Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2021/04/28 12:0 a.m.•0 views

Microsoft Windows Contact Files Script Injection

A script injection vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary script via contact files into the affected system...

5.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/28 12:0 a.m.•11 views

Qcubed Remote Code Execution (CVE-2020-24914)

A remote code execution vulnerability exists in Qcubed. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.3AI score0.05554EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/04/28 12:0 a.m.•9 views

Apache OFBiz Insecure Deserialization(CVE-2021-26295)

An insecure deserialization vulnerability exists in Apache OFBiz. This vulnerability is due to Java serialization issues when processing requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted request...

7.5CVSS3.9AI score0.97969EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2021/04/27 12:0 a.m.•4 views

Nagios Network Analyzer Cross-Site Scripting (CVE-2021-28924)

A cross-site scripting vulnerability exists in Nagios Network Analyzer. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS4.7AI score0.09246EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/27 12:0 a.m.•2 views

Apple Darwin Streaming Server Remote Code Execution (CVE-2003-0050)

A remote code execution vulnerability exists in Apple Darwin Streaming Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.6AI score0.68858EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/04/27 12:0 a.m.•0 views

HARDPULSE Backdoor Suspicious Traffic

HARDPULSE Backdoor Trojan is a malicious application that allows remote attackers to gain access to an affected system...

5.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/27 12:0 a.m.•4 views

XStream Library Arbitrary File Deletion (CVE-2020-26259)

An arbitrary file deletion vulnerability exists in the XStream library. The vulnerability is due to improper validation of user input during unmarshalling of XML and JSON data...

6.4CVSS4.2AI score0.82806EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/04/27 12:0 a.m.•7 views

Zeroshell type Parameter Command Execution (CVE-2009-0545)

ZeroShell is a small Linux distribution for servers and embedded devices. A vulnerability exists in Zeroshell that could be exploited by remote attackers to compromise a vulnerable system. The vulnerability is due to an input validation error in the "cgi-bin/kerbynet" script that does not validat...

10CVSS5.1AI score0.90732EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/04/25 12:0 a.m.•3 views

OpenClinic GA SQL Injection (CVE-2020-27241)

An SQL injection vulnerability exists in OpenClinic GA. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.4AI score0.00866EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/25 12:0 a.m.•6 views

WordPress Super Cache Plugin Remote Code Execution (CVE-2021-24209)

A remote code execution vulnerability exists inWordPress Super Cache Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.1AI score0.23844EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/04/25 12:0 a.m.•4 views

OpenClinic GA SQL Injection (CVE-2020-27233; CVE-2020-27234; CVE-2020-27235; CVE-2020-27236; CVE-2020-27237; CVE-2020-27238; CVE-2020-27239; CVE-2020-27240)

An SQL injection vulnerability exists in OpenClinic GA. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.4AI score0.00876EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2021/04/25 12:0 a.m.•4 views

LightCMS Remote Code execution (CVE-2021-27112)

A remote code execution vulnerability exists in LightCMS. Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on the affected system...

7.5CVSS7.2AI score0.02423EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/25 12:0 a.m.•4 views

SaltStack Salt Method Directory Traversal (CVE-2021-25282)

A directory traversal vulnerability exists in the WheelClient for Salt API, a component of SaltStack Salt. The vulnerability is due to improper validation of user-supplied in the pillarroots.write method...

6.4CVSS3.7AI score0.92312EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/04/21 12:0 a.m.•4 views

Nagios Network Analyzer SQL Injection (CVE-2021-28925)

An SQL injection vulnerability exists in Nagios Network Analyzer. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.2AI score0.04217EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/21 12:0 a.m.•12 views

GoAhead Web Server Authentication Bypass (CVE-2020-15688)

An authentication bypass vulnerability exists in GoAhead Web Server. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...

