Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/04/10 12:0 a.m.•7 views

Adobe Flash Player Information Disclosure (APSB14-09: CVE-2014-0508)

An information disclosure vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in the way Adobe Flash Player handles specially crafted SWF files. A remote attacker could exploit this vulnerability by enticing a user to open an HTML document containing an...

5CVSS0.8AI score0.04725EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/10 12:0 a.m.•41 views

VideoLAN VLC Media Player MMS Plugin Stack Buffer Overflow - ver 2 (CVE-2012-1775)

A stack buffer overflow vulnerability has been reported in VLC Media Player. The vulnerability is due to insufficient bounds checking in the MMS access plugin while copying a hostname into a stack buffer. A remote attacker can exploit this issue by convincing a target user to open a specially...

9.3CVSS6.7AI score0.44621EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/04/10 12:0 a.m.•22 views

IBM Lotus Domino LDAP Server Memory Exception (CVE-2006-0580; CVE-2006-4510)

A denial of service vulnerability exists in the IBM Lotus Domino LDAP Server component. The flaw is caused by improper validation of the user supplied data in an LDAP bind request. An attacker can exploit this vulnerability to terminate the target server which causes a denial of service condition...

10CVSS5.9AI score0.06477EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/09 12:0 a.m.•6 views

OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160; CVE-2014-0346)

An information disclosure vulnerability exists in OpenSSL. The vulnerability is due to an error when handling TLS/DTLS heartbeat packets. An attacker can leverage this vulnerability to disclose memory contents of a connected client or server...

1AI score0.99999EPSS
Exploits88
Check Point Advisories
Check Point Advisories
•added 2014/04/09 12:0 a.m.•11 views

Adobe Flash Player Use After Free Code Execution (APSB14-09: CVE-2014-0507)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error while loading specially crafted SWF files. A remote attacker can exploit this issue by enticing the victim to open a specially crafted SWF file...

9.3CVSS7.1AI score0.06442EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/09 12:0 a.m.•3 views

Adobe Flash Player Use After Free Code Execution (APSB14-09; CVE-2014-0506)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error while loading SWF files. A remote attacker can exploit this issue by enticing the victim to open a malicious web page...

7.2AI score0.0761EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/09 12:0 a.m.•19 views

RealNetworks RealPlayer SWF Frame Handling Buffer Overflow - ver 2 (CVE-2007-5400)

There exists a heap buffer overflow vulnerability in the RealNetworks RealPlayer product. The vulnerability is due to a design error within the handling of frames in Shockwave Flash SWF files. A remote attacker can exploit this vulnerability to create a heap overflow condition in the target...

2.6AI score0.06765EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•7 views

Nginx Request URI Verification Security Bypass (CVE-2013-4547)

There exists a security bypass vulnerability in Nginx. The vulnerability is caused by improper handling of unescaped space characters within URIs. A remote attacker can exploit this vulnerability to bypass security restrictions in certain configurations...

3.3AI score0.67718EPSS
Exploits15
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•1 views

Microsoft Internet Explorer 7

Internet Explorer 7 IE7 is an older version of Microsoft Internet Explorer. Using IE7 may indicate suspicious activity...

2.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•0 views

Illegal TCP Options

TCP packet options may contain illegal values. Attackers can use specially crafted TCP packets for remote network attacks...

7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•3 views

w3af Security Scanner

w3af is a vulnerability scanning product. Remote attackers can use w3af to detect vulnerabilities on a target server...

3.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•2 views

LibWhisker Security Scanner

LibWhisker is a vulnerability scanning product. Remote attackers can use LibWhisker to detect vulnerabilities on a target server...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•16 views

Microsoft Internet Explorer Memory Corruption (MS14-018: CVE-2014-1755)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.20344EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS14-018: CVE-2014-1752)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.20344EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•4 views

PostgreSQL Database Datetime Buffer Overflow (CVE-2014-0063)

A remote code execution vulnerability has been reported in PostgreSQL Database. The vulnerability is due to a stack buffer overflow when handling the Datetime string. A remote attacker can exploit the vulnerability by sending a malicious request to the target server...

3.5AI score0.06666EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•1 views

Nikto Security Scanner

Nikto is a vulnerability scanning product. Remote attackers can use Nikto to detect vulnerabilities on a target server...

3.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•11 views

Microsoft Internet Explorer Memory Corruption (MS14-018: CVE-2014-1753)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS4.1AI score0.20344EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•23 views

Microsoft Windows DirectShow JPEG Double Free (MS14-013; CVE-2014-0301) - ver 2

A double free vulnerability has been reported in Microsoft Windows DirectShow. The vulnerability is due to the way DirectShow handles JPEG images. A remote attacker can exploit this vulnerability by enticing a user to download and process a maliciously crafted JPEG file...

