Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2020/11/01 12:0 a.m.•20 views

Oracle WebLogic Remote Code Execution (CVE-2020-14882; CVE-2020-14750; CVE-2020-14825; CVE-2020-14883)

A remote code execution vulnerability exists in Oracle WebLogic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.5AI score0.99997EPSS
Exploits46
Check Point Advisories
Check Point Advisories
•added 2020/10/29 12:0 a.m.•3 views

FFmpeg Heap-based Buffer Overflow (CVE-2020-12284)

A buffer overflow vulnerability exists in NGINX NJS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

10CVSS5.2AI score0.03756EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/10/29 12:0 a.m.•16 views

Sangoma FreePBX Authentication Bypass (CVE-2019-19006)

An authentication bypass vulnerability exists in Sangoma FreePBX. A remote attacker could exploit this flaw by sending specially crafted packets to the affected server. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized...

7.5CVSS5.5AI score0.36615EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/28 12:0 a.m.•3 views

29o3 CMS Remote Code Execution (CVE-2010-1922)

A remote code execution vulnerability exists in 29o3 CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.5AI score0.02488EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/28 12:0 a.m.•0 views

Nagios XI users.php do_update_user Stored Cross-Site Scripting

A stored cross-site scripting vulnerability exists in Nagios XI. The vulnerability is due to insufficient validation of the phone parameter in users.php...

1.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/28 12:0 a.m.•4 views

Microsoft Windows Remote Code Execution (CVE-2020-1300)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation could result in execution of arbitrary code on the affected system...

6.8CVSS4.2AI score0.59518EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/28 12:0 a.m.•4 views

ZOHO ManageEngine ADSelfService Plus Information Disclosure (CVE-2010-3272)

An information disclosure vulnerability exists in ZOHO ManageEngine ADSelfService Plus. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

4.3CVSS4.7AI score0.04024EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/10/28 12:0 a.m.•3 views

Nitro Pro PDF Use After Free (CVE-2020-6074)

A use-after-free vulnerability exists in Nitro Pro PDF. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.6AI score0.40879EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/28 12:0 a.m.•4 views

Foxit PhantomPDF Use After Free (CVE-2020-8845)

A use-after-free vulnerability exists in Foxit PhantomPDF. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.1AI score0.19457EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/28 12:0 a.m.•5 views

Alcatel Lucent Stack Overflow (CVE-2019-3922)

A stack overflow vulnerability exists in Alcatel Lucent. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.5CVSS5.3AI score0.05238EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/28 12:0 a.m.•3 views

Cacti utilities.php Cross-Site Scripting (CVE-2010-2544)

A cross site scripting vulnerability exists in Cacti. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS5.2AI score0.04309EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/26 12:0 a.m.•3 views

SolarWinds DameWare Heap Overflow (CVE-2020-5734)

A heap overflow vulnerability exists in SolarWinds DameWare. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

4.3CVSS4.3AI score0.25149EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/26 12:0 a.m.•4 views

Microsoft Media Foundation Use After Free (CVE-2019-1430)

A use-after-free vulnerability exists in Microsoft Media Foundation. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.9AI score0.12956EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/26 12:0 a.m.•2 views

Delta Industrial Automation CNCSoft Buffer Overflow (CVE-2020-7002)

A buffer overflow vulnerability exists in Delta Electronics CNCSoft. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

6.8CVSS6AI score0.01144EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/26 12:0 a.m.•5 views

VMware VCenter Server Directory Service Authentication Bypass (CVE-2020-3952)

An authentication bypass vulnerability exists in VMware VCenter Server Directory Service. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...

6.8CVSS5.2AI score0.90384EPSS
Exploits20
Check Point Advisories
Check Point Advisories
•added 2020/10/26 12:0 a.m.•4 views

Google Chrome Integer Overflow (CVE-2020-6381)

An integer overflow vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to potentially exploit heap corruption on the affected system...

6.8CVSS3.9AI score0.02207EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/26 12:0 a.m.•3 views

Google Chrome Type Confusion (CVE-2020-6468)

A type confusion vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.1AI score0.06414EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/26 12:0 a.m.•3 views

Cisco Unified Contact Center Express Insecure Deserialization (CVE-2020-3280)

An insecure deserialization vulnerability exists in the Cisco Unified Contact Center Express. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.5AI score0.06945EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/26 12:0 a.m.•19 views

WordPress Loginizer Plugin SQL injection (CVE-2020-27615)

An SQL injection vulnerability exists in WordPress Loginizer Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

7.5CVSS3.2AI score0.53619EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/10/25 12:0 a.m.•3 views

Eaton HMiSoft Stack Buffer Overflow (CVE-2020-10639)

A stack buffer overflow vulnerability exists in Eaton HMiSoft. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

6.8CVSS7.9AI score0.00805EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/25 12:0 a.m.•2 views

Microsoft Windows Active Directory Remote Code Execution (CVE-2020-0718)

A remote code execution vulnerability exists in Microsoft Windows Active Directory. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS8.8AI score0.03608EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/25 12:0 a.m.•4 views

Oracle E-Business Suite Advanced Outbound Telephony Cross-Site Scripting (CVE-2020-2856)

A cross-site scripting vulnerability exists in Oracle E-Business Suite Advanced Outbound Telephony. Successful exploitation of this vulnerability could allow remote attackers to inject arbitrary web script into the affected system...

5.8CVSS4.6AI score0.01282EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/25 12:0 a.m.•2 views

Google Chrome Sandbox Escape (CVE-2020-6471)

A security sandbox escape vulnerability exists in Google Chrome. Successful exploitation can impact the availability, integrity, and confidentiality of the user's system...

