Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2021/06/08 12:0 a.m.•5 views

Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2021-31954)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS8.7AI score0.01065EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/08 12:0 a.m.•4 views

Microsoft Windows Kernel Information Disclosure (CVE-2021-31955)

An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

2.1CVSS1.5AI score0.80263EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/06/08 12:0 a.m.•3 views

Adobe Acrobat Reader DC Path Join Out of Bounds Read (APSB21-37: CVE-2021-28554)

An out of bounds read vulnerability has been reported in Adobe Acrobat Reader DC. The vulnerability is due to improper handling of relative paths in calls to the app.openDoc JavaScript function...

6.8CVSS0.6AI score0.46031EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/01 12:0 a.m.•25 views

WordPress Core External Entity Injection (CVE-2021-29447)

An XXE vulnerability exists in WordPress Core. The vulnerability is due to insufficient validation of XML data when parsing RIFF WAV file metadata...

4CVSS4.8AI score0.85719EPSS
Exploits20
Check Point Advisories
Check Point Advisories
•added 2021/06/01 12:0 a.m.•5 views

WordPress Stop Spammers Plugin Cross Site Scripting (CVE-2021-24245)

A cross site scripting vulnerability exists in WordPress Stop Spammers plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

4.3CVSS4.8AI score0.05721EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/06/01 12:0 a.m.•3 views

Apache Tapestry Information Disclosure (CVE-2021-30638)

An information disclosure vulnerability exists in Apache Tapestry. A URL manipulation via smuggled backslashes allows Java webapp files inside WEB-INF to be listed and downloaded...

5CVSS2.3AI score0.06559EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/06/01 12:0 a.m.•3 views

IPFire Remote Code Execution (CVE-2021-33393)

A remote code execution vulnerability exists in IPFire. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.4AI score0.58725EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2021/05/31 12:0 a.m.•4 views

HPE Edgeline Infrastructure Manager Authentication Bypass (CVE-2021-29203)

An authentication bypass vulnerability exists in HPE Edgeline Infrastructure Manager. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...

10CVSS4.1AI score0.68293EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/05/31 12:0 a.m.•3 views

Jenkins Credentials Plugin Cross-Site Scripting (CVE-2021-21648)

A reflected cross-site scripting vulnerability exists in Jenkins Credentials Plugin. This vulnerability is due to insufficient validation of user-controlled information on the upload certificate view provided by Credentials plugin...

4.3CVSS2AI score0.11308EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/05/31 12:0 a.m.•3 views

Google Chrome Buffer Overflow (CVE-2021-21153)

A buffer overflow vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

6.8CVSS5.3AI score0.01273EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/05/30 12:0 a.m.•4 views

Xymon xymond Remote Code Execution (CVE-2016-2056)

A remote code execution vulnerability exists in Xymon xymond. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

6.5CVSS5.8AI score0.54507EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/05/30 12:0 a.m.•45 views

Microsoft Windows Server Remote Code Execution (CVE-2009-3103)

Microsoft Server Message Block SMB Protocol is a Microsoft network file sharing protocol used in Microsoft Windows. A vulnerability exists in Microsoft Server Message Block SMB Protocol that could allow remote attackers to execute arbitrary code on the vulnerable system due to memory corruption...

10CVSS9.3AI score0.90121EPSS
Exploits20
Check Point Advisories
Check Point Advisories
•added 2021/05/27 12:0 a.m.•1 views

Drupal Core Hex Rendering Remote Code Execution

A code execution vulnerability exists in Drupal Core. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/05/27 12:0 a.m.•6 views

Hongdian H8922 Command Injection (CVE-2021-28151; CVE-2021-28149)

A command injection vulnerability exists in Hongdian H8922. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.4AI score0.27912EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/05/27 12:0 a.m.•10 views

Subrion CMS Remote Code Execution (CVE-2018-19422)

A remote code execution vulnerability exists in Subrion CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.5AI score0.64261EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2021/05/23 12:0 a.m.•4 views

Cacti SQL Injection (CVE-2020-14295)

An SQL injection vulnerability exists in Cacti. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.1AI score0.8633EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2021/05/23 12:0 a.m.•3 views

Aruba Networks ClearPass Policy Manager Remote Code Execution (CVE-2020-7115)

A remote code execution vulnerability exists in Aruba Networks ClearPass Policy Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.3AI score0.64596EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2021/05/18 12:0 a.m.•7 views

Netgate pfSense Cross-Site Scripting (CVE-2021-27933)

A stored cross-site scripting vulnerability exists in Netgate pfSense. The vulnerability is due to improper validation of the descr parameter in the serviceswoledit.php...

