Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/07/19 12:0 a.m.•1 views

ManageEngine Applications Manager CommonAPIUtil SyncMonitors haid SQL Injection

An SQL injection vulnerability exists in ManageEngine Applications Manager. This vulnerability is due to insufficient validation of the haid parameter when processing requests using the SyncMonitors method of the CommonAPIUtil class. A remote attacker can exploit this vulnerability to inject and...

5.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/19 12:0 a.m.•7 views

Oracle Java Spearphishing Email Remote Code Execution (CVE-2015-2590)

A remote code execution vulnerability has been reported in Oracle Java. The infection technique will include spearphishing attempt against the victim. A remote attacker may exploit this issue by enticing a target user to open a specially crafted file. Successful exploitation would allow an attack...

10CVSS4AI score0.25469EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/19 12:0 a.m.•4 views

OpenSSL Alternative Chains Certificate Forgery (CVE-2015-1793)

A vulnerability has been detected in the way OpenSSL verifies certificate chains. An attacker may leverage this vulnerability to forge a valid certificate, even if its signing certificate is not recognized by a Certificate Authority CA...

6.4CVSS3AI score0.61798EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2015/07/19 12:0 a.m.•8 views

Microsoft Office TaskSymbol Memory Corruption Remote Code Execution (MS15-070: CVE-2015-2424)

A memory corruption vulnerability has been identified in Microsoft Office. A successful exploitation attempt may result in the execution of arbitrary code in the security context of the current user...

9.3CVSS9.3AI score0.38497EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/19 12:0 a.m.•13 views

EMC AutoStart ftagent Remote Command Execution (CVE-2015-0538)

A remote command execution vulnerability exists in EMC AutoStart. The vulnerability is due to insecure communication between the ftagent processes on nodes of an AutoStart cluster. A remote unauthenticated attacker can leverage this vulnerability by sending malicious requests to the ftagent proce...

9.3CVSS4.1AI score0.07209EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/19 12:0 a.m.•10 views

Adobe Flash Player Same Origin Policy Bypass (APSB15-16: CVE-2015-3116; CVE-2015-3115)

A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

5CVSS4.1AI score0.04379EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/16 12:0 a.m.•2 views

Suspicious Sender Address

Most mail transfer agents perform certain normalizations over mail headers, including the sender address. A non-normalized sender address may imply a non-standard mail transfer agent, which could indicate suspicious activity...

1.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/16 12:0 a.m.•4 views

GnuTLS libtasn1 _asn1_extract_der_octet Memory Access Error (CVE-2015-3622)

A memory access error vulnerability exists in libtasn1, a component of GnuTLS. The vulnerability is due to a flaw in asn1extractderoctet that causes libtasn1 to read beyond the allocated buffer when processing a specially crafted DER-encoded input. A remote attacker can exploit this vulnerability...

4.3CVSS3.7AI score0.33094EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/07/16 12:0 a.m.•9 views

Arcserve Unified Data Protection Management getBackupPolicies Information Disclosure (CVE-2015-4069)

An information disclosure vulnerability exists in Arcserve Unified Data Protection UDP. This vulnerability exists in EdgeServiceImpl and is due to insufficient input validation of certain SOAP requests using the getBackupPolicies method. A remote unauthenticated attacker can exploit this...

7.8CVSS2.7AI score0.04431EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/15 12:0 a.m.•3 views

Novell ZENworks Configuration Management schedule.ScheduleQuery SQL Injection (CVE-2015-0782)

An SQL injection vulnerability exists in ZENworks Configuration Management. The vulnerability is due to insufficient sanitization of a request parameter in the run method of the ScheduleQuery class before using the parameter in SQL queries. A remote, unauthenticated attacker can exploit this...

7.5CVSS3.1AI score0.0708EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/15 12:0 a.m.•4 views

Adobe Flash Player Security Bypass (APSB15-16: CVE-2015-3114)

A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in the way Adobe Flash Player handles verification of cross domain policy files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

5CVSS2.3AI score0.04065EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/15 12:0 a.m.•11 views

Google Chrome blink buildShadowAndInstanceTree Use After Free (CVE-2015-1256)

A use-after-free vulnerability exists in Google Chrome, blink component. The vulnerability is due to error when building a shadow tree for a element with a direct reference to a disallowed element. A remote attacker could exploit this vulnerability by enticing a user to open a malicious webpage...

7.5CVSS2.7AI score0.01618EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•5 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2406)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•4 views

Microsoft Office Memory Corruption (MS15-070: CVE-2015-2379)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.13715EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•3 views

Microsoft Windows OLE Elevation of Privilege (MS15-075: CVE-2015-2416)

An elevation of privilege vulnerability exists in Microsoft Object Linking and Embedding OLE technology. The vulnerability is caused when OLE objects are improperly handled in memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

5CVSS6.2AI score0.10164EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•9 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2390)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•9 views

Microsoft Internet Explorer Information Disclosure (MS15-065: CVE-2015-2412)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to improper validation of file paths. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer...

4.3CVSS5.7AI score0.17855EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•10 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2425)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.44851EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•4 views

Microsoft Excel DLL Remote Code Execution (MS15-070; CVE-2015-2378)

A remote code execution vulnerability exists in Microsoft Excel. The vulnerability is due to the way that Microsoft Excel improperly handles the loading of dynamic link library DLL files. An attacker could trigger this flaw by convincing a victim to load a malicious DLL file...

