Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2022/02/28 12:0 a.m.•10 views

Apache Storm Remote Code Execution (CVE-2021-40865)

A remote code execution vulnerability exists in Apache Storm. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.6AI score0.65587EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/02/27 12:0 a.m.•6 views

CWP Panel Remote Code Execution (CVE-2021-45467; CVE-2021-45466)

A remote code execution vulnerability exists in CWP Panel. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.4AI score0.70947EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2022/02/23 12:0 a.m.•5 views

SAP NetWeaver AS JAVA XML External Entity Injection (CVE-2016-9563)

An XML external entity injection vulnerability exists in SAP NetWeaver. Successful exploitation of this vulnerability could result in the disclosure of file contents from the target system...

4CVSS6.9AI score0.23805EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/23 12:0 a.m.•7 views

VMware vRealize Operations Manager API Server Side Request Forgery (CVE-2021-21975)

A sever-side request forgery vulnerability exists in VMware vRealize Operations Manager. Successful exploitation of this vulnerability could possibly lead to an attacker accessing administrative credentials...

5CVSS4.2AI score0.78435EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2022/02/22 12:0 a.m.•8 views

Adobe Magento Commerce Reflected Cross Site Scripting (CVE-2021-21029)

A reflected cross site scripting vulnerability exists in Adobe Magento Commerce. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

3.5CVSS4.8AI score0.84674EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/02/22 12:0 a.m.•8 views

Microsoft Windows Background Intelligent Transfer Service Privilege Escalation (CVE-2020-0787)

A privilege escalation exists in Microsoft Windows Background Intelligent Transfer Service. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

7.2CVSS5.3AI score0.42524EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2022/02/21 12:0 a.m.•5 views

IBM Planning Analytics Remote Code Execution (CVE-2019-4716)

A remote code execution vulnerability exists in IBM Planning Analytics. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS6.1AI score0.86441EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2022/02/21 12:0 a.m.•5 views

Asus Rt-N53 Buffer Overflow (CVE-2019-20082)

A buffer overflow vulnerability exists in ASUS RT-N53. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

7.5CVSS5.4AI score0.02038EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/02/21 12:0 a.m.•5 views

Mozilla Firefox IonMonkey JIT Compiler Type Confusion (CVE-2019-17026)

A type confusion vulnerability exists in Mozilla Firefox IonMonkey JIT Compiler. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.8AI score0.46589EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2022/02/21 12:0 a.m.•111 views

WordPress WP_Query SQL Injection (CVE-2022-21661)

An SQL injection vulnerability exists in WordPress WPQuery. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

5CVSS3.2AI score0.97795EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2022/02/21 12:0 a.m.•7 views

Apple iOS Use After Free (CVE-2021-30858)

A use after free vulnerability exists in Apple iOS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5AI score0.13486EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/20 12:0 a.m.•18 views

PHP XML Parser Remote Code Execution (CVE-2021-21707)

A remote code execution vulnerability exists in PHP XML Parser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5CVSS7.4AI score0.25951EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/02/17 12:0 a.m.•8 views

HP Multi-Function Printers Information Disclosure (CVE-2021-39237; CVE-2021-39238)

An information disclosure vulnerability exists in HP Multi-Function Printers. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

7.5CVSS3.1AI score0.12135EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/17 12:0 a.m.•13 views

SAP NetWeaver Application Server Remote Code Execution (CVE-2022-22536)

A remote code execution vulnerability exists in SAP NetWeaver Application Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.8AI score0.97945EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2022/02/17 12:0 a.m.•7 views

F5 BIG-IP Buffer Overflow (CVE-2021-22991)

A buffer overflow vulnerability exists in F5 BIG-IP. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

6.8CVSS5.7AI score0.61064EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2022/02/17 12:0 a.m.•8 views

MITRE Caldera Command Injection (CVE-2021-42561)

A command injection vulnerability exists in MITRE Caldera Human plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.5AI score0.19572EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2022/02/16 12:0 a.m.•3 views

Google Chrome WebGL Use After Free (CVE-2020-6492)

A use-after-free vulnerability exists in Google Chrome WebGL. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5AI score0.00699EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/02/16 12:0 a.m.•11 views

Zoho ManageEngine ServiceDesk Authentication Bypass (CVE-2021-37415)

An authentication bypass vulnerability exists in the Zoho ManageEngine ServiceDesk. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...

7.5CVSS6.5AI score0.99854EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/15 12:0 a.m.•16 views

Exim Use After Free (CVE-2020-28018)

A use after free vulnerability exists in Exim. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5AI score0.55834EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2022/02/15 12:0 a.m.•4 views

SonicWall Email Security Arbitrary File Upload (CVE-2021-20022)

An arbitrary file upload vulnerability exists in SonicWall Email Security. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.2AI score0.16509EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/09 12:0 a.m.•0 views

Emotet Maldoc Download Page

Emotet Maldoc Download Page is web page that automatically downloads malicious Microsoft Office documents to the victim's computer. Successful execution will infect the machine with the Emotet botnet and allow the attacker to take control of the infected machine and to download additional malware...

3.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/09 12:0 a.m.•11 views

Apache Airflow Authentication Bypass (CVE-2020-13927)

An authentication bypass vulnerability exists in Apache Airflow API. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...

