Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2020/10/13 12:0 a.m.•8 views

Microsoft Win32k Elevation of Privilege (CVE-2020-16907)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS8.2AI score0.00984EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/13 12:0 a.m.•6 views

Microsoft Windows TCP/IP Denial of Service (CVE-2020-16899)

A denial-of-service vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.8CVSS7.6AI score0.13348EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/13 12:0 a.m.•4 views

Microsoft Windows TCP/IP Remote Code Execution (CVE-2020-16898)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.8CVSS8.8AI score0.09686EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2020/10/13 12:0 a.m.•6 views

Microsoft Windows Media Foundation H265 Stream Parsing Remote Code Execution (CVE-2020-16915)

A code execution vulnerability exists in Microsoft Windows Media Foundation. The vulnerability is due to improper validation of H265 media files. A remote attacker could exploit the vulnerability by enticing a victim user to open a maliciously crafted media file or open the folder containing the...

6.8CVSS8.4AI score0.07524EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/13 12:0 a.m.•2 views

Microsoft Win32k Elevation of Privilege (CVE-2020-16913)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS8.2AI score0.00984EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/11 12:0 a.m.•3 views

Google Chrome Audio Use After Free (CVE-2020-6427)

A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.2AI score0.02446EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/11 12:0 a.m.•1 views

Typesetter CMS Persistent Cross-Site Scripting

A cross-site scripting vulnerability exists in Typesetter CMS. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/11 12:0 a.m.•0 views

GetSimple CMS Persistent Cross-Site Scripting

A cross-site scripting vulnerability exists in GetSimple CMS. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/10/11 12:0 a.m.•1 views

Google Chrome Audio Use After Free (CVE-2020-6449)

A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.2AI score0.02664EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/11 12:0 a.m.•4 views

SQL Authentication Bypass (CVE-2020-28172)

An SQL authentication bypass is an attack on the login procedure for servers who keep users profile in an SQL form. Successful exploitation of this vulnerability allow a remote attacker to gain unauthorized access to the affected system...

7.5CVSS6AI score0.02986EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/11 12:0 a.m.•5 views

Telmat Remote Code Execution (CVE-2020-16148)

A remote code execution vulnerability exists in Telmat. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.5AI score0.01891EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/11 12:0 a.m.•6 views

Ozeki NG SMS Gateway Arbitrary File Upload (CVE-2020-14022)

An arbitrary file upload vulnerability exists in Ozeki NG SMS Gateway. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.2AI score0.01842EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/11 12:0 a.m.•11 views

FS Thumbtack Clone SQL Injection (CVE-2017-17589; CVE-2017-17576)

An SQL injection vulnerability exists in FS Thumbtack Clone. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.1AI score0.02978EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/10/11 12:0 a.m.•5 views

Aveva eDNA Enterprise SQL Injection (CVE-2020-13499; CVE-2020-13500; CVE-2020-13501)

An SQL injection vulnerability exists in Aveva eDNA Enterprise. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.7AI score0.02912EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2020/10/07 12:0 a.m.•6 views

Grandstream UCM6202 Command Injection (CVE-2020-5722)

A command injection vulnerability exists in Grandstream UCM6202. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS5.7AI score0.83926EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2020/10/07 12:0 a.m.•4 views

Metinfo SQL Injection (CVE-2020-20800)

An SQL injection vulnerability exists in Metinfo. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5AI score0.01507EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/07 12:0 a.m.•6 views

Hoosk CMS Remote Code Execution (CVE-2020-26041)

A remote code execution vulnerability exists in Hoosk CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS4.9AI score0.02756EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/07 12:0 a.m.•5 views

Fortify Software Security Center Command Injection (CVE-2018-12463)

A command injection vulnerability exists in Fortify Security Center. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.8AI score0.13849EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/10/07 12:0 a.m.•6 views

Ozeki SMS Gateway Remote Code Execution (CVE-2020-14026)

A remote code execution vulnerability exists in Ozeki SMS Gateway. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.8AI score0.01732EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/07 12:0 a.m.•6 views

Ozeki NG SMS Gateway Directory Traversal (CVE-2020-14028)

A directory traversal vulnerability exists in Ozeki NG SMS Gateway. Successful exploitation allows unauthenticated remote attackers to disclose or access arbitrary files on the vulnerable server...