6.8CVSS6.6AI score0.04039EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2021/04/21 12:0 a.m.•5 views

Apple Safari WebKit Memory Corruption (CVE-2016-4657)

A memory corruption vulnerability exists in the WebKit component of Apple Safari. The vulnerability is due to improper handling of objects in memory. A remote attacker could exploit this vulnerability by enticing a victim to browse to a maliciously crafted web page...

6.8CVSS2.9AI score0.66788EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2021/04/21 12:0 a.m.•6 views

Twsz Wifi Repeater BE126 Information Disclosure (CVE-2017-8770)

An information disclosure vulnerability exists in Twsz Wifi Repeater BE126. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

7.8CVSS2.3AI score0.10292EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2021/04/21 12:0 a.m.•1 views

PHP Proxy Arbitrary File Read (CVE-2018-19458)

An arbitrary file read vulnerability exists in PHP Proxy. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to access and read arbitrary file...

5CVSS3.8AI score0.32885EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/21 12:0 a.m.•3 views

Google Chrome Heap Corruption (CVE-2020-16040)

A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.3CVSS4.2AI score0.99595EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2021/04/21 12:0 a.m.•6 views

URL Directory Traversal Over HTTP Traffic (CVE-2021-21983)

URL Directory Traversal Over HTTP Traffic...

8.5CVSS1AI score0.68557EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2021/04/21 12:0 a.m.•6 views

Apple Quicktime Remote Code Execution (CVE-2015-3788)

A remote code execution vulnerability exists in Apple Quicktime. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS9.4AI score0.0364EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/21 12:0 a.m.•7 views

Ipswitch WhatsUp Gold SQL Injection (CVE-2015-8261)

An SQL injection vulnerability exists in Ipswitch WhatsUp Gold. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS4.7AI score0.0355EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2021/04/18 12:0 a.m.•4 views

D-Link DIR-816 Command Injection (CVE-2021-26810)

A command injection vulnerability exists in D-Link DIR-816. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS5.6AI score0.04905EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/18 12:0 a.m.•6 views

Oria Gridx Remote Code Execution (CVE-2020-19625)

A remote code execution vulnerability exists in Oria Gridx. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS6.6AI score0.13143EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/18 12:0 a.m.•0 views

Ruby Server Side Template Injection

A remote attacker can inject malicious commands into a template engine. Successful exploitation could result in the execution of arbitrary code in the affected web server...

4.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/18 12:0 a.m.•8 views

Course Registration Management System Cross Site Scripting (CVE-2021-29663)

A cross-site scripting vulnerability exists in Course Registration Management System. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

3.5CVSS4.8AI score0.00806EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/18 12:0 a.m.•5 views

Divante Vue Storefront Information Disclosure (CVE-2020-11883)

An information disclosure vulnerability exists in Divante Vue Storefront. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

5CVSS2.5AI score0.1515EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/18 12:0 a.m.•5 views

Online Ordering System SQL Injection (CVE-2021-28295)

An SQL injection vulnerability exists in Online Ordering System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

5CVSS5.4AI score0.15904EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/18 12:0 a.m.•17 views

UNION Query-based SQL Injection Over HTTP Traffic (CVE-2018-17254; CVE-2020-18144; CVE-2020-29283; CVE-2020-29287; CVE-2020-29288; CVE-2020-35430; CVE-2021-24285)

UNION Query-based SQL Injection Over HTTP Traffic...

7.5CVSS0.8AI score0.82976EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2021/04/18 12:0 a.m.•4 views

Webmin Command Injection (CVE-2019-12840)

A command injection vulnerability exists in Webmin . Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.6AI score0.77813EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2021/04/14 12:0 a.m.•0 views

Google Chrome Remote Code Execution

A remote code execution vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/13 12:0 a.m.•4 views

Microsoft Windows SMB Information Disclosure (CVE-2021-28324)

An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

5CVSS1.8AI score0.06223EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/13 12:0 a.m.•4 views

Microsoft Windows SMB Information Disclosure (CVE-2021-28325)

An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

4CVSS6.5AI score0.61648EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/13 12:0 a.m.•8 views

