EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/02 12:0 a.m.•3 views

Linux Shellcode Remote Code Execution

A remote code execution vulnerability has been reported in Linux. A remote attacker can exploit this issue by sending a specially crafted request to the victim. Successful exploitation would allow an attacker to execute arbitrary code on the target machine...

5.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/12/02 12:0 a.m.•5 views

Labtam ProFTP Client Banner Buffer Overflow (CVE-2009-3976)

Labtam ProFTP is vulnerable to a buffer overflow, caused by improper bounds checking. A remote attacker could exploit this vulnerability via an overly long welcome message to overflow a buffer and execute arbitrary code on the system with elevated privileges or cause the service to crash...

5.8AI score0.28277EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2015/11/29 12:0 a.m.•1 views

WordPress PHP Movie Parameter Redirection

A website redirection vulnerability has been reported in WordPress. Successful exploitation of this vulnerability would allow a remote attacker to redirect the clients who access a WordPress website to an attacker-controlled page, and infect the client host...

2.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/26 12:0 a.m.•1 views

Network Time Protocol Daemon Pidfile Driftfile Arbitrary File Overwrite (CVE-2015-7709)

An arbitrary file overwrite vulnerability exists in the Network Time Protocol daemon NTPD. The vulnerability is due to NTPD allowing remote clients to change the pidfile and driftfile configuration options to any arbitrary file, allowing any file on the target system to be overwritten. A remote,...

10CVSS2.8AI score0.78965EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/11/26 12:0 a.m.•4 views

IBM Tivoli Storage Manager FastBack Server Opcode 1329 Directory Traversal (CVE-2015-1941)

A directory traversal vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient input validation of parameters in opcode 1329 requests. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port...

7.8CVSS8.7AI score0.0596EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/26 12:0 a.m.•13 views

WordPress W3 Total Cache and W3 Super Cache PHP Code Execution (CVE-2013-2010)

A remote code execution vulnerability has been reported in WordPress W3 Total and Super Cache Plugins. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.6AI score0.73862EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/11/26 12:0 a.m.•2 views

WordPress W3 Total Cache Security Credentials Hash Extract

A hash extract vulnerability has been reported in WordPress W3 Total Cache Plugin. Successful exploitation of this vulnerability would allow a remote attacker to obtain username and password hashes from affected WordPress servers...

4.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/26 12:0 a.m.•2 views

AlienVault Unified Security Management av-forward Deserialization Remote Code Execution

A remote code execution vulnerability has been reported in AlienVault Unified Security Management, specifically the av-forward service. The vulnerability is due to deserialization of objects from untrusted sources. A remote unauthenticated attacker could exploit this vulnerability by sending a...

4.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/25 12:0 a.m.•0 views

Dell Foundation Services Root Certificate Man-in-the-Middle Attack

A security bypass vulnerability exists in Dell Foundation Services, as a result of using an insecure certificate eDellRoot. Successful exploitation would allow attackers to decrypt and manipulate online traffic between other parties...

4.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/25 12:0 a.m.•9 views

IBM WebSphere Application Server Commons-Collections Library Remote Code Execution (CVE-2015-7450)

A remote code execution vulnerability has been reported in IBM WebSphere Application Server. The vulnerability is due deserialization of untrusted data while having the vulnerable version of Apache Commons-Collections library in the code path. A remote, unauthenticated attacker can exploit this...

10CVSS4.7AI score0.97655EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2015/11/24 12:0 a.m.•18 views

ManageEngine OpManager SubmitQuery IntegrationUser SQL Code Execution (CVE-2015-7765; CVE-2015-7766)

An SQL code execution vulnerability exists in ManageEngine OpManager. By sending crafted requests to an affected server, a remote attacker can exploit this vulnerability to execute arbitrary SQL commands with Administrator privileges which can further lead to arbitrary code execution in the...

9CVSS4.6AI score0.80644EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/11/24 12:0 a.m.•2 views

Reprise License Manager edit_lf_process Directory Traversal

A directory traversal vulnerability exists in the Reprise License Manager. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/goform/editlfprocess" URI. A remote unauthenticated attacker can leverage this vulnerability by sending crafted HTTP request...

2.5AI score
Exploits0
Total number of security vulnerabilities13538