Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1718)

A use-after-free vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.1AI score0.15631EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•9 views

Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1696)

A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...

9.3CVSS3.9AI score0.17767EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/11 12:0 a.m.•3 views

Attachmate Reflection FTP Client PWD Command Buffer Overflow (CVE-2014-5211)

A stack-based buffer overflow vulnerability exists in Attachmate Reflection FTP Client. The vulnerability is caused by insufficient boundary checking while processing PWD command responses. An attacker could exploit this vulnerability by enticing a user to access an FTP server that sends speciall...

6.8CVSS3.2AI score0.02842EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/11 12:0 a.m.•2 views

Adobe Reader U3D array boundary code execution (APSB10-02: CVE-2009-3953)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS6.2AI score0.83855EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2015/05/11 12:0 a.m.•7 views

Digium Asterisk res_pjsip_pubsub Module SIP SUBSCRIBE Type Confusion Denial of Service (CVE-2014-6609)

A denial of service vulnerability exists in Asterisk Open Source. The vulnerability is due to the way SIP SUBSCRIBE requests with unexpected mixes of headers for a given event package are handled. Remote, unauthenticated attackers could exploit this vulnerability by sending malformed SIP SUBSCRIB...

4CVSS3.1AI score0.03614EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/11 12:0 a.m.•6 views

Adobe Flash Player Same Origin Policy Bypass (APSB14-21: CVE-2014-0548)

A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

7.5CVSS4.1AI score0.04816EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/11 12:0 a.m.•10 views

Microsoft .NET Framework Denial of Service (MS15-048: CVE-2015-1672)

A Denial of Service vulnerability has been reported in the Microsoft .Net Framework. The vulnerability is due to an error in the way that Microsoft .Net Framework handles XML documents with an invalid EncryptedData element. A remote attacker could exploit this vulnerability by sending specially...

5CVSS6.2AI score0.17501EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/11 12:0 a.m.•11 views

ManageEngine Multiple Products Multiple Directory Traversal (CVE-2014-7866)

A directory traversal vulnerability exists in ManageEngine OpManager, Social IT Plus and IT360. The vulnerability is due to lack of authentication and insufficient input validation in HTTP requests. A remote unauthenticated attacker can exploit this vulnerability by uploading arbitrary files to...

7.5CVSS2.5AI score0.79759EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2015/05/10 12:0 a.m.•33 views

Fortinet Single Sign On Hello Message Multiple Vulnerabilities - ver 2 (CVE-2015-2281)

Multiple Vulnerabilities exists in Fortinet Single Sign On FSSO. The vulnerabilities are due to a lack of adequate validation of user supplied input when processing HELLO messages. A remote, unauthenticated attacker could exploit these vulnerabilities by sending a specially crafted HELLO message ...

7.5CVSS2.2AI score0.10333EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/05/07 12:0 a.m.•11 views

IBM Tivoli Storage Manager FastBack Mount Opcode 0x09 Stack Buffer Overflow (CVE-2015-0119)

A stack-based buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack Mount. The vulnerability is due to insufficient input validation of opcode 0x09 messages before copying user-supplied data into a stack buffer. A remote unauthenticated attacker could exploit this...

7.5CVSS7.5AI score0.02654EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/07 12:0 a.m.•8 views

GNU C Library glibc getanswer_r Buffer Overflow (CVE-2015-1781)

A code execution vulnerability exists in GNU C Library. The vulnerability is due to an error within the getanswerr function when handling DNS response resulting in a buffer overflow. A remote attacker can exploit this vulnerability by providing a specially-crafted DNS response to an application...

6.8CVSS3.7AI score0.05012EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/07 12:0 a.m.•5 views

Novell ZENworks Configuration Management GetStoredResult.class SQL Injection (CVE-2015-0780)

An SQL injection vulnerability exists in ZENworks Configuration Management. The vulnerability is due to insufficient sanitization of the input parameter in the GetReRequestData method of the GetStoredResult class before it is used in an SQL query. A remote attacker can exploit this vulnerability ...

7.5CVSS3.5AI score0.08217EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/07 12:0 a.m.•14 views

ESF pfSense webgui deletefile Directory Traversal (CVE-2015-2295)

A directory traversal vulnerability has been reported in Electric Sheep Fencing pfSense firewall. This vulnerability is due to insufficient validation of the deletefile HTTP request parameter in "/systemfirmwarerestorefullbackup.php". By convincing an authenticated user to click on a crafted link...

6.8CVSS2.5AI score0.65927EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/05/04 12:0 a.m.•2 views

RIG Exploit Kit Landing Page

RIG exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...

