Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/08/12 12:0 a.m.•4 views

DIY-CMS blog mod SQL Injection (CVE-2011-5140)

An SQL injection vulnerability has been reported in DIY-CMS blog mod. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.3AI score0.01805EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/08/12 12:0 a.m.•3 views

PhpGedView File Inclusion and PHP Code Injection Vulnerabilities (CVE-2011-0405)

PhpGedView is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process...

6.8CVSS3.2AI score0.06055EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/08/12 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB15-19: CVE-2015-5126)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

4.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/12 12:0 a.m.•5 views

Google Android Stagefright 3GPP Integer Underflow (CVE-2015-3828)

A remote code execution vulnerability, known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to an integer underflow condition in multiple MP4 atoms. Successful exploitation would allow an attacker to execute arbitrary code on the target system...

10CVSS4.2AI score0.85378EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/12 12:0 a.m.•5 views

Google Android Stagefright 3GPP Metadata Buffer Overread (CVE-2015-3826)

A denial of service vulnerability ,known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to a buffer overread in 3GPP Metadata. Successful exploitation could result in a denial of service condition...

5CVSS3.6AI score0.73566EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/12 12:0 a.m.•8 views

Google Android Stagefright MP4 Multiple Atoms Integer Underflow (CVE-2015-1539; CVE-2015-3827)

A remote code execution vulnerability, known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to an integer underflow condition in multiple MP4 atoms. Successful exploitation would allow an attacker to execute arbitrary code on the target system...

10CVSS4AI score0.85792EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/12 12:0 a.m.•5 views

Adobe Flash Player Use After Free Code Execution (APSB15-19: CVE-2015-3107; CVE-2015-5565)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error while loading specially crafted SWF files. A remote attacker can exploit this issue by enticing the victim to open a specially crafted SWF file...

10CVSS3.5AI score0.32432EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/12 12:0 a.m.•21 views

Google Android Stagefright MP4 Multiple Atoms Integer Overflow (CVE-2015-1538; CVE-2015-3824; CVE-2015-3829; CVE-2015-3864)

A remote code execution vulnerability, known as Stagefright Vulnerability, has been reported in Android devices core. The vulnerability is due to an integer overflow condition in multiple MP4 atoms. Successful exploitation would allow an attacker to execute arbitrary code on the target or to crea...

10CVSS4.9AI score0.99064EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2015/08/12 12:0 a.m.•3 views

Adobe Flash Use After Free Code Execution (APSB15-19: CVE-2015-5130)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS4.1AI score0.49204EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/12 12:0 a.m.•2 views

Adobe Flash Player Security Bypass (APSB15-19: CVE-2015-5125)

A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient security restrictions while handling specially crafted SWF files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file using...

10CVSS2.8AI score0.05652EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•4 views

Turnkey Web Tools PHP Live Helper 1.8 Remote File Inclusion (CVE-2006-1477)

A file inclusion vulnerability has been reported in Turnkey Web Tools PHP Live Helper. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS3.3AI score0.04696EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•3 views

Tembria Server Monitor Denial of Service (CVE-2010-1316)

A buffer overflow vulnerability has been reported in Tembria Server Monitor. The vulnerability is due to unknown function of the file index.asp. The manipulation with an unknown input leads to a buffer overflow vulnerability...

5CVSS6.9AI score0.09693EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•4 views

Microsoft Office Memory Corruption (MS15-081: CVE-2015-2477)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is caused when the Office software fails to properly validate templates. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

9.3CVSS7AI score0.13601EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•4 views

Microsoft Internet Explorer Information Disclosure (MS15-079: CVE-2015-2423)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...

4.3CVSS5.8AI score0.19851EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•4 views

Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2458)

Remote code execution vulnerabilities exist in Microsoft Windows. The vulnerability is due to an error in the way Microsoft Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. A remote attacker can exploit this issue by enticing a victim to open a specially...

9.3CVSS4.3AI score0.32351EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•3 views

Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2432)

Remote code execution vulnerabilities exist in Microsoft Windows Graphics Component. The vulnerability is due to an error in the way Microsoft Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. A remote attacker can exploit this issue by enticing a victim to...

9.3CVSS6.9AI score0.30271EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•3 views

Microsoft Office Memory Corruption (MS15-081: CVE-2015-2469)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in handling of an uninitialized or deleted object. A remote attacker can exploit this issue by enticing a victim to open a specially crafted office file...

9.3CVSS7AI score0.26857EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•4 views

Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2462)

A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to view TTF files in shared content...

9.3CVSS7.1AI score0.35562EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•4 views

Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2463)

A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to view TTF files in shared content...

9.3CVSS7.1AI score0.34475EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•2 views

Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2461)

A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted OTF files. A remote attacker can exploit this issue by enticing a user to view OTF files in shared content...

9.3CVSS4.1AI score0.36366EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•5 views

Microsoft Office Integer Underflow (MS15-081: CVE-2015-2470)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially crafted office...

9.3CVSS6.9AI score0.26857EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2442)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15631EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•4 views

Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2435)

A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to open a maliciously crafted TTF file...

9.3CVSS7.1AI score0.2187EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2443)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

9.3CVSS7.1AI score0.23758EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2446)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in memory allocation while handling certain JavaScript objects. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an...

