Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/08/05 12:0 a.m.•3 views

Novell GroupWise WebAccess Cross-Site Scripting (CVE-2014-0611)

A cross-site scripting vulnerability exists in Novell GroupWise WebAccess. The vulnerability is due to lack of input validation when handling email attachments. A remote, unauthenticated attacker can exploit this vulnerability by enticing a target user to view crafted web content. A successful...

4.3CVSS5.9AI score0.02317EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/05 12:0 a.m.•4 views

Adobe Flash Player Use After Free Remote Code Execution (APSB15-16: CVE-2015-3132)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS3.4AI score0.06744EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/04 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5104)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS6.4AI score0.05589EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/04 12:0 a.m.•3 views

Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5103)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS6.4AI score0.05589EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/04 12:0 a.m.•3 views

Adobe Flash Player Type Confusion (APSB15-16: CVE-2015-3120)

A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...

10CVSS3.1AI score0.07356EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/04 12:0 a.m.•3 views

Adobe Acrobat and Reader Use-After-Free (APSB15-15: CVE-2015-5111; CVE-2015-5113)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

6.8CVSS6.1AI score0.05688EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/04 12:0 a.m.•4 views

Adobe Flash Player Memory Corruption (APSB15-16: CVE-2015-3130)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.4AI score0.05307EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/03 12:0 a.m.•6 views

Adobe Acrobat and Reader Integer Overflow (APSB15-15: CVE-2015-5097)

An integer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Acrobat while parsing a specially crafted TIFF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted TIFF file...

10CVSS6.4AI score0.18855EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/03 12:0 a.m.•3 views

Adobe Reader Memory Corruption (APSB15-15: CVE-2015-5100)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

10CVSS6.3AI score0.05589EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/03 12:0 a.m.•5 views

Adobe Acrobat And Reader Use-After-Free (APSB15-15: CVE-2015-5099)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

10CVSS6.1AI score0.0659EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/03 12:0 a.m.•3 views

Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5101)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS6.4AI score0.06908EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/03 12:0 a.m.•4 views

Oracle Data Quality Trillium Based SetEntities Type Confusion (CVE-2015-0444)

A remote code execution vulnerability exists in Oracle Data Quality TSS12.LoaderWizard.lwctrl ActiveX control. The vulnerability is due to a type confusion when handling data passed to SetEntities. A remote attacker can exploit this vulnerability by enticing a user to access a maliciously crafted...

6.8CVSS3.4AI score0.0189EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/03 12:0 a.m.•6 views

Adobe Acrobat and Reader Stack Underflow (APSB15-15: CVE-2015-5098)

A stack underflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted EMF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file...

10CVSS6.3AI score0.06345EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/03 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5102)

A remote code execution vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Reader and Acrobat while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a...

10CVSS7.1AI score0.05589EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/02 12:0 a.m.•3 views

Adobe Acrobat and Reader Use-After-Free Remote Code Execution (APSB15-15: CVE-2015-5095)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

10CVSS6.1AI score0.06908EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/02 12:0 a.m.•3 views

Adobe Acrobat And Reader JavaScript API code execution (APSB15-15: CVE-2015-5086)

A Restrictions Bypass Privileged JavaScript API Execution Vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the use of trusted function which provides certain privileges that allows overwriting objects. A remote attacker can exploit this vulnerability by enticing the...

6.8CVSS6.8AI score0.05746EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/02 12:0 a.m.•3 views

Adobe Acrobat and Reader Buffer Overflow (APSB15-15: CVE-2015-5093)

A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS6.6AI score0.0907EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/02 12:0 a.m.•3 views

Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5094)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS6.4AI score0.05589EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/08/02 12:0 a.m.•8 views

GNU wget FTP Remote File Creation (CVE-2014-4877)

An input validation error exists in wget. The vulnerability can occur when wget retrieves files or directories over FTP that are or that contain symlinks. A remote attacker can exploit this vulnerability by creating a crafted FTP directory listing on a server and enticing a user to open the FTP...

9.3CVSS2.4AI score0.39883EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/08/01 12:0 a.m.•9 views

ISC BIND Invalid TKEY Query Denial Of Service (CVE-2015-5477; CVE-2020-8625)

A denial of service vulnerability has been reported in ISC BIND DNS servers. The vulnerability is due to the way that the DNS server improperly handles invalid TKEY resource records. A remote attacker may exploit this issue by sending a specially crafted DNS query to a DNS server. Successful...