3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/29 12:0 a.m.•18 views

Novell ZENworks Configuration Management UploadServlet Directory Traversal (CVE-2015-0779)

A directory traversal vulnerability exists in Novell ZENworks Configuration Management. The vulnerability is due to insufficient input validation within the ZENworks Server's UploadServlet. Remote unauthenticated attackers can leverage this vulnerability to upload malicious files anywhere onto th...

10CVSS4.4AI score0.74516EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2015/04/29 12:0 a.m.•26 views

PHP Core unserialize process nested data Use After Free - ver 2 (CVE-2014-8142; CVE-2015-0231)

A code execution vulnerability has been reported in PHP core. The vulnerability is due to a use after free error when handling serialized objects with identical number key names within the unserialize function. A remote attacker can exploit the vulnerability by sending crafted serialized data to ...

7.5CVSS2.5AI score0.53166EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2015/04/29 12:0 a.m.•78 views

ProFTPD mod_copy Unauthenticated Remote File Copying (CVE-2015-3306)

A remote file copying vulnerability exists in ProFTPD. The vulnerability is due to a design weakness within module modcopy. Successful exploitation would result in arbitrary code execution on target system...

10CVSS3.7AI score0.96803EPSS
Exploits21
Check Point Advisories
Check Point Advisories
•added 2015/04/28 12:0 a.m.•6 views

WordPress Overly Long Comment Cross-Site Scripting (CVE-2015-3440)

A cross-site scripting vulnerability has been reported in WordPress comment mechanism. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system, and possibly gain root privileges...

4.3CVSS4.9AI score0.17945EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/04/26 12:0 a.m.•7 views

Microsoft ExchangeDLP Cross Site Scripting (MS15-026; CVE-2015-1629)

An elevation of privilege vulnerability exists in Microsoft Exchange Server. The vulnerability is caused when Microsoft Exchange Server does not properly sanitize page content in Outlook Web App. A remote attacker can exploit this issue by modifying certain properties within Outlook Web App and...

4.3CVSS6.3AI score0.08876EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/26 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-0360)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted mp4 file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted mp4 file...

10CVSS4.5AI score0.05989EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/26 12:0 a.m.•45 views

Fortinet Single Sign On Hello Message Multiple Vulnerabilities (CVE-2015-2281)

Multiple Vulnerabilities exists in Fortinet Single Sign On FSSO. The vulnerabilities are due to a lack of adequate validation of user supplied input when processing HELLO messages. A remote, unauthenticated attacker could exploit these vulnerabilities by sending a specially crafted HELLO message ...

7.5CVSS2.3AI score0.10333EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/04/22 12:0 a.m.•3 views

Adobe Flash Player Use After Free Remote Code Execution (APSB15-06: CVE-2015-0351)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS3.4AI score0.0785EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/21 12:0 a.m.•3 views

Microsoft Windows System CallBack Privilege Escalation (CVE-2015-1701)

A privilege escalation vulnerability has been reported in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

7.2CVSS5.3AI score0.562EPSS
Exploits38
Check Point Advisories
Check Point Advisories
•added 2015/04/21 12:0 a.m.•7 views

Adobe Flash Player ActionScript Object Remote Code Execution (APSB15-06: CVE-2015-3043)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a memory corruption in Adobe Flash Player. A remote attacker can exploit this vulnerability by enticing a target user to open a web page containing a specially crafted SWF file...

10CVSS3.4AI score0.7983EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2015/04/20 12:0 a.m.•4 views

Unzip Extra Field Uncompressed Size Buffer Overflow (CVE-2014-9636)

A buffer overflow vulnerability exists in Info-ZIP UnZip tool. The vulnerability is due to insufficient bounds checking on user-supplied input while handling ZIP files. A remote unauthenticated attacker can exploit these vulnerabilities by enticing a target user to open a crafted ZIP archive with...

5CVSS2.8AI score0.11562EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/20 12:0 a.m.•3 views

Lexmark Markvision Enterprise LibraryFileUploadServlet Directory Traversal (CVE-2014-9375)

A directory traversal vulnerability has been reported in Lexmark Markvision Enterprise. The vulnerability is due to insufficient input validation in LibraryFileUploadServlet when processing zip files. A remote, unauthenticated attacker could exploit this vulnerability by enticing the target user ...

9CVSS3.5AI score0.0319EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/20 12:0 a.m.•3 views

OpenSSL ASN1_TYPE_cmp Denial of Service (CVE-2015-0286)

A denial of service vulnerability exists in OpenSSL. The vulnerability is due to a null pointer dereference error when an OpenSSL application receives and processes a crafted certificate...

5CVSS2.9AI score0.20706EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/20 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-3042)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.4AI score0.36806EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/04/20 12:0 a.m.•3 views

Adobe Flash Player Security Bypass(APSB15-06: CVE-2015-3044)

A security bypass vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient security restrictions while handling specially crafted SWF files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file using...