9.3CVSS7AI score0.15631EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2448)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.18071EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•13 views

Microsoft Office Memory Corruption (MS15-081: CVE-2015-2468)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.43407EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2444)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS4.1AI score0.33558EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•4 views

Microsoft Office Graphics Component Remote Code Execution (MS15-080: CVE-2015-2431)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.29843EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•9 views

Microsoft Office Component Use After Free (MS15-081: CVE-2015-1642)

A remote code execution vulnerability has been reported in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a...

9.3CVSS5AI score0.53213EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•5 views

Microsoft Windows OpenType Font Parsing Remote Code Execution (MS15-080: CVE-2015-2459)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the OpenType Font OTF driver handles objects in memory. A remote attacker can exploit this issue by enticing a target user to open a specially crafted .otf file or web pag...

9.3CVSS5.1AI score0.32351EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•4 views

Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2450)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.18071EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•10 views

Microsoft Office Memory Corruption (MS15-081: CVE-2015-2467)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.2769EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•12 views

Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2452)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15631EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•7 views

Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2455)

A remote code execution vulnerability has been reported in Microsoft Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to view TTF files in shared content...

9.3CVSS7AI score0.37429EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•10 views

Microsoft Graphics Component Remote Code Execution (MS15-080: CVE-2015-2464)

A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to view TTF files in shared content...

9.3CVSS7.1AI score0.35562EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-079: CVE-2015-2451)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.18071EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•5 views

Microsoft Graphics Component Remote Code Execution (MS15-080:CVE-2015-2456)

A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted TTF files. A remote attacker can exploit this issue by enticing a user to view TFF files in shared content...

9.3CVSS7.1AI score0.35562EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/08/11 12:0 a.m.•6 views

Microsoft Windows OpenType Font Parsing Remote Code Execution (MS15-080: CVE-2015-2460)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the OpenType Font OTF driver handles objects in memory. A remote attacker can exploit this issue by enticing a target user to open a specially crafted web page or email...

9.3CVSS7.5AI score0.31334EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2015/08/10 12:0 a.m.•4 views

Microsoft Windows Kernel Bitmap Handling Use After Free (MS15-061: CVE-2015-1722)

Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and corrupt kernel memory...

7.2CVSS6.9AI score0.03477EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/08/10 12:0 a.m.•4 views

Belkin Wireless Router Security Authentication Bypass (CVE-2008-1244)

An authentication bypass vulnerability exists in Belkin routers firmware. The vulnerability is due to the executable "/cgi-bin/setupdns.exe" which does not require authentication. This allows remote attackers to perform administrative actions without authentication...

10CVSS6.3AI score0.04896EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/08/10 12:0 a.m.•2 views

TP-LINK WR1043N Multiple Cross-Site Request Forgery (CVE-2013-2645)

Multiple cross-site request forgery CSRF vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043NDV1120405 allow remote attackers to hijack the authentication of administrators for requests...

9.3CVSS6.9AI score0.03013EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/08/10 12:0 a.m.•6 views

Adobe Flash Player Type Confusion (APSB15-16: CVE-2015-3122)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type confusion condition while handling a malformed SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file. Successful...

10CVSS2.5AI score0.06744EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/10 12:0 a.m.•8 views

Adobe Acrobat and Reader Information Disclosure (APSB15-15: CVE-2014-8450)

An Information Disclosure vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to the support of PDF standard in GotoE and GotoR actions that can be used to navigate to either an embedded resource GotoE or external resource GotoR without user interaction. Attacker...

5CVSS6AI score0.04644EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/10 12:0 a.m.•10 views

ManageEngine Multiple Products Multiple SQL Injections (CVE-2014-7868)

An SQL injection vulnerability exists in ManageEngine OpManager, Social IT Plus and IT360. The vulnerability is due to insufficient input validation of the OPMBVNAME parameter when processing requests using the APMBVHandler servlet. A remote attacker can exploit this vulnerability to inject and...

7.5CVSS4.8AI score0.73323EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2015/08/10 12:0 a.m.•5 views

Mozilla Firefox Same Origin Violation And Local File Access (2015-78; CVE-2015-4495)

Same origin violation and local file access vulnerability has been reported in Mozilla Firefox. The vulnerability is due to the mechanism that enforces JavaScript context separation and Firefox's PDF Viewer. Successful exploitation of this vulnerability could allow an attacker to read and obtain...

4.3CVSS1.9AI score0.70226EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2015/08/09 12:0 a.m.•5 views

D-Link DIR-636L Remote Command Injection and Authentication Bypass (CVE-2015-1187)

Remote command injection and authentication bypass vulnerabilities exist in D-Link routers. The vulnerabilities are due to incorrectly filtering input on the 'ping' and 'fwupgrade' tools which allows to inject arbitrary commands into the router and file upload without authentication. A remote...

10CVSS5.7AI score0.82863EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2015/08/09 12:0 a.m.•2 views

Adobe Flash Player Memory Corruption (APSB15-16: CVE-2015-3134)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted FLV file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted FLV file...

10CVSS4.2AI score0.26497EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/06 12:0 a.m.•6 views

SolarWinds Storage Manager AuthenticationFilter Policy Bypass

A policy bypass vulnerability has been reported in SolarWinds Storage Manager. The vulnerability is due to an issue where the AuthenticationFilter class fails to properly authenticate users prior to processing requests.A remote unauthenticated user can exploit this vulnerability by sending a...

2.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/06 12:0 a.m.•2 views

Adobe Flash Use After Free Code Execution (APSB15-16: CVE-2015-3124)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS4.1AI score0.33401EPSS
Exploits0
Total number of security vulnerabilities13538