9CVSS5.6AI score0.01864EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/07 12:0 a.m.•4 views

Hoosk CMS SQL Injection (CVE-2020-26042)

An SQL injection vulnerability exists in Hoosk CMS. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS4.6AI score0.01159EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/07 12:0 a.m.•3 views

Hoosk CMS Cross Site Scripting (CVE-2020-26043)

A cross-site scripting vulnerability exists in Hoosk CMS. Successful exploitation of this vulnerability could allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS4AI score0.007EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/07 12:0 a.m.•6 views

TP-LINK Cloud Cameras Command Injection (CVE-2020-12109)

A command injection vulnerability exists in TP-LINK Cloud Cameras. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.5AI score0.74338EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2020/10/04 12:0 a.m.•5 views

Stock Management System Project SQL Injection (CVE-2020-24197)

A SQL injection vulnerability exists in Stock Management System Project. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.3AI score0.01426EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/04 12:0 a.m.•4 views

Apple GarageBand Remote Code Execution (CVE-2017-2374)

A remote code execution vulnerability exists in Apple GarageBand. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.7AI score0.01523EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/04 12:0 a.m.•7 views

DLink DIR-615 Cross Site Request Forgery (CVE-2017-7398)

A cross site request forgery vulnerability exists in DLink DIR-615 firmware. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

6.8CVSS5.2AI score0.03006EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/10/04 12:0 a.m.•8 views

JustSystems Ichitaro Buffer Overflow (CVE-2017-2789)

A buffer overflow vulnerability exists in JustSystems Ichitaro. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.5CVSS5.4AI score0.0234EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/10/01 12:0 a.m.•6 views

Mozilla Firefox Remote Code Execution (CVE-2008-1236)

A memory corruption vulnerability exists in Mozilla Firefox. A remote attacker can exploit this vulnerability by persuading the target user to open a malicious webpage. Successful attacks could allow for arbitrary code injection and execution with the privileges of the currently logged on user...

6.8CVSS6.7AI score0.03373EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/09/29 12:0 a.m.•13 views

WordPress File Manager Plugin Remote Code Execution (CVE-2020-25213)

A remote code execution vulnerability exists in WordPress File Manager Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.3AI score0.97328EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2020/09/29 12:0 a.m.•16 views

CutePHP Cutenews Remote Code Execution (CVE-2019-11447)

A remote code execution vulnerability exists in CutePHP CuteNews. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.2AI score0.52901EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2020/09/29 12:0 a.m.•4 views

PHP-Fusion Remote Command Execution (CVE-2020-24949)

A command execution vulnerability exists in PHP-Fusion. Successful exploitation of this vulnerability could allow a remote authenticated attacker to execute arbitrary commands on the affected system...

5.9AI score0.67289EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/09/24 12:0 a.m.•3 views

IBM Spectrum Protect Plus Directory Traversal (CVE-2020-4711)

A directory traversal vulnerability exists in IBM Spectrum Protect Plus. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information from the affected server...

4CVSS5.2AI score0.02606EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/09/24 12:0 a.m.•0 views

Nagios XI command_test.php Command Injection

A command injection vulnerability exists in Nagios XI. This vulnerability is due to insufficient validation of the input parameters in the commandtest.php script...

3.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/09/24 12:0 a.m.•7 views

Verint PTZ Camera Command Injection (CVE-2020-24057)

A command execution vulnerability exists in Verint PTZ Camera. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands as root on the affected system...

9CVSS5.8AI score0.05483EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/09/24 12:0 a.m.•10 views

Oracle WebLogic Insecure Deserialization (CVE-2020-14644)

An insecure deserialization vulnerability exists in Oracle Weblogic. This vulnerability is due to insufficient validation of T3 and IIOP requests...