4.3CVSS1.5AI score0.26611EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/05/18 12:0 a.m.•3 views

Ambarella Oryx RTSP Server Buffer Overflow (CVE-2020-24918)

A buffer overflow vulnerability exists in Ambarella Oryx RTSP Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

10CVSS5.6AI score0.04358EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/05/18 12:0 a.m.•4 views

Projectworlds Online Book Store SQL Injection (CVE-2020-19114)

An SQL injection vulnerability exists in Projectworlds Online Book Store . Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS4.8AI score0.01944EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/05/18 12:0 a.m.•5 views

Jenkins Artifact Repository Parameter Plugin Cross-Site Scripting (CVE-2021-21622)

A stored cross-site scripting vulnerability exists in Jenkins Artifact Repository Parameter plugin. This vulnerability is due to insufficient validation of the name and description parameters in the ArtifactRepoParamDefinition class...

3.5CVSS5.4AI score0.09387EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/05/18 12:0 a.m.•2 views

Oracle E-Business Suite iStore Information Disclosure (CVE-2021-2182)

An information disclosure vulnerability exists in the iStore component in Oracle E-Business Suite. The vulnerability is due to the use of untrusted user input from requests when constructing HTML output in the JSP that handles updating of user personal information...

5.8CVSS7.8AI score0.00933EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/05/18 12:0 a.m.•11 views

Tenda Routers Buffer Overflow (CVE-2021-31755; CVE-2021-31756; CVE-2021-31757; CVE-2021-31758)

A buffer overflow vulnerability exists in Tenda routers. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

10CVSS7.2AI score0.85849EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2021/05/12 12:0 a.m.•14 views

China Mobile An Lianbao WF-1 Router Command Injection (CVE-2021-30231; CVE-2021-30228; CVE-2021-30230; CVE-2021-30232; CVE-2021-30233; CVE-2021-30234)

A command injection vulnerability exists in China Mobile An Lianbao WF-1 router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS6.8AI score0.0327EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2021/05/12 12:0 a.m.•17 views

Microsoft HTTP Protocol Stack Remote Code Execution (CVE-2021-31166)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS3.9AI score0.99647EPSS
Exploits24
Check Point Advisories
Check Point Advisories
•added 2021/05/12 12:0 a.m.•5 views

Apache OFBiz Insecure Deserialization (CVE-2021-26295)

An insecure deserialization vulnerability exists in Apache OFBiz. This vulnerability is due to Java serialization issues when processing requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted request...

7.5CVSS3.9AI score0.97969EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2021/05/12 12:0 a.m.•3 views

Nagios XI Remote Code Execution (CVE-2019-15949)

A remote code execution vulnerability exists in Nagios XI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.7AI score0.77741EPSS
Exploits13
Check Point Advisories
Check Point Advisories
•added 2021/05/11 12:0 a.m.•1 views

Adobe Acrobat and Reader Use After Free (APSB21-29: CVE-2021-28550)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.6AI score0.52005EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/05/11 12:0 a.m.•3 views

Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2021-26419)

A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS4.9AI score0.22595EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/05/11 12:0 a.m.•3 views

Microsoft Windows Graphics Component Elevation of Privilege (CVE-2021-31170)

An elevation of privilege vulnerability exists in Microsoft Graphics Component. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS7.5AI score0.0101EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/05/11 12:0 a.m.•5 views

Microsoft Windows Graphics Component Elevation of Privilege (CVE-2021-31188)

An elevation of privilege vulnerability exists in Microsoft Graphics Component. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

2.1CVSS7.9AI score0.01368EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/05/11 12:0 a.m.•32 views

