Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•4 views

Microsoft Edge security bypass (MS15-094: CVE-2015-2484)

A tampering vulnerability has been reported in Microsoft Edge. The vulnerability is due to improper misuse of the COM interface. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Edge...

6.4CVSS6.1AI score0.137EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•18 views

Microsoft Windows Media Center Remote Code Execution (MS15-100: CVE-2015-2509)

A flaw has been reported in Windows Media Center when parsing MCL files. This flaw could allow malicious users to execute arbitrary code on a target Windows system by enticing the victim to open a specially crafted Media Center file...

9.3CVSS7AI score0.71044EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•1 views

Revived Wire Media PHP File Manager Username Backdoor

An attacker might use a backdoor which exists in PHP File Manager's user database. A successful exploitation might allow the attacker to create an administrator user on vulnerable installations or to run arbitrary code...

3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2498)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

9.3CVSS7AI score0.23671EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2485)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer handle element identifiers since it fails to detect a specific failure case which can be abused to corrupt arbitrary memory. A remote attacker can exploit...

9.3CVSS7.1AI score0.16505EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2487)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.18071EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•9 views

Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2486)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory . A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page...

9.3CVSS7.1AI score0.20243EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•5 views

Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2499)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer dealing with an object that can cause an out-of-bound memory access. A remote attacker can exploit this issue by enticing a user to open a...

9.3CVSS7AI score0.23671EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•7 views

Microsoft Internet Explorer Information Disclosure (MS15-094: CVE-2015-2483)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...

5CVSS5.8AI score0.19142EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•7 views

Microsoft Windows OpenType Font Parsing Denial Of Service (MS15-097: CVE-2015-2506)

A denial of service vulnerability exists in Microsoft Windows. The vulnerability is caused when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. A remote attacker can exploit this issue by enticing a target user to open a specially crafted file...

9.3CVSS6AI score0.15881EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•19 views

Microsoft Internet Explorer Memory Corruption (MS15-094: CVE-2015-2493)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.18071EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/08 12:0 a.m.•7 views

Microsoft Windows Journal Remote Code Execution (MS15-098: CVE-2015-2513)

A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...

9.3CVSS7AI score0.19155EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/06 12:0 a.m.•2 views

Matt Wright FormMail Multiple cross-site scripting (XSS) vulnerabilities (CVE-2009-1776; CVE-2009-1777)

FormMail is prone to an HTTP-response-splitting vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user, steal...

5CVSS1AI score0.01972EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/09/06 12:0 a.m.•3 views

Ajax File Browser settings.inc.php File Inclusion (CVE-2007-4921)

A remote file inclusion vulnerability has been reported in Ajax File Browser. The vulnerability is due to lack of sanitization for user-supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected systems...

7.5CVSS4.3AI score0.52766EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/09/06 12:0 a.m.•6 views

Form Mail Script Formmail.inc.php File Inclusion (CVE-2005-0678)

A PHP remote file inclusion vulnerability has been reported in Form Mail Script. A remote attacker could trigger this flaw by executing an arbitrary PHP code after modifying the scriptroot to reference a URL on a remote web server that contains the code...

7.5CVSS2.1AI score0.02759EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/09/06 12:0 a.m.•3 views

Microsoft Edge Memory Corruption (MS15-094: CVE-2015-2488; CVE-2015-2488)

A remote code execution vulnerability has been reported in Microsoft Edge. The vulnerability is due to an error in the way that Microsoft Edge accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...

5.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/06 12:0 a.m.•2 views

WordPress All-in-One Migration Plugin Export

An unauthenticated download vulnerability has been reported in WordPress All-in-One Migration Plugin. Successful exploitation of this vulnerability would allow a remote attacker to receive the affected system's database...

4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/06 12:0 a.m.•5 views

Tropicalm Crowell Resource RESPATH File Inclusion (CVE-2007-2530)

A remote file inclusion vulnerability has been reported in Tropicalm Crowell Resource. The vulnerability is due to lack of sanitization for user-supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected systems...

7.5CVSS4.5AI score0.03279EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/06 12:0 a.m.•9 views

WordPress Theme Photocrati SQL Injection (CVE-2015-2216)

An SQL injection has been reported in WordPress Theme Photocrati. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS4.8AI score0.04737EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/09/03 12:0 a.m.•7 views

Focus SIS staticpath File Inclusion (CVE-2007-4807)

A remote file inclusion vulnerability has been reported in Focus SIS. The vulnerability is due to lack of sanitization for user-supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected systems...

