Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2021/07/14 12:0 a.m.•4 views

Microsoft Scripting Engine Memory Corruption (CVE-2021-34448)

A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5AI score0.3067EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/13 12:0 a.m.•5 views

Microsoft Windows Kernel Elevation of Privilege (CVE-2021-33771)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS5.8AI score0.06204EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/13 12:0 a.m.•3 views

Microsoft Win32k Elevation of Privilege (CVE-2021-34449)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS8.2AI score0.02179EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/13 12:0 a.m.•2 views

Adobe Acrobat and Reader Use After Free (APSB21-51: CVE-2021-28635)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.6AI score0.51184EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/13 12:0 a.m.•4 views

Microsoft Windows Kernel Elevation of Privilege (CVE-2021-31979)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS5.8AI score0.02612EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/13 12:0 a.m.•4 views

Adobe Acrobat and Reader Use After Free (APSB21-51: CVE-2021-28640)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6CVSS5.6AI score0.52299EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/13 12:0 a.m.•5 views

Microsoft SharePoint Server Remote Code Execution (CVE-2021-34467)

A remote code execution vulnerability exists in Microsoft SharePoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS8.6AI score0.05383EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/11 12:0 a.m.•2 views

Thecus NAS Server Control Panel Command Injection

A command injection vulnerability exists in Thecus NAS Server Control Panel. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

6.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/11 12:0 a.m.•0 views

Netgear WNAP320 Command Injection

A command injection vulnerability exists in Netgear WNAP320. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

5.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/07/08 12:0 a.m.•18 views

Windows Print Spooler Remote Code Execution (CVE-2021-34527)

A remote code execution vulnerability exists in the Windows Print Spooler service. A remote, authenticated attacker can exploit this issue by sending a specially crafted packet to the target server. Successful exploitation could result in execution of arbitrary code on the affected system. AKA...

9CVSS5.3AI score0.99759EPSS
Exploits41
Check Point Advisories
Check Point Advisories
•added 2021/07/06 12:0 a.m.•9 views

TP-Link TL-WR841N Command Injection (CVE-2020-35576)

A command injection vulnerability exists in TP-Link TL-WR841N. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.6AI score0.42285EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•0 views

PhpFileManager Local File Inclusion

A vulnerability exists in phpFileManager. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

4.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•2 views

VBulletin widget_tabbedContainer_tab_panel Remote Code Execution

A remote code execution vulnerability exists in vBulletin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•7 views

ArticleCMS Arbitrary File Upload (CVE-2020-20092; CVE-2020-28063)

An arbitrary file upload vulnerability exists in ArticleCMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.2AI score0.01292EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•0 views

Pisay Online E Learning System Remote Code Execution

A remote code execution vulnerability exists in Pisay. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•3 views

SQL Injection Scanning Attempt Over HTTP (CVE-2021-24321)

SQL Injection Scanning Attempt Over HTTP...

7.5CVSS0.6AI score0.66576EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•0 views

UserSpice Username Enumeration

A vulnerability exists in userSpice. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

5.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•0 views

Telesquare LTE Router Denial Of Service

A denial-of-service vulnerability exists in Telesquare. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

5.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•4 views

Fangfa Content Management System SQL Injection (CVE-2020-35441)

An SQL injection vulnerability exists in Fangfa Content Management System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.6AI score0.01133EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•4 views

Jenkins Claim Plugin Cross-Site Scripting (CVE-2021-21619)

A stored cross-site scripting vulnerability exists in Jenkins Claim plugin. This vulnerability is due to insufficient validation of the displayName shown in claims...

3.5CVSS5.4AI score0.0939EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•11 views

Laravel Framework Remote Code Execution (CVE-2018-15133)

A command injection vulnerability exists in Laravel Framework. This is due to insufficient handling of X-XSRF-TOKEN header in phpgcc library. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.7AI score0.76814EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2021/06/30 12:0 a.m.•4 views

Nagios XI Manage.php Directory Traversal (CVE-2021-3277)

A directory traversal vulnerability exists in Nagios XI. The vulnerability is due to insufficient validation of the request parameters in manage.php of the Custom-includes module...

6.5CVSS3.7AI score0.54579EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/24 12:0 a.m.•0 views

Hospital Management System Authentication Bypass

An authentication bypass vulnerability exists in Hospital Management System. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...

5.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/24 12:0 a.m.•0 views

DALIM SOFTWARE Es User Enumeration

A vulnerability exists in DALIM SOFTWARE. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

5.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/24 12:0 a.m.•4 views

Thecus N4800Eco NAS Server Command Injection

A vulnerability exists in Thecus. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

5.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/24 12:0 a.m.•2 views

Restaurant Management System Remote Code Execution

A remote code execution vulnerability exists in Restaurant Management System. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/24 12:0 a.m.•3 views

ClipBucket Remote Code Execution

A remote code execution vulnerability exists in ClipBucket. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/24 12:0 a.m.•4 views

PHP Webshell Upload Over HTTP

An attacker might upload a webshell backdoor to a PHP server. A successful exploitation might allow the attacker to run arbitrary code, or use the server as a bot for further attacks...