6.9CVSS6.9AI score0.06303EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•9 views

Microsoft Office Memory Corruption (MS15-070: CVE-2015-2415)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.13601EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•11 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2383)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•11 views

Microsoft Internet Explorer ASLR Bypass (MS15-065: CVE-2015-2421)

A security feature bypass vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to improper implementation of the Address Space Layout Randomization ASLR security feature. A remote attacker can exploit this issue by enticing a user to open a specially crafted...

4.3CVSS6.2AI score0.13343EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•16 views

Microsoft Office Memory Corruption (MS15-070: CVE-2015-2376)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.15746EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•13 views

Microsoft DLL Planting Remote Code Execution (MS15-069: CVE-2015-2369)

A remote code execution vulnerability has been reported in Media Device Manager. The vulnerability is due to an error in the way Microsoft Windows improperly handles the loading of DLL files. A remote attacker can exploit this issue by enticing a user to open a specially crafted file...

6.9CVSS7AI score0.10307EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•19 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2404)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2422)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•9 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2408)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.20861EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•21 views

Microsoft SQL Server Remote Code Execution (MS15-058; CVE-2015-1762)

A remote code execution vulnerability exists in Microsoft SQL Server. The vulnerability is caused when Microsoft SQL Server incorrectly handles internal function calls to uninitialized memory. An attacker could exploit the vulnerability if a privileged user runs a specially crafted query on an...

7.1CVSS7.3AI score0.10359EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-1738)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•3 views

Adobe Flash Player BitmapData Remote Code Execution (APSA15-04: CVE-2015-5123)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type confusion condition while handling a malformed SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file. Successful...

10CVSS2.6AI score0.18493EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•17 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-1767)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7AI score0.1842EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•9 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2397)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•10 views

Microsoft Internet Explorer Information Disclosure (MS15-065: CVE-2015-2402)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in validation of registry key locations. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of...

4.3CVSS5.7AI score0.12426EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•18 views

Microsoft Windows Remote Desktop Protocol Code Execution (MS15-067: CVE-2015-2373)

A remote code execution vulnerability exists in Microsoft Windows Remote Desktop Protocol RDP. The vulnerability is due to an error in the way that the Remote Desktop Protocol RDP service handles packets. A remote attacker may exploit this issue by sending a sequence of specially crafted RDP...

10CVSS7.1AI score0.3897EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•5 views

Microsoft Office Memory Corruption (MS15-070: CVE-2015-2380)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS7AI score0.13715EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•12 views

Microsoft Internet Explorer Jscript9 Memory Corruption (MS15-065: CVE-2015-2419)

A remote code execution vulnerability exists in the way that the JScript engine, when rendered in Internet Explorer, handles objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer...

9.3CVSS4.3AI score0.44537EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•9 views

Microsoft Windows OLE Elevation of Privilege (MS15-075: CVE-2015-2417)

Elevation of privilege vulnerabilities exists in Microsoft Object Linking and Embedding OLE technology. The vulnerability is caused when OLE objects are improperly handled in memory. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

5CVSS6.4AI score0.10164EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•11 views

Microsoft Office Memory Corruption (MS15-070: CVE-2015-2377)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.13601EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•10 views

Microsoft Internet Explorer Information Disclosure (MS15-065: CVE-2015-2413)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to improperly handling requests for module resources. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of...

4.3CVSS5.7AI score0.15539EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•10 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2372)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.20243EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•10 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2389)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•11 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-1733)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•8 views

Microsoft Excel ASLR Bypass (MS15-070; CVE-2015-2375)

A security feature bypass vulnerability exists in Microsoft Excel. The vulnerability is caused when memory is released in an unintended manner. A remote attacker can exploit this issue by enticing a target user to open a specially crafted Excel file...

4.3CVSS6.1AI score0.1385EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•20 views

Microsoft Internet Explorer Cross-domain Information Disclosure (MS15-065: CVE-2015-1729)

An Information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to improper enforcement of cross-domain policies. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Interne...

4.3CVSS6AI score0.14943EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•15 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2411)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•9 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2391)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in parsing maliciously formed metadata. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affected version of Intern...

9.3CVSS7.1AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•17 views

Microsoft Windows Graphics Component Elevation of Privilege (MS15-072; CVE-2015-2364)

An elevation of privilege vulnerability exists in Windows Graphics Component. The vulnerability is due to an error in the way Windows Graphics component improperly process bitmap conversions. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted file in a...

7.2CVSS6.3AI score0.01799EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•13 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2388)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/14 12:0 a.m.•9 views

Microsoft Internet Explorer Memory Corruption (MS15-065: CVE-2015-2401)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.13021EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/07/13 12:0 a.m.•3 views

ManageEngine Applications Manager CommonAPIUtil getMGList groupId SQL Injection

An SQL injection vulnerability exists in ManageEngine Applications Manager. This vulnerability is due to insufficient validation of the groupId parameter when processing requests using the getMGList method of the CommonAPIUtil class...

2.8AI score
Exploits0
Total number of security vulnerabilities13538