Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2021/08/26 12:0 a.m.•2 views

Cisco SD-WAN vManage Remote Code Execution (CVE-2020-3387)

A remote code execution vulnerability exists in Cisco SD-WAN vManage. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.2AI score0.14073EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/08/26 12:0 a.m.•5 views

Nagios XI WatchGuard Wizard Command Injection (CVE-2021-37346)

A command injection vulnerability exists in Nagios XI. The vulnerability is due to insufficient input validation of the requests submitted to the watchguard.inc.php...

7.5CVSS2.8AI score0.73586EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/26 12:0 a.m.•11 views

Oracle Fusion Middleware BI Publisher Arbitrary File Upload (CVE-2021-2392)

An arbitrary file upload vulnerability exists in Oracle Business Intelligence. This vulnerability is due to insufficient input validation in the UploadFndDBCPage class...

9CVSS2.7AI score0.03119EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/26 12:0 a.m.•5 views

Omron CX-One Stack Buffer Overflow (CVE-2020-27261)

A stack-based overflow exists in the CX-Position module of OMRON CX-One. The vulnerability is due to input validation error when processing NCI configuration files...

6.8CVSS4.1AI score0.07612EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/26 12:0 a.m.•6 views

Rapid7 Nexpose SQL Injection (CVE-2020-7383)

An SQL injection vulnerability exists in Rapid7 Nexpose. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

5.5CVSS5.2AI score0.01123EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/24 12:0 a.m.•0 views

WordPress Social Warfare Plugin Remote Code Execution

A remote code execution vulnerability exists in WordPress Social Warfare Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/24 12:0 a.m.•9 views

Centreon MediaWiki SQL Injection (CVE-2021-37558)

An SQL injection vulnerability exists in Centreon MediaWiki. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS6AI score0.02115EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/08/23 12:0 a.m.•19 views

Oracle E-Business Suite Sales Offline Denial of Service (CVE-2021-2189)

An infinite loop vulnerability exists in the Sales Offline component of Oracle E-Business Suite. The vulnerability is due to improper handling of requests by the authentication component of Sales Offline...

5CVSS8.3AI score0.147EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/23 12:0 a.m.•2 views

Advantech iView runProViewUpgrade Command Injection (CVE-2021-32930)

A remote command execution exists in Advantech iView. The vulnerability is due to improper input sanitization...

7.5CVSS4.4AI score0.08055EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/23 12:0 a.m.•13 views

Buffalo Routers Directory Traversal (CVE-2021-20090; CVE-2021-20091)

A directory traversal vulnerability exists in Buffalo routers. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

7.5CVSS5.9AI score0.99983EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/08/18 12:0 a.m.•11 views

WordPress Modern Events Calendar Plugin Remote Code Execution (CVE-2021-24145)

A remote code execution vulnerability exists in WordPress Modern Events Calendar Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.5AI score0.88158EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2021/08/17 12:0 a.m.•11 views

Mimosa PTP Devices Stored Cross Site Scripting (CVE-2020-25205)

A cross-site scripting vulnerability exists in Mimosa PTP Devices. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS4.7AI score0.00905EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/08/17 12:0 a.m.•17 views

Xiaomi Mi WiFi R3G Remote Code Execution (CVE-2019-18370)

A remote code execution vulnerability exists in Xiaomi Mi WiFi R3G. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS6.3AI score0.40295EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/08/16 12:0 a.m.•15 views

Mimosa Devices Command Injection (CVE-2020-25206)

A command injection vulnerability exists in Mimosa. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS6.3AI score0.05312EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/08/12 12:0 a.m.•7 views

Microsoft Windows Update Medic Service Privilege Escalation (CVE-2021-36948)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS5.5AI score0.1991EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/11 12:0 a.m.•6 views

Apache Pulsar JSON Web Token Authentication Bypass (CVE-2021-22160)

An authentication bypass vulnerability exists in the JSON Web Token authentication module of Apache Pulsar. The vulnerability is due to improper handling of unsigned JSON Web Tokens...

7.5CVSS2.2AI score0.52926EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/11 12:0 a.m.•0 views

Zoho ManageEngine Applications Manager URL monitor SQL Injection

A SQL injection vulnerability exists in the Zoho ManageEngine Applications Manager. The vulnerability is due to improper validation of user-supplied input when processing the request in URL monitor module...

2.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/11 12:0 a.m.•8 views

Compal ConnectBox Remote Code Execution (CVE-2019-13025)

A remote code execution vulnerability exists in Compal ConnectBox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.6AI score0.03321EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/08/11 12:0 a.m.•5 views

Advantech iView deleteZtpConfig SQL Injection (CVE-2021-32932)

A SQL injection vulnerability exists in the Advantech iView. The vulnerability is due to improper validation of user-supplied input when processing the request in method in Java class...

5CVSS2.7AI score0.01169EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/11 12:0 a.m.•5 views

Google Chrome Heap Corruption (CVE-2019-13764)

A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.2AI score0.06432EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/08/10 12:0 a.m.•4 views

Microsoft Scripting Engine Memory Corruption (CVE-2021-34480)

A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS8.8AI score0.31825EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/10 12:0 a.m.•4 views

Microsoft Windows Services for NFS ONCRPC XDR Driver Remote Code Execution (CVE-2021-26432)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.3AI score0.10326EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/10 12:0 a.m.•5 views

Microsoft Remote Desktop Client Remote Code Execution (CVE-2021-34535)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS9AI score0.18354EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/05 12:0 a.m.•5 views

Pandora FMS Arbitrary File Upload (CVE-2021-34074)

An arbitrary file upload vulnerability exists in Pandora FMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5AI score0.07489EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/08/05 12:0 a.m.•1 views

