Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/11/23 12:0 a.m.•1 views

Borland AccuRev SaveContentServiceImpl Servlet Directory Traversal

A denial of service and an information disclosure vulnerability exists in the Borland AccuRev. A remote, unauthenticated attacker can exploit this weakness in the product to read files or to delete an arbitrary file on the system. Successful exploitation of this vulnerability will result in eithe...

4.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/19 12:0 a.m.•1 views

Jenkins Apache Commons Java Collections Library Remote Code Execution

A remote code execution vulnerability has been reported in the Apache Commons Java Collections Framework. A remote unauthenticated attacker may exploit this vulnerability by sending a crafted serialized object to an application which uses the Apache Commons Java Collections Framework as part of i...

4.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/19 12:0 a.m.•7 views

WebLogic Apache Commons Java Collections Library Remote Code Execution (CVE-2015-4852)

A remote code execution vulnerability has been reported in the Apache Commons Java Collections Framework. A remote unauthenticated attacker may exploit this vulnerability by sending a crafted serialized object to an application which uses the Apache Commons Java Collections Framework as part of i...

7.5CVSS4.1AI score0.96032EPSS
Exploits17
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•2 views

Samsung SmartViewer STWAxConfig Memory Corruption (CVE-2015-8039)

A memory corruption vulnerability exists in Samsung SmartViewer. The vulnerability is due to untrusted pointer dereference. A remote attacker may exploit this vulnerability by enticing a victim to visit a maliciously crafted page...

6.8CVSS3AI score0.03893EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•0 views

Apple ID Mail Phishing Attempts

A mail phishing attack had been reported, attempting to obtain the victim's Apple ID. The attacker uses embedded redirection links in order to gain the victim's account information...

2.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•5 views

IBM Tivoli Storage Manager FastBack Server Opcode 1330 Command Injection (CVE-2015-1949)

A command injection vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient input validation of parameters in opcode 1330 requests. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port 11460/TCP...

10CVSS9.5AI score0.05527EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•4 views

Adobe Flash Player Use After Free Code Execution (APSB15-28: CVE-2015-8042; CVE-2015-8043; CVE-2015-8044; CVE-2015-8046)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS3.5AI score0.40682EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•3 views

Samsung SmartViewer STWAxConfigNVR Memory Corruption (CVE-2015-8039)

A memory corruption vulnerability exists in Samsung SmartViewer. The vulnerability is due to untrusted pointer dereference. A remote attacker may exploit this vulnerability by enticing a victim to visit a maliciously crafted page...

6.8CVSS3.1AI score0.03893EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•3 views

Adobe Flash Player Use After Free Code Execution (APSB15-28: CVE-2015-7651)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

9.3CVSS3.5AI score0.06171EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•4 views

Adobe Flash Player Use After Free Code Execution (APSB15-28: CVE-2015-7655; CVE-2015-7656)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

9.3CVSS3.5AI score0.06171EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•2 views

Adobe Flash Player Type Confusion (APSB15-28: CVE-2015-7659)

A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...

9.3CVSS3.1AI score0.06171EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•4 views

Adobe Flash Player Use After Free Code Execution (APSB15-28: CVE-2015-7652)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

9.3CVSS3.5AI score0.246EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•2 views

Adobe Flash Player Use After Free Code Execution (APSB15-28: CVE-2015-7663)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS3.5AI score0.06259EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•3 views

Adobe Flash Player Use After Free Code Execution (APSB15-28: CVE-2015-7660; CVE-2015-7661)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

9.3CVSS3.5AI score0.06171EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•3 views

Adobe Flash Player Use After Free Code Execution (APSB15-28: CVE-2015-7654)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

9.3CVSS3.5AI score0.06171EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/18 12:0 a.m.•4 views

Adobe Flash Player Use After Free Code Execution (APSB15-28: CVE-2015-7657; CVE-2015-7658)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

9.3CVSS3.5AI score0.06171EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/17 12:0 a.m.•2 views

Byte Order Mark Redirection Mail Phishing Attempt

Several mail phishing campaigns use embedded redirection links to lure the victim user to download malicious files...

1.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/17 12:0 a.m.•1 views

SAP 3D Visual Enterprise Viewer 3DM File Buffer Overflow

A buffer overflow vulnerability exists in SAP 3D Visual Enterprise Viewer. The vulnerability is caused by improper validation of the size value read from a Rhino 3D Model 3DM file. By enticing a user to open a crafted 3DM file with the affected application, an attacker could possibly exploit this...

4.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/17 12:0 a.m.•0 views

NullHole Exploit Kit Landing Page

NullHole exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with NullHole xploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Executio...

5.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/17 12:0 a.m.•4 views

Advantech WebAccess AspVCObj.AspDataDriven ActiveX GetWideStrCpy Stack Buffer Overflow (CVE-2014-9208)

A stack buffer overflow vulnerability exists in Advantech's WebAccess SCADA software. The vulnerability is due to insufficient input validation of an argument to GetWideStrCpy in the AspVCObj.AspDataDriven ActiveX control. A remote, unauthenticated attacker can exploit this vulnerability by...

10CVSS7.2AI score0.09257EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/11/17 12:0 a.m.•11 views

WebSphere Server and JBoss Platform Apache Commons Collections Remote Code Execution (CVE-2015-7501)

A remote code execution vulnerability has been reported in the Apache Commons Java Collections Framework. A remote unauthenticated attacker may exploit this vulnerability by sending a crafted serialized object to an application which uses the Apache Commons Java Collections Framework as part of i...

