Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•4 views

Internet Explorer ASLR Bypass (MS15-009: CVE-2015-0069)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

4.3CVSS7AI score0.15458EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•6 views

Microsoft Internet Explorer Remote Code Execution (MS15-009: CVE-2015-0070)

A cross-site scripting vulnerability have been reported in Internet Explorer 9. The vulnerability is due to insufficient input validation while processing malformed request. A remote attacker may exploit this issue by enticing a target user to open a specially crafted web-page and run an arbitrar...

4.3CVSS6.3AI score0.1622EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0044)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•2 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0020)

A use after free vulnerability exists, where Internet Explorer attempts use a CTreeNode object that has been deleted. This vulnerability could be leveraged to execute arbitrary code in the context of the current user...

9.3CVSS7.1AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•5 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0067)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•5 views

Microsoft Internet Explorer Elevation of Privilege (MS15-009: CVE-2015-0055)

An elevation of privilege vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer validates permissions under specific conditions, potentially allowing script to be run with elevated privileges...

4.3CVSS6.3AI score0.10639EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0025)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15648EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•5 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0030)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.19515EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•33 views

Microsoft Windows SMB Security Feature Bypass (MS15-014; CVE-2015-0009)

A security feature bypass vulnerability exists in Microsoft Windows. The vulnerability is due to the way Group Policy settings are applied when SMB signing failures occur. An attacker can exploit this vulnerability by a man-in-the-middle attack that modifies domain controller responses to client...

3.3CVSS5.9AI score0.08074EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•4 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0036)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.16009EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•23 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0019)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.22268EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•30 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0037)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.26709EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•9 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0042)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.19101EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•5 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0041)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0068)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.22361EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•9 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0053)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•5 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0021)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•12 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0052)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0029)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•13 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0026)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•15 views

Microsoft Windows TrueType Font Parsing Remote Code Execution (MS15-010; CVE-2015-0059)

A remote code execution vulnerability exists in the Windows kernel-mode driver Win32k.sys. The vulnerability is caused when Windows kernel-mode driver improperly handles TrueType fonts. A remote attacker can exploit this issue by enticing a user to open a specially crafted TTF file...

6.9CVSS5.8AI score0.11104EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•13 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0045)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•10 views

Microsoft Word Memory Corruption (MS15-012: CVE-2015-0064)

A remote code execution vulnerability has been reported in Microsoft Word. The vulnerability is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially craft...

9.3CVSS7AI score0.29954EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0017)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•11 views

Microsoft Excel Memory Corruption (MS15-012: CVE-2015-0063)

A remote code execution vulnerability has been reported in Microsoft Excel. The vulnerability is due to an error in the way Microsoft Excel handles memory when opening specially crafted Office files. A remote attacker can exploit this issue by enticing a target user to open a specially crafted...

9.3CVSS7AI score0.16183EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•20 views

Microsoft Word OneTableDocumentStream Remote Code Execution (MS15-012; CVE-2015-0065)

A remote code execution vulnerability has been reported in Microsoft Word. The vulnerability is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially craft...

9.3CVSS7AI score0.30325EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/02/10 12:0 a.m.•24 views

Microsoft Internet Explorer Memory Corruption (MS15-009: CVE-2015-0023)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.16584EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/09 12:0 a.m.•31 views

SAP SQL Anywhere .NET Data Provider Column Alias Buffer Overflow (CVE-2014-9264)

A buffer overflow vulnerability exists in SAP SQL Anywhere .NET Data Provider. The vulnerability is caused by insufficient boundary checks in the handling of column aliases. If an application allows untrusted input to be used as the column alias in an SQL query, by sending crafted requests to the...

7.5CVSS3.8AI score0.03938EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/02/09 12:0 a.m.•19 views

Wordpress Shopping Cart Plugin Unrestricted File Upload (CVE-2014-9308)

An unauthorized file upload vulnerability has been reported in Wordpress Shopping Cart Plugin. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a remote attacker to...

6.5CVSS3.8AI score0.51617EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2015/02/09 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Corruption (APSB14-28: CVE-2014-9158)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS6.4AI score0.09731EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/09 12:0 a.m.•22 views

PHP Core unserialize process nested data Use After Free (CVE-2014-8142)

A code execution vulnerability has been reported in PHP core. The vulnerability is due to a use after free error when handling serialized objects with identical keys within the unserialize function. A remote attacker can exploit the vulnerability by sending crafted serialized data to a web...

7.5CVSS3.3AI score0.53166EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2015/02/04 12:0 a.m.•8 views

OpenSSL DTLS Anonymous ECDH Denial of Service (CVE-2014-3510)

A denial of service vulnerability has been reported in OpenSSL. The vulnerability is due to an unspecified issue when processing Anonymous ECDH cipher suites over DTLS connections. A remote unauthenticated attacker could exploit this vulnerability by sending a specially crafted packet to a target...

4.3CVSS3.5AI score0.16946EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/04 12:0 a.m.•4 views

Adobe Flash Player Remote Code Execution (APSA15-02: CVE-2015-0313)

Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code via unknown vector. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS8.1AI score0.95683EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2015/02/03 12:0 a.m.•38 views

Internet Explorer Same Origin Policy Bypass (CVE-2015-0072)

A same-origin policy bypass vulnerability has been reported in Microsoft Internet Explorer. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a web page. Successful exploitation can result in the disclosure of information about other web pages opened by...