Agent Tesla Panel Remote Code Execution

A remote code execution vulnerability exists in Agent Tesla Panel. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/04 12:0 a.m.•1 views

WordPress Popular Posts Plugin Remote Code Execution

A remote code execution vulnerability exists in WordPress Popular Posts Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/03 12:0 a.m.•4 views

PHPMyWind Cross Site Scripting (CVE-2020-18229)

A cross site scripting vulnerability exists in PHPMyWind. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

3.5CVSS4.8AI score0.00932EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/08/03 12:0 a.m.•4 views

Tenda AC1200 Denial Of Service (CVE-2020-28095)

A denial of service vulnerability exists in Tenda AC1200. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.8CVSS4.9AI score0.01157EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/08/03 12:0 a.m.•5 views

Latrix Project SQL Injection (CVE-2021-30000)

An SQL injection vulnerability exists in Latrix Project. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.3AI score0.02118EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/08/02 12:0 a.m.•0 views

WordPress WooCommerce Plugin SQL Injection

An SQL injection vulnerability exists in WordPress WooCommerce Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

3.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/08/02 12:0 a.m.•12 views

WordPress BuddyPress Plugin Privilege Escalation (CVE-2021-21389)

A privilege escalation vulnerability exists in WordPress BuddyPress Plugin. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

9CVSS5.5AI score0.13882EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/08/02 12:0 a.m.•6 views

VoIPmonitor Remote Code Execution (CVE-2021-30461)

A remote code execution vulnerability exists in VoIPmonitor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.5AI score0.36632EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/08/02 12:0 a.m.•10 views

Rocket.Chat NoSQL injection (CVE-2021-22911)

A NoSQL injection vulnerability exists in Rocket.Chat. Successful exploitation of this vulnerability could allow attackers to inject commands and execute arbitrary code on the affected system...

7.5CVSS7AI score0.95242EPSS
Exploits16
Check Point Advisories
Check Point Advisories
•added 2021/08/02 12:0 a.m.•3 views

NETGEAR Command Injection (CVE-2021-33514)

A command injection vulnerability exists in NETGEAR routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS7.7AI score0.08798EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/07/28 12:0 a.m.•6 views

Belkin Linksys Denial Of Service (CVE-2020-35716)

A denial-of-service vulnerability exists in Belkin Linksys. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.8CVSS4.6AI score0.0394EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/07/27 12:0 a.m.•19 views

Microsoft Active Directory Certificate Services NTLM Relay (CVE-2021-36942; CVE-2022-26925)

An NTLM relay vulnerability exists in Microsoft Active Directory Certificate Services. A remote attack can coerce Windows hosts to authenticate to other machines via the MS-EFSRPC protocol and obtain its NTLM credential. Successful exploitation could lead to complete takeover of the target domain...

5CVSS4.1AI score0.66023EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2021/07/27 12:0 a.m.•1 views

Open LiteSpeed Web Server Command Injection

A command injection vulnerability exists in Open LiteSpeed Web Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

5.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/27 12:0 a.m.•0 views

Nagios XI Remote Code Execution

A remote code execution vulnerability exists in Nagios XI Remote. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/26 12:0 a.m.•2 views

Google Chrome Heap Corruption (CVE-2021-21166)

A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.2AI score0.26525EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/26 12:0 a.m.•5 views

Apple WebKit Use After Free (CVE-2021-1879)

A use after free vulnerability exists in Apple WebKit. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.3CVSS5AI score0.07082EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/26 12:0 a.m.•7 views

Microsoft Internet Explorer Out-of-Bounds Write (CVE-2021-33742)

An out-of-bounds write vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could lead to arbitrary code execution in the context of the affected application...

6.8CVSS3.5AI score0.59139EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/26 12:0 a.m.•5 views

Google Chrome Heap Corruption (CVE-2021-30551)

A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.2AI score0.64701EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/07/26 12:0 a.m.•6 views

CRMEB Arbitrary File Upload (CVE-2020-21787)

An arbitrary file upload vulnerability exists in CRMEB. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.2AI score0.01846EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/07/26 12:0 a.m.•12 views

Moodle Command Injection (CVE-2021-21809)

A command injection vulnerability exists in Moodle. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.9AI score0.24173EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2021/07/21 12:0 a.m.•8 views

ManageEngine ServiceDesk Plus Command Injection (CVE-2021-20081)

A command injection vulnerability exists in ManageEngine ServiceDesk Plus. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS6.3AI score0.5242EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/07/20 12:0 a.m.•13 views

FiberHome Routers Command Injection (CVE-2021-42912)

A command injection vulnerability exists in FiberHome routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS7.8AI score0.13805EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/19 12:0 a.m.•6 views

Insteon HD IP Camera Remote Code Execution (CVE-2018-11560; CVE-2018-12640)

A remote code execution vulnerability exists in Insteon HD IP Camera. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS4.8AI score0.01633EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/07/15 12:0 a.m.•11 views

Cisco Adaptive Security Appliance Cross Site Scripting (CVE-2020-3580)

A cross site scripting vulnerability exists in Cisco Adaptive Security Appliance. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

2.6CVSS5.5AI score0.85439EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/07/15 12:0 a.m.•13 views

ForgeRock OpenAM Remote Code Execution (CVE-2021-35464)

A remote code execution vulnerability exists in ForgeRock OpenAM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.5AI score0.99999EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2021/07/14 12:0 a.m.•15 views

Microsoft Exchange Server Remote Code Execution (CVE-2021-34473; CVE-2021-34523)

A remote code execution vulnerability exists in Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.8AI score0.99999EPSS
Exploits17
Total number of security vulnerabilities13538