Microsoft SharePoint Remote Code Execution (CVE-2021-31181)

A remote code execution vulnerability exists in Microsoft SharePoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.7AI score0.30045EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/05/11 12:0 a.m.•2 views

Adobe Acrobat and Reader Heap-based Buffer Overflow (APSB21-29: CVE-2021-28560)

A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

6.8CVSS5.6AI score0.66918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/05/10 12:0 a.m.•4 views

Google Chrome Remote Code Execution (CVE-2021-21220)

A remote code execution vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.7AI score0.70435EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2021/05/10 12:0 a.m.•9 views

Vtiger SQL Injection (CVE-2020-22807)

An SQL injection vulnerability exists in Vtiger. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.4AI score0.0128EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/05/10 12:0 a.m.•5 views

Microsoft Exchange Server Remote Code Execution (CVE-2021-28482)

A remote code execution vulnerability exists in Microsoft Exchange Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS9.3AI score0.83337EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2021/05/10 12:0 a.m.•4 views

Beckhoff IPC Diagnostics Denial Of Service (CVE-2015-4051)

A denial-of-service vulnerability exists in Beckhoff IPC Diagnostics. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

9CVSS4.5AI score0.05734EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2021/05/05 12:0 a.m.•9 views

Apache Solr Server-Side Request Forgery (CVE-2021-27905)

A sever-side request forgery vulnerability exists in Apache Solr. The vulnerability is due to a lack of validation on the subdomain parameter in HTTP requests. Successful exploitation of this vulnerability could allow an unauthenticated attacker to make a request to any internal and external serv...

7.5CVSS1.3AI score0.93053EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/05/05 12:0 a.m.•3 views

TikiWiki Project SQL Injection (CVE-2004-1925)

An SQL injection vulnerability exists in TikiWiki Project. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

7.5CVSS3.3AI score0.01212EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/05/02 12:0 a.m.•8 views

WordPress Hotel Booking Plugin Remote Code Execution (CVE-2020-29047)

A remote code execution vulnerability exists in WordPress Hotel Booking Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS4.8AI score0.14269EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/05/02 12:0 a.m.•2 views

WordPress Food And Drink Menu Plugin Remote Code Execution (CVE-2020-29045)

A remote code execution vulnerability exists in WordPress Food And Drink Menu Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5AI score0.30798EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/05/02 12:0 a.m.•0 views

Fake Software Update Webpage

A misleading web page, disguising as an update message, is used to trick a user into installing malware, leading to loss of data, or allowing the attacker to run arbitrary code on the infected machine...

3.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/05/02 12:0 a.m.•0 views

WordPress WPGraphQL Plugin Denial of Service

A denial of service vulnerability exists in WordPress WPGraphQL Plugin. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

4.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/05/02 12:0 a.m.•2 views

ImageMagick Command Injection (CVE-2020-29599)

A command injection vulnerability exists in ImageMagick. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

6.8CVSS5.9AI score0.0703EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/05/02 12:0 a.m.•5 views

Tenda G0 Routers Command Injection (CVE-2021-27691)

A command injection vulnerability exists in Tenda G0 Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS7.8AI score0.25183EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/29 12:0 a.m.•6 views

Microsoft Windows GDI Information Disclosure (CVE-2019-1009)

An information disclosure vulnerability exists in Microsoft windows 7. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

4.3CVSS1.9AI score0.48488EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/29 12:0 a.m.•6 views

D-Link DIR-878 Command Injection (CVE-2019-8315)

A command injection vulnerability exists in D-Link DIR-878 devices. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS6.2AI score0.06408EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/29 12:0 a.m.•1 views

Visual Studio Code Python Extension Remote Code Execution

A remote code execution vulnerability exists in Visual. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/29 12:0 a.m.•4 views

Apple Safari Type Confusion (CVE-2019-6215)

A type confusion vulnerability exists in Apple Safari. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.3AI score0.09755EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/04/28 12:0 a.m.•3 views

Online Reviewer System SQL Injection (CVE-2021-27130)

An SQL injection vulnerability exists in Online Reviewer System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.8AI score0.02231EPSS
Exploits1
Total number of security vulnerabilities13538