7.5CVSS4.3AI score0.03215EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/09/03 12:0 a.m.•2 views

Malicious Mail Payload Containing JavaScript Downloader

Certain malicious executable files can be hidden using js downloader file. A remote attacker could exploit this vulnerability to entice unsuspecting users to execute arbitrary files...

4.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/03 12:0 a.m.•4 views

Nmap Scripting Engine Scanner Over HTTP Request

Nmap Scripting Engine is a vulnerability scanning product. Remote attackers can use Nmap Scripting Engine to detect vulnerabilities on a target server...

1.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/03 12:0 a.m.•7 views

AjaxPortal di.php File Inclusion (CVE-2009-2262)

A remote file inclusion vulnerability has been reported in AjaxPortal. The vulnerability is caused due to improper handling of crafted URL using the "pathtoserverdata" parameter. Successful exploitation will let the remote attacker to execute arbitrary PHP code...

7.5CVSS7.1AI score0.01236EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/01 12:0 a.m.•3 views

Muieblackcat PHP Scanner

Muieblackcat is a vulnerability scanning product. Remote attackers can use Muieblackcat to detect vulnerabilities on a target server...

3.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/09/01 12:0 a.m.•2 views

FTP ftpchk3.php File Upload

A file upload vulnerability has been reported in FTP servers. The uploaded file is ftpchk3.php which contains a virus. This virus changes all web files, PHP, HTML, Javascript and TPL files in CMS systems to add a malicious script into the site. Successful exploitation of this vulnerability could...

1.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/31 12:0 a.m.•2 views

Mozilla Products Malformed GIF Buffer Overflow (CVE-2005-0399)

A vulnerability exists in the way Mozilla products parse certain extension blocks in GIF image files. A specially crafted value can trigger a heap-based buffer overflow. An attacker can exploit this flaw to execute arbitrary code on the target with the privileges of the currently logged in user...

5.1CVSS7.2AI score0.15116EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/08/31 12:0 a.m.•11 views

NetIQ Security Solutions for ISeries SafeShellExecute Stack Buffer Overflow (CVE-2015-0795)

A vulnerability has been reported in NetIQ Security Solutions for ISeries. The vulnerability is due to a stack buffer overflow in the NetIQExecObject.NetIQExec ActiveX Control when processing parameters to the SafeShellExecute function. A remote attacker can exploit this vulnerability by enticing...

6.8CVSS3.4AI score0.03685EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/26 12:0 a.m.•1 views

WordPress Business Intelligence Lite Plugin SQL Injection

An SQL injection vulnerability has been reported in WordPress Business Intelligence Lite Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

4.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/26 12:0 a.m.•3 views

Adobe Flash Player Buffer Overflow (APSB15-19: CVE-2015-5132)

A buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS5.2AI score0.50728EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/26 12:0 a.m.•7 views

Adobe Acrobat Reader Cross-Site Scripting (APSB15-15 : CVE-2015-5092)

A cross site vulnerability has been discover in Adobe Reader and Acrobat. A remote attacker could trigger this issue via a specially crafted HTTP request. Successful exploitation will allow the attacker to execute a cross-site scripting attack...

5CVSS5.7AI score0.04644EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/26 12:0 a.m.•4 views

Adobe Flash Player Memory Corruption (APSB15-19: CVE-2015-5548)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue and lead to code execution...

10CVSS5.9AI score0.38168EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/26 12:0 a.m.•6 views

Adobe Acrobat And Reader JavaScript API code execution (APSB15-15: CVE-2015-5085)

A Restrictions Bypass Privileged JavaScript API Execution Vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the use of trusted function which provides certain privileges that allows overwriting objects. A remote attacker can exploit this vulnerability by enticing the...

6.8CVSS6.8AI score0.05746EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/25 12:0 a.m.•2 views

Adobe Acrobat and Reader Integer Overflow (APSB15-15: CVE-2015-5108)

An integer overflow vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a specially crafted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF...

10CVSS6.3AI score0.06908EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/25 12:0 a.m.•7 views

Adobe Acrobat and Reader Memory Leak (APSB15-15: CVE-2015-5107)

A memory leak vulnerability has been reported in Adobe Reader. The vulnerability is due to an error in Adobe Reader while handling specially crafted PDF files. A remote attacker can exploit this issue by enticing a target user to open a malicious website containing a specially crafted PDF file...