10CVSS4.1AI score0.83274EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2015/11/17 12:0 a.m.•5 views

Samsung SmartViewer CNC_Ctrl ActiveX Control Out of Bounds Indexing (CVE-2015-8040)

A remote code execution vulnerability exists in Samsung SmartViewer. The vulnerability is due to improper validation of the index parameter provided to the rtspgetdlsendtime method of the CNCCtrl ActiveX Control. A remote, unauthenticated attacker can exploit this vulnerability by enticing the...

6.8CVSS4.4AI score0.03363EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/16 12:0 a.m.•0 views

Spartan Exploit Kit Landing Page

Spartan exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Spartan exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution...

5.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/16 12:0 a.m.•3 views

Squid SSL-Bump Denial of Service

A denial-of-service vulnerability exists in Squid. The vulnerability is due to integer overflow and input validation errors in Squid when processing TLS messages. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted Client or Server Hello message, which...

3.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/12 12:0 a.m.•1 views

ABBS Audio Media Player Buffer Overflow

A buffer overflow vulnerability has been reported in ABBS Audio Media Player. A remote attacker may exploit this vulnerability by adding a specially crafted .lst file. Successful exploitation could allow an attacker to run arbitrary code in the context of the current user...

4.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/11 12:0 a.m.•1 views

ManageEngine Applications Manager CommonAPIUtil enableDisableAlarmsAction SQL Injection

An SQL injection vulnerability exists in ManageEngine Applications Manager. This vulnerability is due to insufficient validation of the resourceid and haid parameters when processing requests using the enableDisableAlarmsAction method of the CommonAPIUtil class. By sending crafted request message...

2.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/11 12:0 a.m.•9 views

IBM Tivoli Storage Manager FastBack Server FXCLI_OraBR_Exec_Command Buffer Overflow (CVE-2015-1929)

A buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient boundary checking while processing remote requests within the FXCLIOraBRExecCommand function. A remote unauthenticated attacker could exploit this vulnerability by sendin...

7.8CVSS9.6AI score0.03254EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•3 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6079)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.13269EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•3 views

Microsoft Outlook for Mac Spoofing (MS15-116: CVE-2015-6123)

A spoofing vulnerability has been reported in Microsoft outlook for Mac. The vulnerability is due to an error in Microsoft Office Outlook that fail to sanitize html input or treat it in a safe manner. A remote attacker can exploit this vulnerability by sending HTML e-mails to victims with content...

4.3CVSS6.2AI score0.1115EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•3 views

Microsoft Internet Explorer Use After Free Remote Code Execution (MS15-112: CVE-2015-6064)

A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...

9.3CVSS6.8AI score0.20226EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•2 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6078)

A use-after-free vulnerability has been reported in Microsoft Internet Explorer. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page. Successful exploitation could cause memory corruption in a way that would allow attackers to execute code on...

9.3CVSS6.7AI score0.16815EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•4 views

Microsoft Internet Explorer ASLR Bypass (MS15-112: CVE-2015-6088)

A security feature bypass vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to improper implementation of the Address Space Layout Randomization ASLR security feature. A remote attacker can exploit this issue by enticing a user to open a specially crafted...

4.3CVSS6.1AI score0.31029EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•3 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6077)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.19795EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•3 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6082)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.13269EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•6 views

Microsoft Office Memory Corruption (MS15-116: CVE-2015-6038)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is caused when the Office software fails to properly validate templates. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

9.3CVSS7AI score0.35638EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•6 views

Microsoft Internet Explorer Scripting Engine Memory Corruption (MS15-112: CVE-2015-6089)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to a missing critical error check when allocating dynamic memory. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page. Successful...

9.3CVSS7.4AI score0.13269EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•5 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6085)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS3.2AI score0.15926EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6073)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.16815EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6072)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.13269EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•4 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6084)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.15926EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•8 views

Microsoft Office Memory Corruption (MS15-116: CVE-2015-6093)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is caused when the Office software fails to properly validate templates. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

9.3CVSS7AI score0.23203EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•5 views

Microsoft Windows Winsock Elevation of Privilege (MS15-119: CVE-2015-2478)

An elevation of privilege vulnerability exists in Windows Winsock. The vulnerability is due to an error in the way windows kernel verifies memory address. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted code...

7.2CVSS6.3AI score0.0189EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•9 views

Microsoft Graphics Component Remote Code Execution (MS15-115: CVE-2015-6103)

A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to open a maliciously crafted TTF file...

9.3CVSS7.1AI score0.35288EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•10 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6071)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.21661EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•3 views

Microsoft Windows Graphics Memory Remote Code Execution (MS15-115: CVE-2015-6104)

A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to open a maliciously crafted TTF file...

9.3CVSS7.1AI score0.35288EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6070)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.13269EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•8 views

Microsoft .NET Information Disclosure (MS15-118: CVE-2015-6096)

An information disclosure vulnerability exists in Microsoft .NET Framework. The specific vulnerability involves DTD problem in the underlying calls to XmlParser. An attacker who successfully exploited this vulnerability could gain read access to local files on the target system...

4.3CVSS6.3AI score0.61024EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6068)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.15926EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6075)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.19795EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/11/10 12:0 a.m.•5 views

Microsoft Internet Explorer Memory Corruption (MS15-112: CVE-2015-6087)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.13269EPSS
Exploits0
Total number of security vulnerabilities13538