Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2020/12/20 12:0 a.m.•15 views

Cisco Firepower Management Center Arbitrary File Read (CVE-2016-6435)

A vulnerability exists in Cisco Firepower Management Center. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

4CVSS5AI score0.36617EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2020/12/20 12:0 a.m.•5 views

Libbpg Project Out of Bounds Write (CVE-2016-8710)

A remote code execution vulnerability exists in Libbpg project Libbpg. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.9AI score0.03388EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/12/20 12:0 a.m.•11 views

Kaspersky Internet Security KLIF driver Denial of service (CVE-2016-4305)

A denial-of-service vulnerability exists in Kaspersky Internet Security. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

2.1CVSS6AI score0.0049EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/12/17 12:0 a.m.•5 views

Microsoft Windows Privilege Escalation (CVE-2016-0006)

A privilege escalation vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

6.9CVSS5.3AI score0.04231EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/12/17 12:0 a.m.•4 views

Adobe Acrobat Data Exfiltration (CVE-2020-29075)

A data exfiltration vulnerability has been reported in Adobe Acrobat. The vulnerability is due to the existence of two JavaScript functions that perform DNS lookups without requiring any specific user action. A remote attacker can exploit this vulnerability by enticing a target user into opening ...

4.3CVSS2.4AI score0.07818EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/17 12:0 a.m.•9 views

HTTP Authenticated OS Command Injection (CVE-2020-17408; CVE-2020-24916; CVE-2020-25079; CVE-2020-3117; CVE-2020-7049)

A command injection vulnerability exists in web and application servers. Successful exploitation of this vulnerability could result in execution of arbitrary code on the target system...

10CVSS3.7AI score0.73962EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2020/12/17 12:0 a.m.•17 views

Web Servers SQL Injection Attempt (CVE-2020-10220; CVE-2020-15533; CVE-2020-23833; CVE-2020-23973; CVE-2020-23976; CVE-2020-23978; CVE-2020-23979)

An SQL Injection vulnerability exists in web servers due to lack of input validation. Successful exploitation of this vulnerability could result in damaging target systems...

7.5CVSS3.7AI score0.99683EPSS
Exploits19
Check Point Advisories
Check Point Advisories
•added 2020/12/16 12:0 a.m.•7 views

Zeroshell Remote Code Execution (CVE-2020-29390)

A remote code execution vulnerability exists in Zeroshell. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.4AI score0.36672EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/12/16 12:0 a.m.•29 views

Aerospike Community Remote Code Execution (CVE-2020-13151)

A remote code execution vulnerability exists in Aerospike Community. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.7AI score0.86749EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2020/12/16 12:0 a.m.•6 views

Microsoft Windows Information Disclosure (CVE-2016-0175)

An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

2.1CVSS4.7AI score0.03821EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/16 12:0 a.m.•14 views

Microsoft Windows WebDAV Client Privilege Escalation (CVE-2016-0051)

A privilege escalation vulnerability exists in Microsoft Windows WebDAV Client. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

7.2CVSS5.1AI score0.23383EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2020/12/16 12:0 a.m.•3 views

Cisco Collaboration Server Cross-Site Scripting (CVE-2010-0641)

A cross site scripting vulnerability exists in Cisco Collaboration Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS5.1AI score0.03237EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/12/15 12:0 a.m.•1 views

Sunburst Backdoor Suspicious Traffic

Sunburst Backdoor Trojan is a malicious application that allows remote attackers to gain access to an affected system...

5.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/14 12:0 a.m.•2 views

Pandora FMS Cross-Site Scripting (CVE-2020-11749)

A cross-site scripting vulnerability exists in Pandora FMS. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary commands on the affected system...