6.8CVSS3.2AI score0.014EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/25 12:0 a.m.•3 views

Google Chrome Use After Free (CVE-2020-6378)

A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5AI score0.01218EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/25 12:0 a.m.•4 views

Google Golang Crypto Denial of Service (CVE-2020-9283)

A denial-of-service vulnerability exists in Google Golang. Successful exploitation of this vulnerability could cause a denial-of-service condition...

5CVSS3.3AI score0.21052EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2020/10/25 12:0 a.m.•6 views

Microsoft .NET Framework XPS File Parsing Remote Code Execution (CVE-2020-0605)

A remote code execution vulnerability exists in Microsoft .NET Framework XPS File Parsing. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7AI score0.17906EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/24 12:0 a.m.•6 views

Google Chrome Memory Corruption (CVE-2020-15999)

A memory corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.3CVSS5.4AI score0.5063EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/10/22 12:0 a.m.•3 views

Foxit Studio Photo Out of Bounds Read (CVE-2020-8877; CVE-2020-8879)

An out of bounds read vulnerability exists in Foxit Studio Photo. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

4.3CVSS3AI score0.08158EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/21 12:0 a.m.•7 views

MobileIron Core And Connector Remote Code Execution (CVE-2020-15505)

A remote code execution vulnerability exists in MobileIron Core And Connector. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.6AI score0.99737EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/10/21 12:0 a.m.•11 views

Exim Mail Server Buffer Overflow (CVE-2018-6789)

A buffer overflow vulnerability exists in Exim Mail Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.5CVSS5.4AI score0.82238EPSS
Exploits19
Check Point Advisories
Check Point Advisories
•added 2020/10/20 12:0 a.m.•15 views

Microsoft SharePoint Remote Code Execution (CVE-2020-16952)

A remote code execution vulnerability exists in Microsoft SharePoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.7AI score0.70894EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2020/10/19 12:0 a.m.•2 views

Google Chrome Speech Use After Free (CVE-2020-6386)

A use-after-free vulnerability exists in Google Chrome Speech. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.8AI score0.01656EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/19 12:0 a.m.•3 views

Zyxel Routers Privilege Escalation (CVE-2020-24355)

A Privilege Escalation vulnerability exists in Zyxel VMG5313-B30B router. Successful exploitation of this vulnerability could allow a remote attacker to create new users with elevated privileges and by that damage the affected system...

10CVSS7.1AI score0.02176EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/19 12:0 a.m.•0 views

Authors ePublisher Command Injection

A command injection vulnerability exists in Authors ePublisher. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/19 12:0 a.m.•4 views

Google Chrome Use After Free (CVE-2020-6462)

A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5AI score0.01365EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/19 12:0 a.m.•2 views

Google Chrome Use After Free (CVE-2020-6461)

A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5AI score0.01177EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/19 12:0 a.m.•3 views

Foxit Reader and PhantomPDF Integer Overflow (CVE-2020-8844)

An integer overflow vulnerability exists in Foxit Reader and PhantomPDF. This vulnerability is due to improper parsing of image files within ConvertToPDF. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS6.8AI score0.31467EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/19 12:0 a.m.•3 views

Google Chrome Policy Bypass (CVE-2020-6385)

A policy bypass vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow the disclosure of sensitive information...

6.8CVSS1.9AI score0.0226EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/19 12:0 a.m.•4 views

Advantech WebAccess Arbitrary File Upload (CVE-2020-10621)

An arbitrary file upload vulnerability exists in Advantech WebAccess. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5AI score0.0159EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/15 12:0 a.m.•2 views

Google Chrome Heap Corruption (CVE-2020-6455)

A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.2AI score0.01977EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/15 12:0 a.m.•1 views

Google Chrome Use After Free (CVE-2020-6465)

A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5AI score0.0159EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/15 12:0 a.m.•6 views

Google Chrome Heap Corruption (CVE-2020-6383)

A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.2AI score0.0638EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/15 12:0 a.m.•3 views

Google Chrome Use After Free (CVE-2020-6459)

A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5AI score0.0107EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/15 12:0 a.m.•1 views

Google Chrome Heap Corruption (CVE-2020-6466)

A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.1AI score0.0159EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/14 12:0 a.m.•3 views

Google Chrome Use After Free (CVE-2015-1209)

A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to cause a denial of service or execute arbitrary code on the affected system...

7.5CVSS6.1AI score0.02854EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/14 12:0 a.m.•4 views

Tenda Routers Command Injection (CVE-2020-10987; CVE-2018-14558)

A command injection vulnerability exists in Tenda Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS9.6AI score0.79673EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2020/10/14 12:0 a.m.•1 views

Google Chrome Media Cross Origin Bypass (CVE-2020-6420)

A cross origin bypass vulnerability exists in Google chrome. Successful exploitation of this vulnerability can result in information disclosure and execution of active content outside the prescribed context...

6.8CVSS3.1AI score0.01294EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/14 12:0 a.m.•2 views

Google Chrome Audio Use After Free (CVE-2020-6493)

A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.2AI score0.01682EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/13 12:0 a.m.•5 views

Microsoft Windows Remote Desktop Protocol (RDP) Information Disclosure (CVE-2020-16896)

An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

5CVSS7.1AI score0.097EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/13 12:0 a.m.•3 views

Microsoft Windows Spoofing (CVE-2020-16922)

A spoofing vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to impersonate and present itself as a legitimate host...

2.1CVSS6.6AI score0.00786EPSS
Exploits0
Total number of security vulnerabilities13538