1.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/24 12:0 a.m.•5 views

Grav CMS Command Injection (CVE-2021-29440)

A command injection vulnerability exists in Grav CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

6.5CVSS5.5AI score0.30623EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/06/24 12:0 a.m.•2 views

Open Web Analytics SQL Injection (CVE-2014-1206)

An SQL Injection vulnerability exists in Open Web Analytics. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.3AI score0.02495EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2021/06/20 12:0 a.m.•11 views

CentOS Web Panel SQL Injection (CVE-2021-31316; CVE-2021-31324)

An SQL injection vulnerability exists in CentOS Web Panel. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

10CVSS5.3AI score0.34062EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/06/20 12:0 a.m.•4 views

Netgear ProSAFE Network Management System Arbitrary File Upload (CVE-2021-27274)

An unrestricted file upload vulnerability exists in Netgear ProSAFE NMS300. The vulnerability is due to improper validation of the uploaded file in the MFileUploadController class...

10CVSS2.1AI score0.08167EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/20 12:0 a.m.•6 views

Cisco HyperFlex HX Directory Traversal (CVE-2021-1499)

A directory traversal vulnerability exists in Cisco Hyperflex. The vulnerability is due to improper input sanitization...

5CVSS2.3AI score0.80426EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/06/20 12:0 a.m.•9 views

Cisco HyperFlex HX Command Injection (CVE-2021-1498; CVE-2021-1497)

A remote command execution vulnerability exists in Cisco Hyperflex. The vulnerability is due to improper input sanitization...

10CVSS2.5AI score0.99999EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2021/06/20 12:0 a.m.•5 views

Apache OFBiz Insecure Deserialization (CVE-2021-29200)

An insecure deserialization vulnerability exists in Apache OFBiz. This vulnerability is due to Java serialization issues when processing requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted request...

7.5CVSS3.9AI score0.5537EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/20 12:0 a.m.•3 views

Unauthorized SQL Commands Over HTTP (CVE-2020-15153; CVE-2020-35545)

Unauthorized SQL Commands Over HTTP...

7.5CVSS0.3AI score0.03803EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/06/16 12:0 a.m.•6 views

Apache Airflow Command Injection (CVE-2020-11978; CVE-2020-13927)

A command injection vulnerability exists in Apache Airflow. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.4AI score0.997EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2021/06/16 12:0 a.m.•3 views

Nagios Fusion Remote Code Execution (CVE-2020-28905)

A remote code execution vulnerability exists in Nagios Fusion. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS9.5AI score0.26206EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/06/13 12:0 a.m.•6 views

ManageEngine ADSelfService Plus Command Injection (CVE-2021-33256)

A command injection vulnerability exists in ManageEngine ADSelfService Plus. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9.3CVSS6.2AI score0.79003EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/06/13 12:0 a.m.•5 views

Apple macOS Privilege Escalation (CVE-2021-30713)

A privilege escalation vulnerability exists in MacOS. Successful exploitation of this vulnerability could allow a remote attacker to bypass Privacy preferences and run arbitrary code with elevated privileges...

4.6CVSS4.6AI score0.0658EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/13 12:0 a.m.•4 views

HongCMS Directory Traversal (CVE-2020-18178)

A directory traversal vulnerability exists in HongCMS. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

7.5CVSS4.6AI score0.01745EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/06/09 12:0 a.m.•5 views

Microsoft Scripting Engine Memory Corruption (CVE-2021-31959)

A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS8.4AI score0.0923EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/09 12:0 a.m.•5 views

TP-Link WR2041 Buffer Overflow (CVE-2021-26827)

A buffer overflow vulnerability exists in TP-Link WR2041. Successful exploitation of this vulnerability could allow a remote attacker to cause an application crash...

7.8CVSS4.2AI score0.01703EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/06/09 12:0 a.m.•5 views

Codiad Web IDE Command Injection (CVE-2019-19208)

A command injection vulnerability exists in Codiad Web IDE. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS6.5AI score0.19241EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2021/06/09 12:0 a.m.•6 views

Microsoft DWM Core Library Elevation of Privilege (CVE-2021-33739)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS8.2AI score0.06555EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/06/08 12:0 a.m.•4 views

Microsoft Windows Kernel-Mode Driver Elevation of Privilege (CVE-2021-31952)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS8.7AI score0.00812EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/08 12:0 a.m.•5 views

Microsoft Windows dssenh.dll Elevation of Privilege (CVE-2021-31201)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS5.8AI score0.02617EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/08 12:0 a.m.•5 views

Microsoft Windows rsaenh.dll Elevation of Privilege (CVE-2021-31199)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS5.8AI score0.02954EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/08 12:0 a.m.•8 views

Microsoft Windows NTFS Elevation of Privilege (CVE-2021-31956)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.8AI score0.20268EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2021/06/08 12:0 a.m.•17 views

VMware vCenter Server Remote Code Execution (CVE-2021-21985)

A remote code execution vulnerability exists in VMware vCenter Server. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary code on the affected system...

10CVSS7.9AI score0.99999EPSS
Exploits13
Total number of security vulnerabilities13538