9.3CVSS4.6AI score0.16226EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2020/12/14 12:0 a.m.•6 views

SourceCodester Water Billing System SQL Injection (CVE-2020-28183)

An SQL injection vulnerability exists in SourceCodester Water Billing System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

10CVSS5.7AI score0.02525EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/12/10 12:0 a.m.•4 views

Zoho ManageEngine SDP Arbitrary File Upload (CVE-2019-8394)

An arbitrary file upload vulnerability exists in Zoho ManageEngine SDP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4CVSS4.8AI score0.64051EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2020/12/09 12:0 a.m.•0 views

Microsoft Teams Remote Code Execution

A remote code execution vulnerability exists in Microsoft Teams. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/08 12:0 a.m.•5 views

Microsoft Exchange Memory Corruption (CVE-2020-17144)

A memory corruption vulnerability exists in Microsoft Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6CVSS8.4AI score0.36514EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/12/08 12:0 a.m.•6 views

Microsoft Windows SMB Remote Code Execution (CVE-2020-17096)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS9.3AI score0.18653EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/08 12:0 a.m.•2 views

Microsoft Dynamics 365 for Finance and Operations Remote Code Execution (CVE-2020-17158)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS8.8AI score0.02749EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/08 12:0 a.m.•2 views

Microsoft Windows SMB Server Information Disclosure (CVE-2020-17140)

An information disclosure vulnerability has been reported in the SMBv2 component of Microsoft Windows SMB server. The vulnerability is due to improper handling of SMB2SETINFO messages. A remote, authenticated attacker can exploit this vulnerability by sending crafted SMBv2 messages to the target...

4CVSS6AI score0.12161EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/08 12:0 a.m.•3 views

Microsoft Dynamics 365 Commerce Remote Code Execution (CVE-2020-17152)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS8.8AI score0.02749EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/08 12:0 a.m.•8 views

Microsoft SharePoint Remote Code Execution (CVE-2020-17121)

A remote code execution vulnerability exists in Microsoft SharePoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS9.3AI score0.03257EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/06 12:0 a.m.•4 views

Microsoft Windows Server Privilege Escalation (CVE-2016-0093)

A privilege escalation vulnerability exists in Microsoft Windows Server. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

7.2CVSS7.7AI score0.03662EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/12/06 12:0 a.m.•3 views

Apple iOS Remote Code Execution (CVE-2019-8506)

A remote code execution vulnerability exists in Apple iOS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.6AI score0.18172EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/12/06 12:0 a.m.•3 views

Apache Druid Information Disclosure (CVE-2020-1958)

An information disclosure vulnerability exists in Apache Druid. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

3.5CVSS2.9AI score0.04565EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/06 12:0 a.m.•5 views

Sonicwall Secure Remote Access Server Command Injection (CVE-2016-9684)

A command injection vulnerability exists in SonicWall Secure Remote Access server. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

10CVSS6.5AI score0.07064EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/12/06 12:0 a.m.•24 views

SonicWall Secure Remote Access Server Command Injection (CVE-2016-9682)

A command injection vulnerability exists in SonicWall Secure Remote Access server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS6AI score0.23296EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2020/12/06 12:0 a.m.•4 views

Microsoft Windows Uniscribe Memory Corruption (CVE-2010-2738)

A memory corruption vulnerability exists in Microsoft Windows. The vulnerability is due to improper input validation of a table in the TrueType font layout. Remote attacker could trigger this flaw by enticing a user to open a specially crafted TTF file. Successful exploitation could result in a...

9.3CVSS3.3AI score0.18537EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2020/12/06 12:0 a.m.•2 views

PHP-Fusion downloads.php Privilege Escalation (CVE-2020-24949)

A privilege escalation vulnerability exists in PHP-Fusion. The vulnerability is due to insufficient validation of HTTP request parameters in downloads.php...