6.2AI score0.13974EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•4 views

Google Android addJavascriptInterface Remote Code Execution

A remote code execution vulnerability has been reported in Google Android prior to 4.2. The vulnerability is due to an error in the addJavascriptInterface method within the WebView class, commonly used in numerous mobile applications. A remote attacker can exploit this vulnerability by persuading...

7.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•5 views

Google Chrome V8 JavaScript Engine Memory Corruption (CVE-2014-1705)

A memory corruption vulnerability exist in Google Chrome. The vulnerability is due to an error while processing JavaScript code by the V8 JavaScript Engine. A remote attacker could exploit this vulnerability by enticing a user to open a malicious web page...

6.4AI score0.04822EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/08 12:0 a.m.•18 views

Microsoft Internet Explorer Memory Corruption (MS14-018: CVE-2014-1751)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.20344EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/07 12:0 a.m.•1 views

PHP JavaScript Website Redirection

A website redirection vulnerability has been reported in PHP. A remote attacker can exploit this vulnerability to load and run a malicious file served from a second compromised host...

1.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/07 12:0 a.m.•2 views

BlackHole Toolkit URL Pattern Remote Code Execution

BlackHole is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with BlackHole by enticing them to visit a specially crafted link...

5.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/07 12:0 a.m.•18 views

Autodesk AutoCAD Insecure Library Loading (CVE-2014-0819)

An insecure library loading vulnerability has been reported in AutoCAD. The vulnerability is due to an improper dynamic link library DLL search path leading to insecure library loading. A remote attacker could exploit this vulnerability by enticing a user to process an AutoCAD file from a malicio...

3.4AI score0.00428EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/06 12:0 a.m.•2 views

BSQL Automated SQL Injection tool

BSQL is an automated SQL Injection tool. Remote attackers can use BSQL to fetch data from the database and execute SQL statements...

8.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/06 12:0 a.m.•2 views

Havij Automated SQL Injection tool

Havij is an automated SQL Injection tool. Remote attackers can use Havij to fetch data from the database and execute SQL statements...

5.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/06 12:0 a.m.•2 views

Pangolin Automated SQL Injection tool

Pangolin is an automated SQL Injection tool. Remote attackers can use Pangolin to fetch data from the database and execute SQL statements...

8.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/06 12:0 a.m.•1 views

Sqlninja Automated SQL Injection tool

Sqlninja is an automated SQL Injection tool. Remote attackers can use Sqlninja to fetch data from the database and execute SQL statements...

8.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/06 12:0 a.m.•27 views

Lighttpd Host Header mod_mysql_vhost SQL Injection (CVE-2014-2323)

A SQL injection vulnerability has been reported in Lighttpd Web Server. The vulnerability is due to insufficient sanitization of user supplied input in the Host header field of a request. A remote attacker could exploit this vulnerability by placing specially crafted data in the Host header field...

1.9AI score0.61665EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/06 12:0 a.m.•2 views

Sqlmap Automated SQL Injection tool

Sqlmap is an automated SQL Injection tool. Remote attackers can use Sqlmap to fetch data from the database and execute SQL statements...

5.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/03 12:0 a.m.•0 views

Multiple PHP Servers R57shell Backdoor Command Execution

A command execution vulnerability has been reported in multiple PHP servers. The vulnerability is due to the existence of a backdoor file on the PHP server within a specific library. A remote attacker can exploit this vulnerability by sending a request to the malicious backdoor file...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/03 12:0 a.m.•13 views

Apache Camel XSLT Component XML External Entity (CVE-2014-0002)

An XML External Entity XXE vulnerability has been reported in Apache Camel. The vulnerability is due to an error in handling XSL stylesheets in the XSLT component. A remote, unauthenticated attacker can exploit this vulnerability to disclose the contents of files accessible to Apache Camel's Java...

9AI score0.32541EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/03 12:0 a.m.•41 views

Autodesk AutoCAD Insecure FAS Loading (CVE-2014-0818)

A code execution vulnerability has been reported in AutoCAD. The vulnerability is due to using improper search path when loading FAS files. A remote attacker could exploit this vulnerability by enticing a user to process an FAS file from a malicious source...

6.9AI score0.02493EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/02 12:0 a.m.•7 views

Apache HTTP Server mod_log_config Denial of Service (CVE-2014-0098)

A denial of service vulnerability has been reported in Apache HTTP server. The vulnerability is due to a log processing error in the modlogconfig module. A remote, unauthenticated attacker can leverage this vulnerability by sending a malicious request to the target server...