7.8CVSS1.8AI score0.91284EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2015/07/30 12:0 a.m.•2 views

Multiple OS Malicious Shellcode Remote Code Execution

Numerous shellcodes exist that aim at exploiting remote machines, in order to take control over them or run malicious code. The download or transfer of these payloads might indicate an attack is underway...

3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/29 12:0 a.m.•2 views

Suspicious JavaScript Web Redirection

The page contains suspiciously obfuscated web redirection...

1.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/28 12:0 a.m.•2 views

Angler Exploit Kit Landing Page Patterns

Angler exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Angler exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution o...

5.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/28 12:0 a.m.•2 views

Adobe Acrobat and Reader Memory Corruption (APSB15-15: CVE-2015-5087)

A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error while loading a PDF containing a malicious JavaScript code. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected versio...

10CVSS6.4AI score0.05589EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/28 12:0 a.m.•2 views

Adobe Acrobat and Reader Security Bypass (APSB15-15: CVE-2015-4447)

A security bypass vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a specially crafted PDF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted PDF file...

10CVSS6.2AI score0.07653EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/28 12:0 a.m.•3 views

Adobe Acrobat and Reader Use After Free Code Execution (APSB15-15: CVE-2015-4448)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

10CVSS6.1AI score0.0659EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/28 12:0 a.m.•6 views

WordPress Comment SQL Injection (CVE-2015-2213)

An SQL injection vulnerability has been reported in WordPress Comments. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.1AI score0.10986EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/28 12:0 a.m.•10 views

WordPress post Request Privilege Escalation (CVE-2015-2212; CVE-2015-5623)

A privilege escalation vulnerability has been found in WordPress Post Request. An authenticated remote attacker may leverage this vulnerability to gain access From Subscriber to certain Editor capabilities of the vulnerable server...

4CVSS3.6AI score0.08814EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/07/28 12:0 a.m.•5 views

ClamAV UPX File Handling Integer Overflow (CVE-2015-2170)

An integer overflow vulnerability exists in ClamAV Antivirus software. The vulnerability is due to an error in "upx.c" while parsing UPX-packed executable files. A remote attacker could exploit this vulnerability to cause a denial of service condition on the target system...

5CVSS6.6AI score0.03215EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/27 12:0 a.m.•6 views

Adobe Flash Player Same Origin Policy Bypass (APSB15-16: CVE-2014-0578)

A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

5CVSS4.1AI score0.03563EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/26 12:0 a.m.•1 views

Potentially Malicious Web Site

Some Web sites include heavily-obfuscated JavaScript code, hidden redirection iframe, and other methods to cause unintended browser behavior. This protection blocks such potentially-malicious code from being downloaded to the user's browser...

1.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/26 12:0 a.m.•4 views

Adobe Flash Player Use After Free Remote Code Execution (APSB15-16: CVE-2015-3127; CVE-2015-3131)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS3.4AI score0.06744EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/26 12:0 a.m.•4 views

Adobe Flash Use After Free Code Execution (APSB15-16: CVE-2015-3128; CVE-2015-3136; CVE-2015-3137; CVE-2015-4428)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS4.1AI score0.39237EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/23 12:0 a.m.•15 views

PHP Multiple Function Stack Buffer Overflow (CVE-2015-3329; CVE-2016-10159)

A buffer overflow vulnerability exists in PHP. The vulnerability is due to improper bounds checking when handling .tar, .phar or .zip archives in the pharsetinode function or pharparsepharfile function. A remote attacker can exploit this vulnerability by providing a crafted .tar or .phar file to ...

7.5CVSS3AI score0.38434EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/07/23 12:0 a.m.•13 views

IBM Lotus Notes Attachment Viewer UUE File Handling Buffer Overflow - ver 2 (CVE-2005-2618)

Lotus Notes is a client-server collaborative software and email system provided by IBM. The Lotus Notes email client application is capable of communicating with email servers over the SMTP, POP and IMAP protocols. There exists a buffer overflow vulnerability in IBM Lotus Notes Attachment Viewer...

9.3CVSS7.8AI score0.07922EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2015/07/23 12:0 a.m.•8 views

Microsoft Office Remote Code Execution (MS15-059: CVE-2015-1759)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to improper handling of objects in memory while parsing a specially crafted Office file. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted Office fil...

9.3CVSS6.9AI score0.16407EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/23 12:0 a.m.•7 views

Microsoft Office Remote Code Execution (MS15-059: CVE-2015-1760)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to improper handling of objects in memory while parsing a specially crafted Office file. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted Office fil...