9CVSS2.5AI score0.67289EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/12/06 12:0 a.m.•11 views

Microsoft Windows Server Privilege Escalation (CVE-2016-0099)

A privilege escalation vulnerability exists in Microsoft Windows Server. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

7.2CVSS5.3AI score0.37164EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2020/12/06 12:0 a.m.•2 views

Git Information Disclosure (CVE-2020-5260)

An information disclosure vulnerability exists in Git. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

5CVSS2.5AI score0.10047EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/12/03 12:0 a.m.•7 views

Trend Micro InterScan Web Security Virtual Appliance Command Injection (CVE-2020-28580; CVE-2020-28581)

A command injection vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS7.3AI score0.44549EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/12/03 12:0 a.m.•5 views

Trend Micro InterScan Web Security Virtual Appliance Stack Overflow (CVE-2020-28578; CVE-2020-28579)

A stack overflow vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.5CVSS6.8AI score0.7227EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/12/02 12:0 a.m.•6 views

Microsoft Windows Server Privilege Escalation (CVE-2016-0095)

A privilege escalation vulnerability exists in Microsoft Windows Server. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

7.2CVSS7.7AI score0.04404EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/02 12:0 a.m.•11 views

Microsoft Windows Server Privilege Escalation (CVE-2016-0007)

A privilege escalation vulnerability exists in Microsoft Windows Server. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

6.9CVSS7.5AI score0.05446EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2020/12/02 12:0 a.m.•6 views

Microsoft Windows Server Information Disclosure (CVE-2016-3371)

An information disclosure vulnerability exists in Microsoft Windows Server. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

4.3CVSS5.4AI score0.4007EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/12/02 12:0 a.m.•10 views

Moxa AWK-3131A Cross-Site Scripting (CVE-2016-8719)

A cross-site scripting vulnerability exists in Moxa AWK-3131A. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS5.1AI score0.00823EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/12/01 12:0 a.m.•0 views

WonderCMS Persistent Cross-Site Scripting

A cross-site scripting vulnerability exists in WonderCMS. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/12/01 12:0 a.m.•4 views

SourceCodester Online Library Management System Command Injection (CVE-2020-28130)

A command injection vulnerability exists in SourceCodester Online Library Management System. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS5.7AI score0.06263EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/12/01 12:0 a.m.•13 views

SourceCodester Online Clothing Store Command Injection (CVE-2020-28140)

A command injection vulnerability exists in SourceCodester Online Clothing Store. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.5AI score0.01841EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/12/01 12:0 a.m.•1 views

Gemtek WRTM-127ACN Command Injection (CVE-2020-24365)

A command injection vulnerability exists in Gemtek WRTM-127ACN. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.8AI score0.11414EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2020/11/29 12:0 a.m.•2 views

Nagios XI Command Injection (CVE-2020-5791)

A command injection vulnerability exists in Nagios XI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.7AI score0.78632EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2020/11/29 12:0 a.m.•8 views

Ruby On Rails Remote Code Execution (CVE-2020-8165)

A remote code execution vulnerability exists in Ruby On Rails. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.3AI score0.45732EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2020/11/29 12:0 a.m.•7 views

UCMS Project Command Injection (CVE-2020-25483)

A command Injection vulnerability exists in UCMS Project. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.6AI score0.0865EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/11/29 12:0 a.m.•2 views

SourceCodester Online Clothing Store SQL Injection (CVE-2020-28138)

An SQL injection vulnerability exists in SourceCodester Online Clothing Store. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.5AI score0.01957EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/11/29 12:0 a.m.•3 views

PluXml Remote Code Execution (CVE-2020-18185)

A remote code execution vulnerability exists in PluXml. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.4AI score0.01771EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/11/28 12:0 a.m.•0 views

Nagios Log Server Persistent Cross-Site Scripting

A persistent cross site scripting vulnerability exists in Nagios Log Server. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

4.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/11/28 12:0 a.m.•10 views

SuiteCRM Remote Code Execution (CVE-2020-28328)

A remote code execution vulnerability exists in SuiteCRM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS8.9AI score0.64094EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2020/11/28 12:0 a.m.•1 views

Nagios XI mibs.php Command Injection (CVE-2020-5791)

A command injection vulnerability exists in Nagios XI. This vulnerability is due to insufficient validation of the input parameters in the mibs.php...

9CVSS4.5AI score0.78632EPSS
Exploits7
Total number of security vulnerabilities13538