5CVSS7.3AI score0.25999EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/02 12:0 a.m.•19 views

EMC CMCNE FileUploadController Information Disclosure (CVE-2014-2276)

An information disclosure vulnerability has been reported in EMC Connectrix Manager Converged Network Edition. The vulnerability is due to insufficient input validation in the FileUploadController servlet when processing certain HTTP requests. A remote unauthenticated attacker can exploit this...

5CVSS6AI score0.02072EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/01 12:0 a.m.•3 views

JBroFuzz Security Scanner

JBroFuzz is a vulnerability scanning product. Remote attackers can use JBroFuzz to detect vulnerabilities on a target server...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•3 views

Google Chrome and Apple Safari Apple Webkit Ruby Memory Corruption - Ver2 (CVE-2011-1440)

A memory corruption vulnerability has been reported within Apple WebKit, a component of Apple Safari and Google Chrome web browsers and Apple iTunes. The vulnerability is due to an error in Apple Webkit while handling certain display properties within the ruby:before and ruby:after style sheet...

6.8CVSS7.1AI score0.01598EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•5 views

Adobe Acrobat JavaScript getIcon Method Buffer Overflow - Ver2 (CVE-2009-0927)

A buffer overflow vulnerability has been reported in Adobe Acrobat. The vulnerability is due to insufficient input validation in the getIcon method of a Collab object, while processing a crafted PDF file. Successful exploitation of this vulnerability could allow a remote attacker to execute...

8AI score0.96632EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•8 views

HP SiteScope issueSiebelCmd SOAP Request Code Execution - Ver2 (CVE-2013-4835)

A command execution vulnerability has been found in HP SiteScope. The vulnerability is due to lack of authentication when handling "issueSiebelCmd" SOAP requests. A remote unauthenticated attacker can exploit this vulnerability by sending crafted requests to the affected service...

7.5CVSS6.9AI score0.71003EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•11 views

Adobe Photoshop Tiff File RLE Compression Buffer Overflow - Ver2 (CVE-2012-2027)

A buffer overflow vulnerability has been reported in Adobe Photoshop. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5AI score0.13436EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•22 views

Apple Safari out-of-bounds access Denial of Service - Ver2 (CVE-2008-2001)

A denial-of-service vulnerability has been reported in Apple Safari. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.3AI score0.01941EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•7 views

Akarru main_content.php bm_content Parameter PHP Code Execution - Ver2 (CVE-2006-4645)

A code execution vulnerability has been reported in Akarru Social Bookmarking Engine. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.9AI score0.03282EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•12 views

HP Network Node Manager Cross-Site Scripting - Ver2 (CVE-2011-4156)

A cross-site scripting vulnerability has been reported in Hp Network Node Manager I. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

5.8AI score0.02327EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•35 views

Internet Explorer HtmlDlgHelper Class Memory Corruption - Ver2 (CVE-2010-3329)

A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted when a document in an HTML format is opened in Microsoft Word. Successful exploitation of...

7.1AI score0.28842EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•37 views

Microsoft DirectShow AVI Parser Heap Overflow - Ver2 (CVE-2010-0250)

A buffer overflow vulnerability has been reported in Microsoft DirectShow. The vulnerability is due to the way Microsoft DirectShow component handles specially crafted AVI files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected...

7.4AI score0.31862EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•1 views

Microsoft Internet Explorer 8

Internet Explorer 8 IE8 is an older version of Microsoft Internet Explorer. Using IE8 may indicate suspicious activity. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...

6.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•5 views

Oracle Java sun.tracing.ProviderSkeleton Sandbox Bypass Code Execution - Ver2 (CVE-2013-2460)

A code execution vulnerability has been reported in Oracle Java. The vulnerability is due to Oracle Java allowing calls to arbitrary static methods with user supplied arguments via the invoke method. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary...

9.3AI score0.70248EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•14 views

Microsoft Word Crafted Sprm Structure Stack Memory Corruption - Ver2 (CVE-2008-4837)

A memory corruption vulnerability has been reported in Microsoft Office Word. The vulnerability is due to an error in Microsoft Word that fails to properly handle Word files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected syst...

3.2AI score0.37422EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•4 views

MyNewsGroups layersmenu.inc.php myng_root Parameter PHP Code Execution - Ver2 (CVE-2006-3966)

A code execution vulnerability has been reported in MyNewsGroups. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6AI score0.04321EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•6 views

Java Applet JAX-WS Remote Code Execution - Ver2 (CVE-2012-5076)

A security bypass vulnerability has been reported in Java Runtime Environment JRE. The vulnerability is due to insufficient access restriction in the default Java security properties configuration. A remote attacker can exploit this vulnerability by enticing a target user to open an untrusted,...

10CVSS8.7AI score0.91013EPSS
Exploits18
Total number of security vulnerabilities13538