9.3CVSS6.9AI score0.16407EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/22 12:0 a.m.•3 views

Adobe Flash Player Type Confusion (APSB15-16: CVE-2015-3121)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type confusion condition while handling a malformed SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file. Successful...

10CVSS2.5AI score0.06744EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/22 12:0 a.m.•3 views

Fiesta Exploit Kit Landing Page

Fiesta is an exploit kit used by attackers targeting computer users. Remote attackers can infect users with Fiesta by enticing them to visit a malicious landing page...

4.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/22 12:0 a.m.•10 views

cURL and libcurl Cookie Path Parsing Remote Code Execution (CVE-2015-3145)

A heap buffer underflow vulnerability exists in cURL and libcurl. The vulnerability is due error when parsing a cookie path in an HTTP response. A remote, unauthenticated attackers can exploit this vulnerability by enticing user to perform a cURL on a crafted URL or provide malicious HTTP respons...

7.5CVSS2.8AI score0.3763EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/22 12:0 a.m.•9 views

Samsung Security Manager ActiveMQ Broker Service Multiple Vulnerabilities (CVE-2015-1499)

Multiple policy bypass vulnerabilities have been reported in Samsung Security Manager. The vulnerabilities are due to the permitting of unauthenticated PUT, MOVE and DELETE requests on the server. A remote unauthenticated attacker could exploit this vulnerability by sending a PUT, MOVE or DELETE...

8.5CVSS2.5AI score0.01389EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/21 12:0 a.m.•11 views

Microsoft Windows Media Player Remote Code Execution (MS15-057; CVE-2015-1728)

A remote code execution vulnerability has been reported in Microsoft Windows Media Player. The vulnerability is due to an error in Microsoft Windows Media Player while handling specially crafted DataObjects. A remote attacker could trigger this flaw by convincing a victim to open a specially...

9.3CVSS7AI score0.17676EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/20 12:0 a.m.•6 views

Adobe Flash Player Type Confusion (APSB15-16: CVE-2015-3119)

A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...

10CVSS3.1AI score0.06744EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/20 12:0 a.m.•4 views

PHP phar_parse_tarfile method Integer Overflow (CVE-2015-4021)

An integer overflow vulnerability exists in PHP. The vulnerability is due to an issue with the parsing of TAR files by pharparsetarfile. A remote attacker can exploit the vulnerability by sending crafted data to a web application running a vulnerable version of PHP. Successful exploitation could...

5CVSS4.1AI score0.21398EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/07/20 12:0 a.m.•12 views

Microsoft Windows ATMFD Font Driver Kernel Pool Overflow (MS15-078: CVE-2015-2426)

A flaw has been discovered in Microsoft Windows OTF files. Successful exploitation could lead to a kernel pool overflow when a system attempt to copy data results in memory corruption...

9.3CVSS2.9AI score0.8669EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2015/07/20 12:0 a.m.•8 views

Panasonic Security API SDK MulticastAddr Stack Buffer Overflow (CVE-2015-4648)

A buffer overflow vulnerability exists in Panasonic Security API SDK, Ipropsapi.ipropsapiCtrl.1 ActiveX Control component. The vulnerability is due to a lack of boundary checks on a parameter passed to the MulticastAddr method. A remote attacker can exploit this vulnerability by enticing the vict...

7.5CVSS3.9AI score0.06369EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/20 12:0 a.m.•2 views

Adobe Flash Player Memory Corruption (APSB15-16: CVE-2015-3117)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.4AI score0.05307EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/20 12:0 a.m.•3 views

Adobe Flash Use After Free Code Execution (APSB15-16: CVE-2015-3118)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS4.1AI score0.40411EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/20 12:0 a.m.•26 views

HP LoadRunner launcher.dll Stack Buffer Overflow (CVE-2015-2110)

A stack buffer overflow vulnerability exists in HP LoadRunner. The vulnerability is due to insufficient validation of a length value in SSL communication with the HP LoadRunner. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted request to the vulnerab...

10CVSS6.8AI score0.10867EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/20 12:0 a.m.•7 views

WebUI mainfile.php Arbitrary Command Injection

An arbitrary command injection vulnerability exists in WebUI. The vulnerability is due to insufficient validation of multiple parameters in "mainfile.php" when handling HTTP requests. A remote, authenticated attacker can exploit this vulnerability by sending maliciously crafted input to the...

2.8AI score
Exploits0
Total number of security vulnerabilities13538