7.5CVSS5AI score0.997EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2022/02/08 12:0 a.m.•4 views

Microsoft Windows DWM Core Library Elevation of Privilege (CVE-2022-21994)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS6.2AI score0.04196EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/08 12:0 a.m.•5 views

Microsoft Named Pipe File System Elevation of Privilege (CVE-2022-22715)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS5.5AI score0.12636EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/08 12:0 a.m.•8 views

Microsoft Windows Print Spooler Elevation of Privilege (CVE-2022-22718)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS5.7AI score0.18464EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2022/02/08 12:0 a.m.•4 views

Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2022-22000)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS7.9AI score0.04327EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/08 12:0 a.m.•6 views

Microsoft Windows Kernel Elevation of Privilege (CVE-2022-21989)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.9CVSS5.8AI score0.03193EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/08 12:0 a.m.•5 views

Microsoft Win32k Elevation of Privilege (CVE-2022-21996)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS6AI score0.03046EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/06 12:0 a.m.•11 views

Sitecore XP Remote Code Execution (CVE-2021-42237)

A remote code execution vulnerability exists in Sitecore XP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.2AI score0.99214EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2022/02/06 12:0 a.m.•13 views

SonicWall SMA100 Buffer Overflow (CVE-2021-20038)

A buffer overflow vulnerability exists in SonicWall SMA100. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

7.5CVSS5.2AI score0.99912EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2022/02/06 12:0 a.m.•16 views

Atlassian Confluence Server Arbitrary File Read (CVE-2021-26085; CVE-2021-26086)

An arbitrary file read vulnerability exists in Atlassian Confluence Server. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to access and read arbitrary file...

5CVSS4.6AI score0.99999EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2022/02/06 12:0 a.m.•1 views

D-Link Routers Cookie Command Injection

A command injection vulnerability exists in D-Link Routers Cookie header. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/02/02 12:0 a.m.•8 views

October CMS Authentication Bypass (CVE-2021-32648)

An authentication bypass vulnerability exists in October CMS. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

6.4CVSS6AI score0.90418EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/02/02 12:0 a.m.•14 views

Node.JS System Information Command Injection (CVE-2021-21315)

A command injection vulnerability exists in Node.JS System Information. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

4.6CVSS5.5AI score0.9024EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2022/02/02 12:0 a.m.•9 views

Oracle Business Intelligence Enterprise Edition Information Disclosure (CVE-2020-14864)

An information disclosure vulnerability exists in Oracle Business Intelligence Enterprise Edition. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

7.8CVSS2.7AI score0.97233EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2022/02/02 12:0 a.m.•9 views

Apache Druid Information Disclosure (CVE-2021-36749)

An information disclosure vulnerability exists in Apache Druid. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

4CVSS2.9AI score0.81038EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2022/01/31 12:0 a.m.•8 views

Google Chrome Heap Corruption (CVE-2021-37975)

A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.2AI score0.34887EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/01/25 12:0 a.m.•15 views

WordPress AccessPress Themes Webshell Upload (CVE-2021-24867)

An attacker might upload a webshell backdoor to WordPress AccessPress Themes. A successful exploitation might allow the attacker to run arbitrary code, or use the server as a bot for further attacks...

7.5CVSS3.1AI score0.18878EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/01/25 12:0 a.m.•6 views

Nagios XI Remote Code Execution (CVE-2021-40344)

A remote code execution vulnerability exists in Nagios XI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.7AI score0.66191EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/01/23 12:0 a.m.•11 views

H2 Database Console Remote Code Execution (CVE-2021-42392)

A remote code execution vulnerability exists in H2 Database Console. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.7AI score0.63211EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2022/01/17 12:0 a.m.•7 views

Micro Focus Access Manager SQL Injection (CVE-2021-22506)

An SQL Injection vulnerability exists in Micro Focus Access Manager. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

5CVSS5.5AI score0.25695EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/01/17 12:0 a.m.•5 views

Google Chrome Browser V8 Remote Code Execution (CVE-2021-30563)

A remote code execution vulnerability exists in Google Chrome Browser V8. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.6AI score0.08928EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/01/17 12:0 a.m.•5 views

Google Chromium V8 Engine Use-After-Free (CVE-2021-4102)

A use-after-free vulnerability exists in Google Chromium V8 Engine. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.3AI score0.07836EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/01/16 12:0 a.m.•6 views

IBM Data Risk Manager Authentication Bypass (CVE-2020-4427)

An authentication bypass vulnerability exists in IBM Data Risk Manager. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

9CVSS6.1AI score0.70031EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2022/01/16 12:0 a.m.•4 views

Google Chrome Remote Code Execution (CVE-2021-21224)

A remote code execution vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.7AI score0.57736EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/01/16 12:0 a.m.•13 views

FlashGet Buffer Overflow (CVE-2020-28967)

A buffer overflow vulnerability exists in the FlashGet download manager. The vulnerability is due to lack of proper validation of user data in 'current path directory' function...

9CVSS3.3AI score0.08889EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2022/01/16 12:0 a.m.•4 views

SonicWall Email Security Directory Traversal (CVE-2021-20023)

A directory traversal vulnerability exists in SonicWall Email Security. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

4CVSS5.5AI score0.51407EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/01/11 12:0 a.m.•6 views

Microsoft Windows Kernel Elevation of Privilege (CVE-2022-21881)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS5.8AI score0.25019EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2022/01/11 12:0 a.m.•24 views

Microsoft HTTP Protocol Stack Remote Code Execution (CVE-2022-21907)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS3.9AI score0.9279EPSS
Exploits21
Check Point Advisories
Check Point Advisories
•added 2022/01/11 12:0 a.m.•5 views

Microsoft Win32k Elevation of Privilege (CVE-2022-21887)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS6AI score0.01094EPSS
Exploits0
Total number of security vulnerabilities13538