4.3CVSS6AI score0.71698EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/02/03 12:0 a.m.•5 views

HanJuan Exploit Kit Landing Page (CVE-2015-0313)

HanJuan exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with HanJuan exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution...

10CVSS4.7AI score0.95683EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2015/02/03 12:0 a.m.•2 views

Adobe Flash Player Heap Buffer Overflow (APSB14-24: CVE-2014-0589)

A heap buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

10CVSS4.3AI score0.08702EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/03 12:0 a.m.•9 views

Schneider Electric ProClima ATX45 SetHtmlFileName Heap Buffer Overflow (CVE-2014-8511)

A code execution vulnerability has been reported in Schneider Electric ProClima. The vulnerability is due to a heap buffer overflow when processing user supplied parameter input to SetHtmlFileName in the Atx45.ocx ActiveX control. A remote unauthenticated attacker could exploit this vulnerability...

10CVSS7.5AI score0.04436EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/02 12:0 a.m.•3 views

Trihedral VTScada Web Interface Integer Overflow (CVE-2014-9192)

An integer overflow vulnerability has been reported in Trihedral VTScada. The vulnerability is due to improper bounds checking while handling crafted requests to the HTTP server. By providing a crafted Content-Length header value, an attacker is able to terminate the HTTP server, creating a denia...

5CVSS1.6AI score0.02694EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/02 12:0 a.m.•1 views

AlienVault OSSIM Arbitrary Command Injection

An arbitrary command injection vulnerability has been reported in AlienVault OSSIM. The vulnerability is due to insufficient validation of the password. A remote, authenticated attacker can exploit this vulnerability by sending maliciously crafted input to the affected server...

4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/02 12:0 a.m.•21 views

WordPress FancyBox Plugin Code Injection (CVE-2015-1494)

A code injection vulnerability has been reported in WordPress FancyBox Plugin. A remote attacker could inject arbitrary code into the FancyBox Plugin code via crafted parameters...

4.3CVSS5.6AI score0.06407EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/02/02 12:0 a.m.•7 views

Zend PHP Advanced Local File Inclusion (CVE-2010-2094)

This vulnerability class creates a new method for attackers for exploiting file inclusion vulnerabilities. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the compromised machine...

6.8CVSS6.6AI score0.12652EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/02/01 12:0 a.m.•3 views

Zend PHP Auto Loading Mechanism Local File Inclusion

This vulnerability is due to unexpected behavior of the Auto-Loading mechanism in the PHP language. Successful exploitation of this vulnerability could allow a remote attacker to include arbitrary files found on the server and could possibly lead to remote code execution...

4.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/01 12:0 a.m.•27 views

OpenSSL DTLS SRTP Extension Parsing Denial of Service (CVE-2014-3513)

A denial-of-service vulnerability exists in OpenSSL. A remote, unauthenticated attacker can send crafted handshake messages to cause memory leaks, exhaust system memory and create a denial of service condition on an application using the vulnerable library...

7.1CVSS3.6AI score0.37072EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/01 12:0 a.m.•5 views

Adobe Flash Player Double Free (APSB15-03: CVE-2015-0312)

A double free memory vulnerability has been reported in Adobe Flash Player. The issue occurs while sharing a bytearray between two workers. If one worker calls bytearray.compress while the other uses that bytearray, the code does not handle the race correctly and leads to double free, which can...

9.3CVSS1.3AI score0.07078EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/02/01 12:0 a.m.•11 views

Magento eCommerce Web Sites SQL Injection (CVE-2015-1397)

An SQL injection vulnerability has been reported in Magento component. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

6.5CVSS8.1AI score0.56686EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/02/01 12:0 a.m.•12 views

Magento eCommerce Web Sites Authentication Bypass (CVE-2015-1398)

An authentication bypass vulnerability was reported in Magento component. The vulnerability is due to a user controlled parameter affecting the login mechanism. A remote attacker can exploit this issue by sending a specially crafted HTTP request to a vulnerable system. Successful exploitation may...

6.5CVSS6.9AI score0.14396EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/02/01 12:0 a.m.•15 views

Magento eCommerce Web Sites Remote File Inclusion (CVE-2015-1399)

A remote file inclusion vulnerability has been reported in Magento component. The vulnerability is due to lack of sanitization for user-supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS7.2AI score0.10071EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/01/29 12:0 a.m.•6 views

Adobe Flash Player Type Confusion (APSB15-01: CVE-2015-0305)

A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...

9.3CVSS3.1AI score0.06098EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/29 12:0 a.m.•2 views

Adobe Flash Player Heap Buffer Overflow (APSB15-01: CVE-2015-0309)

A heap buffer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

10CVSS4.3AI score0.08742EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/29 12:0 a.m.•5 views

Adobe Flash Player Type Confusion (APSB15-05: CVE-2015-0336)

A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...

9.3CVSS3.1AI score0.71536EPSS
Exploits4
Total number of security vulnerabilities13538