7.5CVSS3AI score0.94548EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/09/24 12:0 a.m.•7 views

AlienVault OSSIM Remote Code Execution (CVE-2017-6971)

A remote code execution vulnerability exists in AlienVault OSSIM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.9AI score0.16179EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2020/09/24 12:0 a.m.•16 views

Oniguruma Project Memory Corruption (CVE-2017-9226)

A memory corruption vulnerability exists in Oniguruma project oniguruma 6.2.0. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.7AI score0.07511EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/09/22 12:0 a.m.•6 views

Magneto MAGMI Authentication Bypass (CVE-2020-5777)

An authentication bypass vulnerability exists in Magneto MAGMI. Successful exploitation of this vulnerability allow a remote attacker to gain unauthorized access to the affected system...

7.5CVSS5.1AI score0.23897EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/09/22 12:0 a.m.•6 views

Microsoft Office Remote Code Execution (CVE-2017-0261)

A remote code execution vulnerability exists in Encapsulated PostScript EPS of Microsoft Office. The vulnerability is due to the way that Microsoft Office does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing ...

3.3AI score0.7813EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/09/22 12:0 a.m.•7 views

Softdatepro SameDate Pro SQL Injection (CVE-2017-15971)

An SQL injection vulnerability exists in Softdatepro SameDate Pro. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.5AI score0.02028EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2020/09/21 12:0 a.m.•8 views

Cacti color.php SQL Injection (CVE-2020-14295)

A SQL injection vulnerability exists in Cacti. The vulnerability is due to improper sanitization of the filter request parameter in color.php...

6.5CVSS3.3AI score0.8633EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2020/09/21 12:0 a.m.•3 views

Sourcecodetester Daily Tracker System SQL Injection (CVE-2020-24193)

An SQL injection vulnerability exists in Sourcecodetester Daily Tracker System. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.5AI score0.0277EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/09/21 12:0 a.m.•4 views

Pulse Connect Secure Remote Code Execution (CVE-2020-8218)

A remote code execution vulnerability exists in Pulse Connect Secure. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.5CVSS5.2AI score0.32739EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2020/09/21 12:0 a.m.•8 views

Jenkins Stapler Web Framework Code Execution (CVE-2018-1000861)

A remote code execution vulnerability exists in Jenkins Stapler Web Framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.2AI score0.98326EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2020/09/21 12:0 a.m.•10 views

Microsoft Netlogon Elevation of Privilege (CVE-2020-1472)

An elevation of privilege vulnerability exists in Microsoft Netlogon. Successful exploitation of this vulnerability could allow an attacker to run arbitrary code with elevated privileges...

9.3CVSS4.6AI score0.99512EPSS
Exploits75
Check Point Advisories
Check Point Advisories
•added 2020/09/21 12:0 a.m.•2 views

Verint PTZ Camera Stack Overflow

A buffer overflow vulnerability exists in Verint PTZ Camera. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

5.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2020/09/21 12:0 a.m.•4 views

Microsoft Internet Explorer Memory Corruption (CVE-2015-2419)

A remote code execution vulnerability exists in the way that the JScript engine, when rendered in Internet Explorer, handles objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer...

9.3CVSS4.3AI score0.44537EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2020/09/21 12:0 a.m.•4 views

Microsoft Exchange Memory Corruption (CVE-2020-16875)

A memory corruption vulnerability exists in Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS8.1AI score0.47145EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2020/09/21 12:0 a.m.•5 views

OpenSIS SQL Injection (CVE-2020-6637; CVE-2020-6137; CVE-2020-6138; CVE-2020-6139; CVE-2020-6140; CVE-2020-6141)

An SQL injection vulnerability exists in OpenSIS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.4AI score0.20058EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2020/09/16 12:0 a.m.•15 views

Fortinet FortiOS Cross-Site Scripting (CVE-2017-14186)

A cross-site scripting vulnerability exists in Fortinet fortios x under 5.0. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

3.5CVSS4.7AI score0.03718EPSS
Exploits2
Total number of security vulnerabilities13538