Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2021/10/31 12:0 a.m.•10 views

WordPress XCloner Backup Plugin Remote Code Execution (CVE-2020-35948)

A remote code execution vulnerability exists in WordPress XCloner Backup plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS9AI score0.24937EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/10/20 12:0 a.m.•4 views

DRK Odenwaldkreis Testerfassung Command Injection (CVE-2021-35062)

A command injection vulnerability exists in NETGEAR. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9.3CVSS8.6AI score0.01462EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/10/20 12:0 a.m.•0 views

Projectsend Cross Site Scripting

A cross-site scripting vulnerability exists in Projectsend. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

6.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/10/20 12:0 a.m.•15 views

FUEL CMS SQL Injection (CVE-2021-38727)

A SQL injection vulnerability exists in FUEL CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.9AI score0.01557EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/10/20 12:0 a.m.•5 views

Netgear R6020 Command Injection (CVE-2021-41383)

A command injection vulnerability exists in Netgear R6020. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS7.6AI score0.0155EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/10/19 12:0 a.m.•10 views

Simple Water Refilling Station Management System SQL Injection (CVE-2021-38840)

An SQL injection vulnerability exists in Simple Water Refilling Station Management System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS10AI score0.02467EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/10/19 12:0 a.m.•27 views

p0wny Shell Remote Code Execution (CVE-2017-9830; CVE-2018-15139; CVE-2018-19423; CVE-2018-6383; CVE-2020-29607; CVE-2021-24155; CVE-2021-24347)

p0wny Shell is a PHP shell. An attacker might use this shell to execute arbitrary code on the affected system...

7.5CVSS8.4AI score0.84112EPSS
Exploits38
Check Point Advisories
Check Point Advisories
•added 2021/10/18 12:0 a.m.•91 views

Apache HTTP Server Server-Side Request Forgery (CVE-2021-40438)

A Server Side Request Forgery vulnerability exists in Apache HTTP Server. A remote attacker may exploit this issue by making a specially crafted HTTP request. Successful exploitation would allow attackers to create HTTP requests on behalf of the vulnerable server...

6.8CVSS9.1AI score0.99999EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/10/13 12:0 a.m.•8 views

HomeMatic Remote Code Execution (CVE-2021-33032)

A remote code execution vulnerability exists in Homematic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS9.6AI score0.52161EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/10/13 12:0 a.m.•3 views

Microsoft SharePoint Server Remote Code Execution (CVE-2021-40487)

A remote code execution vulnerability exists in Microsoft SharePoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS8.5AI score0.46339EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/10/12 12:0 a.m.•15 views

Microsoft Win32k Elevation of Privilege (CVE-2021-40449)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS7.8AI score0.73381EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2021/10/12 12:0 a.m.•5 views

Microsoft Win32k Elevation of Privilege (CVE-2021-41357)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS7.8AI score0.01968EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/10/12 12:0 a.m.•4 views

Microsoft Win32k Elevation of Privilege (CVE-2021-40450)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS7.8AI score0.01968EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/10/12 12:0 a.m.•3 views

Adobe Acrobat and Reader Out-of-bounds Write (APSB21-104: CVE-2021-40731)

An out of bounds write vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

6.8CVSS7AI score0.08005EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/10/12 12:0 a.m.•8 views

Adobe Acrobat and Reader Use After Free (APSB21-104: CVE-2021-40728)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS7.7AI score0.53533EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/10/12 12:0 a.m.•4 views

Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-40466)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS7.8AI score0.00636EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/10/12 12:0 a.m.•4 views

Microsoft DirectX Graphics Kernel Elevation of Privilege (CVE-2021-40470)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS8.4AI score0.00636EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/10/12 12:0 a.m.•2 views

Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-40467)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS7.8AI score0.0053EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/10/12 12:0 a.m.•4 views

Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-40443)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS7.8AI score0.00636EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/10/12 12:0 a.m.•4 views

Adobe Acrobat and Reader Out-of-bounds Read (APSB21-104: CVE-2021-40729)

An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

4.3CVSS5.3AI score0.04144EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/10/10 12:0 a.m.•11 views

Strapi Remote Code Execution (CVE-2019-19609)

A remote code execution vulnerability exists in Strapi framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS7.8AI score0.54081EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2021/10/10 12:0 a.m.•4 views

Pear Admin Think Arbitrary File Upload (CVE-2021-29377)

An arbitrary file upload vulnerability exists in Pear Admin Think. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.4AI score0.01603EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/10/10 12:0 a.m.•3 views

WordPress Support Board Plugin SQL Injection (CVE-2021-24741)

An SQL injection vulnerability exists in Support Board WordPress plugin before 3.3.4. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS10AI score0.05516EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/10/07 12:0 a.m.•3 views

ShowDoc Unrestricted File Upload (CVE-2021-36440)

An unrestricted file upload vulnerability exists in ShowDoc. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.4AI score0.04688EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/10/07 12:0 a.m.•9 views

Nascent RemKon Device Manager Remote Code Execution (CVE-2021-38613; CVE-2021-38611)

A remote code execution vulnerability exists in Nascent RemKon Device Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS9.5AI score0.04549EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/10/06 12:0 a.m.•32 views

Apache HTTP Server Directory Traversal (CVE-2021-41773; CVE-2021-42013)

A directory traversal vulnerability exists in Apache HTTP Server. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

7.5CVSS8.7AI score0.99992EPSS
Exploits173
Check Point Advisories
Check Point Advisories
•added 2021/10/04 12:0 a.m.•6 views

Eyoucms Server Side Request Forgery (CVE-2021-39497)

A sever-side request forgery vulnerability exists in Eyoucms. The vulnerability is due to a lack of validation on the subdomain parameter in HTTP requests. Successful exploitation of this vulnerability could allow an unauthenticated attacker to make a request to any internal and external server...