5CVSS2.8AI score0.09395EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/20 12:0 a.m.•17 views

Apache Qpid Sequence Set Denial of Service (CVE-2015-0203)

A denial of service vulnerability exists in Apache Qpid. The vulnerability is due to way the Qpid daemon qpidd processes certain protocol sequences. A remote, unauthenticated attacker could exploit this vulnerability by sending a control or command assembly with malicious parameters. Successful...

4CVSS3.9AI score0.08682EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/19 12:0 a.m.•3 views

Mozilla Firefox XrayWrapper Policy Bypass (CVE-2014-8636)

A policy bypass vulnerability has been reported in Mozilla Firefox and SeaMonkey. The vulnerability is due to an issue with processing the derived trap has. A remote attacker can exploit this vulnerability by enticing a victim to open a maliciously crafted webpage...

7.5CVSS2.1AI score0.65657EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/04/19 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-0358)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.4AI score0.10378EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/16 12:0 a.m.•6 views

SolarWinds Orion GetAccountGroups Multiple SQL Injections (CVE-2014-9566)

Multiple SQL injection vulnerabilities have been reported in SolarWinds products. These vulnerabilities are due to insufficient validation of certain parameters when processed by GetAccountGroups. Remote attackers could exploit this vulnerability by sending HTTP requests with a crafted dir or sor...

7.5CVSS2.2AI score0.47749EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2015/04/16 12:0 a.m.•4 views

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-0354)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted MPEG-2 transport stream file. A remote attacker can exploit this issue and lead to code execution...

10CVSS5.8AI score0.05989EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/16 12:0 a.m.•3 views

Max Ping Echo Reply Size

An attacker might send an echo reply with large data, trying to compromise the security of the victim's machine...

1.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/16 12:0 a.m.•4 views

Adobe Flash Player Double Free (APSB15-06: CVE-2015-0359)

A code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a double-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF fil...

10CVSS3.9AI score0.95184EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/04/16 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-3041)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.4AI score0.05989EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/04/16 12:0 a.m.•5 views

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-3038)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted swf file. A remote attacker can exploit this issue and lead to code execution...

10CVSS5.9AI score0.06966EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/16 12:0 a.m.•4 views

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-0353)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted MPEG-2 TS file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted MPEG-2 TS file...

10CVSS4.3AI score0.05989EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/16 12:0 a.m.•8 views

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-0355)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted MPEG-2 TS file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted MPEG-2 TS file...

10CVSS4.3AI score0.05989EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/16 12:0 a.m.•3 views

Adobe Flash Player Memory Leakage (APSB15-06: CVE-2015-0357)

A memory leakage vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

5CVSS4.5AI score0.0521EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/16 12:0 a.m.•2 views

Adobe Flash Player Type Confusion (APSB15-06: CVE-2015-0356)

A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...

10CVSS3.1AI score0.06744EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/16 12:0 a.m.•3 views

Adobe Flash Player Memory Leak (APSB15-06: CVE-2015-3040)

A memory leak vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Flash Player while handling specially crafted swf files. A remote attacker can exploit this issue by enticing a target user to open a malicious website containing a specially crafted swf...

5CVSS2.1AI score0.04795EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/15 12:0 a.m.•6 views

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-0347)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.4AI score0.06219EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/15 12:0 a.m.•2 views

Adobe Flash Player Buffer Overflow (APSB15-06: CVE-2015-0348)

A buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

10CVSS5.3AI score0.08759EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/15 12:0 a.m.•3 views

Adobe Flash Use After Free Code Execution (APSB15-06: CVE-2015-0349; CVE-2015-3039)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS4.1AI score0.08151EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/15 12:0 a.m.•1 views

Adobe Flash Player Double Free (APSB15-06: CVE-2015-0346)

A double free vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error caused by an attempt of handling specially crafted SWF files. Successful exploitation would allow an attacker to execute arbitrary code...

10CVSS3.5AI score0.10378EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/15 12:0 a.m.•3 views

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-0350)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted JPEG-XR images. A remote attacker can exploit this issue and lead to code execution...

10CVSS6.1AI score0.05989EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/15 12:0 a.m.•6 views

Adobe Flash Player Memory Corruption (APSB15-06: CVE-2015-0352)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted MP4 file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted MP4 file...

10CVSS4.5AI score0.05989EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/04/14 12:0 a.m.•4 views

Microsoft Internet Explorer Memory Corruption (MS15-032: CVE-2015-1665)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15789EPSS
Exploits0
Total number of security vulnerabilities13538