4.3CVSS6.1AI score0.03836EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/25 12:0 a.m.•2 views

Adobe Reader and Acrobat Security Bypass (APSB15-15: CVE-2015-4449)

A Security Bypass vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

5CVSS6.1AI score0.04644EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/25 12:0 a.m.•5 views

Adobe Acrobat and Reader Integer Overflow (APSB15-15: CVE-2015-5109)

An integer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Acrobat while parsing a specially crafted pdf file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted pdf file...

6.8CVSS6.4AI score0.06071EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/25 12:0 a.m.•4 views

PHPInfo Large Input Cross-Site Scripting (CVE-2006-0996)

PHP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site...

4.3CVSS2.1AI score0.10813EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/08/24 12:0 a.m.•4 views

Mitsubishi MX Component v3 ActiveX Buffer Overflow (CVE-2013-3075)

A code execution vulnerability has been reported in Mitsubishi's MX PLC component. The vulnerability is due to insufficient validation of input by several functions. A remote attacker can exploit this vulnerability by enticing a user to visit a maliciously crafted website. This can lead to code...

10CVSS3.9AI score0.10771EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/08/24 12:0 a.m.•4 views

Adobe Acrobat and Reader Denial of Service (APSB15-15: CVE-2015-5091)

A denial of service vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to invalid data. A remote attacker can exploit this issue by enticing a target user to open a specially crafted file...

7.8CVSS6AI score0.04663EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/24 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5105)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while converting a PCX file to PDF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PCX file wit...

10CVSS6.4AI score0.06345EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/24 12:0 a.m.•5 views

Adobe Acrobat and Reader Security Bypass (APSB15-15: CVE-2015-5089)

A security bypass vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a specially crafted PDF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted PDF file...

5CVSS6.2AI score0.04644EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/24 12:0 a.m.•15 views

IBM Lotus Domino BMP Color Palette Stack Buffer Overflow (CVE-2015-1903)

A stack buffer overflow vulnerability has been reported in IBM Lotus Domino. The vulnerability is due to improper bounds checking while parsing a BMP image with an overly large color palette. A remote attacker could trigger this flaw by sending a specially crafted BMP file...

10CVSS5.7AI score0.07958EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/23 12:0 a.m.•3 views

Adobe Reader and Acrobat JavaScript bypass security restrictions (APSB15-15 : CVE-2015-4451)

A remote code execution vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe Reader handles certain API functions, that could lead to bypass restrictions. A remote attacker can exploit this issue by enticing a target user to open a specially craft...

9.3CVSS7AI score0.05765EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/23 12:0 a.m.•3 views

Adobe Acrobat And Reader JavaScript API Code Execution (APSB15-15: CVE-2015-4452)

A Restrictions Bypass Privileged JavaScript API Execution Vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the use of trusted function which provides certain privileges that allows overwriting objects. A remote attacker can exploit this vulnerability by enticing the...

9.3CVSS6.8AI score0.05765EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/23 12:0 a.m.•5 views

Adobe Flash Player Type Confusion (APSB15-19: CVE-2015-5562)

A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...

10CVSS3.1AI score0.42344EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/23 12:0 a.m.•4 views

Adobe Flash Use After Free Code Execution (APSB15-19: CVE-2015-5551)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS4.1AI score0.43736EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/23 12:0 a.m.•3 views

Adobe Flash Player Type Confusion (APSB15-19: CVE-2015-5554)

A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...

10CVSS3.1AI score0.42344EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/23 12:0 a.m.•4 views

Adobe Flash Player Memory Corruption (APSB15-19: CVE-2015-5564)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS4.2AI score0.06535EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/23 12:0 a.m.•6 views

Adobe Acrobat And Reader JavaScript API Code Execution (APSB15-15: CVE-2015-4435)

A Restrictions Bypass Privileged JavaScript API Execution Vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the use of trusted function which provides certain privileges that allows overwriting objects. A remote attacker can exploit this vulnerability by enticing the...

10CVSS6.8AI score0.06978EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/23 12:0 a.m.•7 views

Adobe Acrobat and Reader Security Bypass (APSB15-15: CVE-2015-5090)

A security bypass vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a corrupted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

7.2CVSS6.2AI score0.0107EPSS
Exploits0
Total number of security vulnerabilities13538