7.5CVSS8.9AI score0.02282EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/10/04 12:0 a.m.•5 views

Trend Micro Smart Protection Server Directory Traversal (CVE-2016-6269)

A directory traversal vulnerability exists in Trend Micro Smart Protection Server. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

7.5CVSS8.7AI score0.03723EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•4 views

Ubiquiti Multiple Products Arbitrary File Upload (CVE-2015-9266)

An arbitrary file upload vulnerability exists in multiple Ubiquiti Products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS9.4AI score0.73999EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•4 views

Nuance Winscribe Dictation SQL Injection (CVE-2021-37599)

An SQL injection vulnerability exists in Nuance Winscribe Dictation. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS10AI score0.03104EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•0 views

HP OfficeJet Cross Site Scripting

A stored cross-site scripting vulnerability exists in HP OfficeJet. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

6.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•6 views

Sunhillo SureLine Command Injection (CVE-2021-36380)

A command injection vulnerability exists in Sunhillo SureLine. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS9.7AI score0.97599EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•3 views

J2eeFAST SQL Injection (CVE-2021-28890)

An SQL injection vulnerability exists in J2eeFAST. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS10AI score0.0134EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•4 views

F5 BIG-IQ Command Injection (CVE-2021-23024)

A command injection vulnerability exists in F5 BIG-IQ. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS7.6AI score0.05346EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•6 views

Sourcecodester Sales Management System Arbitrary File Upload (CVE-2021-36623)

An arbitrary file upload vulnerability exists in Sourcecodester Sales Management System. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.4AI score0.01836EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•9 views

Trend Micro Password Manager Command Injection (CVE-2016-3987)

A command injection vulnerability exists in Trend Micro Password Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS9.7AI score0.22304EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•1 views

Eaton Network Shutdown Module Code Injection

A code injection vulnerability exists in Eaton. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

8.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•6 views

Symantec Web Gateway Local File Inclusion (CVE-2012-2957)

A local file inclusion vulnerability exists in Symantec Web Gateway. Successful exploitation of this vulnerability could allow a remote attacker to damage user systems...

7.2CVSS6AI score0.59287EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•4 views

Moxa Multiple Products Command Injection (CVE-2021-39279)

A command injection vulnerability exists in Multiple Moxa Products. Successful exploitation of this vulnerability could allow a remote, authenticated attacker to execute arbitrary commands on the affected system...

9CVSS8.9AI score0.04614EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•0 views

Web Servers Directory Traversal Evasion Attempt

A directory traversal vulnerability exists multiple web servers. The vulnerability is due to an input validation error in the web server that does not properly sanitize directory traversal patterns. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on...

6.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•9 views

Dell EMC OpenManage Server Administrator Authentication Bypass (CVE-2021-21513)

An authentication bypass vulnerability exists in Dell EMC OpenManage Server Administrator. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...

7.5CVSS9.3AI score0.0574EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•4 views

Eaton IPM Arbitrary File Deletion (CVE-2021-23278)

An arbitrary file deletion vulnerability exists in Eaton Intelligent Power Management and Eaton Intelligent Power Protector. The vulnerability is due to missing input validation in mapssrv.js and nodeupgradesrv.js...

5.5CVSS9AI score0.01015EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•1 views

PHP Session Upload Progress Remote Code Execution

A remote code execution vulnerability exists in PHP PHPSESSIONUPLOADPROGRESS session. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

8.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•4 views

Ampache Cross Site Scripting (CVE-2021-32644)

A cross site scripting vulnerability exists in Ampache. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

3.5CVSS5.4AI score0.00843EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•3 views

LG Network Attached Storage Command Injection (CVE-2021-38306)

A command injection vulnerability exists in LG Network Attached Storage. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS9.7AI score0.08955EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•2 views

RaspAP Command Injection (CVE-2021-38556)

A command injection vulnerability exists in RaspAP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

6.5CVSS9.1AI score0.13039EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•13 views

WordPress ProfilePress Plugin Privilege Escalation (CVE-2021-34621)

A privilege escalation exists in WordPress ProfilePress plugin. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

7.5CVSS9.1AI score0.68862EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•5 views

Seacms Remote Code Execution (CVE-2021-37358)

A remote code execution vulnerability exists in Seacms. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.6AI score0.02335EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•11 views

TP-Link Multiple Products Remote Code Execution (CVE-2020-35575)

A remote code execution vulnerability exists in Multiple TP-Link Products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.5AI score0.07643EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/09/29 12:0 a.m.•3 views

Google Chrome Heap Corruption (CVE-2021-21225)

A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS9.2AI score0.06625EPSS
Exploits0
Total number of security vulnerabilities13538