Microsoft Win32k Elevation of Privilege (CVE-2021-28310)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.6CVSS6AI score0.0833EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/11 12:0 a.m.•2 views

Advantech iView Remote Code Execution (CVE-2021-22652)

A remote code execution vulnerability exists in Advantech iView. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.9AI score0.36845EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2021/04/11 12:0 a.m.•6 views

Invigo Automatic Device Management Command Injection (CVE-2020-10583)

A command injection vulnerability exists in Invigo Automatic Device Management. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS6.8AI score0.02765EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/11 12:0 a.m.•12 views

Zen Cart IT-Recht Kanzlei Plugin SQL Injection (CVE-2020-6577)

An SQL injection vulnerability exists in Zen Cart IT-Recht Kanzlei Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS10AI score0.01552EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/11 12:0 a.m.•12 views

Invigo Automatic Device Management Remote Code Execution (CVE-2020-10580)

A remote code execution vulnerability exists in Invigo Automatic Device Management. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS6.5AI score0.03913EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/11 12:0 a.m.•3 views

XML External Entity Over HTTP Request (CVE-2021-26703)

XML External Entity Over HTTP Request...

7.5CVSS0.4AI score0.04034EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/05 12:0 a.m.•4 views

Gnu Mailman Command Injection (CVE-2020-12108)

A command injection vulnerability exists in Gnu Mailman. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

4.3CVSS5.7AI score0.02698EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/05 12:0 a.m.•2 views

Tiny Tiny RSS Remote Code Execution (CVE-2020-25787)

A remote code execution vulnerability exists in Tiny Tiny RSS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS7.7AI score0.18417EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2021/04/05 12:0 a.m.•3 views

Pyres Termod4 Remote Code Execution (CVE-2020-23160)

A remote code execution vulnerability exists in Pyres Termod4. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.4AI score0.06929EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2021/04/05 12:0 a.m.•9 views

jQuery File Tree Directory Traversal (CVE-2017-1000170)

A directory traversal vulnerability exists in jQuery File Tree. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

5CVSS5.5AI score0.57608EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2021/04/05 12:0 a.m.•6 views

Eclipse Jetty Denial Of Service (CVE-2020-27223)

A denial-of-service vulnerability exists in Eclipse Jetty. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

4.3CVSS4.7AI score0.7795EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/04/05 12:0 a.m.•4 views

Iteris Vantage Velocity Command Injection (CVE-2020-9020)

A command injection vulnerability exists in Iteris Vantage Velocity. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS6.1AI score0.02473EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2021/04/05 12:0 a.m.•6 views

Micro Focus Operations Bridge Reporter Remote Code Execution (CVE-2021-22502)

A remote code execution vulnerability exists in Micro Focus Operations Bridge Reporter. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.3AI score0.9674EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2021/04/05 12:0 a.m.•9 views

Codiad Remote Code Execution (CVE-2018-14009; CVE-2017-11366; CVE-2017-15689)

A remote code execution vulnerability exists in Codiad. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS6.4AI score0.38444EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2021/04/05 12:0 a.m.•7 views

FortiLogger Arbitrary File Upload (CVE-2021-3378)

An arbitrary file upload vulnerability exists in FortiLogger. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5AI score0.97512EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2021/03/30 12:0 a.m.•6 views

Microsoft Outlook Security Feature Bypass (CVE-2017-0204)

A security feature bypass vulnerability exists in Microsoft Outlook. Successful exploitation of this vulnerability could allow remote attackers to bypass security tests and protocols on the affected system...

4.3CVSS6.1AI score0.19011EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2021/03/30 12:0 a.m.•4 views

Jenkins Remote API Information Disclosure (CVE-2017-1000395)

An information disclosure vulnerability exists in Jenkins Remote API. Successful exploitation of this vulnerability could allow a remote attacker to gain information about Jenkins user accounts...

4CVSS2.8AI score0.01335EPSS
Exploits0
Total number of security vulnerabilities13538