Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•2 views

Microsoft Edge Memory Corruption (CVE-2018-8236)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS7.9AI score0.13411EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•5 views

Microsoft Windows Desktop Bridge Elevation of Privilege (CVE-2018-8214)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.9CVSS7.9AI score0.03305EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•3 views

Microsoft Win32k Elevation of Privilege (CVE-2018-8233)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2CVSS8AI score0.01317EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (CVE-2018-8249)

A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS7.8AI score0.13856EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•3 views

Microsoft Windows Desktop Bridge Elevation of Privilege (CVE-2018-8208)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.9CVSS7.9AI score0.03152EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•3 views

Microsoft HIDParser Elevation of Privilege (CVE-2018-8169)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.9CVSS7.7AI score0.01089EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•3 views

Microsoft Edge Memory Corruption (CVE-2018-8110)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS7.9AI score0.15214EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•2 views

Adobe Flash Player Integer Overflow (APSB18-19: CVE-2018-5000)

An integer overflow vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.3CVSS5.3AI score0.14491EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•20 views

Microsoft Edge Memory Corruption (CVE-2018-8111)

A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS7.9AI score0.15214EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•3 views

Microsoft Excel Remote Code Execution (CVE-2018-8248)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.9AI score0.20088EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•3 views

Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2018-8267)

A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS8.1AI score0.15823EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•4 views

Adobe Flash Player Out-of-bounds read (APSB18-19: CVE-2018-5001)

A out of bounds read vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

4.3CVSS2.9AI score0.13346EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•6 views

Microsoft Windows DNSAPI Remote Code Execution (CVE-2018-8225)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS8.4AI score0.22257EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•7 views

Microsoft NTFS Elevation of Privilege (CVE-2018-1036)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.9CVSS7.7AI score0.0106EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•4 views

Microsoft Media Foundation Memory Corruption (CVE-2018-8251)

A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6CVSS8.1AI score0.07411EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/12 12:0 a.m.•3 views

Adobe Flash Player Type Confusion (APSB18-19: CVE-2018-4945)

A type confusion vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.6AI score0.06812EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/07 12:0 a.m.•4 views

Adobe Flash Player Buffer Overflow (CVE-2018-5002)

A buffer overflow vulnerability exists in Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

10CVSS5AI score0.25353EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/06/06 12:0 a.m.•22 views

ZIP Slip Arbitrary File Overwrite Remote Code Execution (CVE-2018-1002200; CVE-2018-1002201; CVE-2018-1002203; CVE-2018-1002204; CVE-2018-1002205; CVE-2018-1002206; CVE-2018-1002207; CVE-2018-1261; CVE-2018-8008; CVE-2018-8009; CVE-2021-43555)

A file overwrite vulnerability exist in archive formats. To trigger this issue, an attacker may create a malicious archive that will exploit this vulnerability. Successful exploitation of this vulnerability would allow a remote attacker to overwrite arbitrary files on the vulnerable system and...

6.8CVSS4.4AI score0.37986EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2018/06/03 12:0 a.m.•1 views

Samba Printer Server spoolss Denial Of Service (CVE-2018-1050)

A Denial Of Service vulnerability exists in Samba Printer Service. The vulnerability is due to improper validation of user input...

3.3CVSS3.3AI score0.06691EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/30 12:0 a.m.•4 views

Quagga aspath_put BGP Session Drop Denial of Service (CVE-2017-16227)

A denial-of-service vulnerability exists in Quagga. The vulnerability is due to an improper calculation of ASPATH. A remote attacker can exploit this vulnerability by sending a specially crafted request to the affected service. Successful exploitation would cause the target to crash, resulting in...

5CVSS3.7AI score0.1879EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/30 12:0 a.m.•22 views

Apache httpd FilesMatch Directive Security Restriction Bypass (CVE-2017-15715)

A security policy bypass vulnerability exists in Apache httpd. A remote attacker can exploit this vulnerability by sending a HTTP request with crafted URI to the remote HTTP server. Successful exploitation could result security policy bypass and arbitrary file upload...

6.8CVSS1.2AI score0.86006EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/29 12:0 a.m.•0 views

D-Link DSL-2750B Remote Command Execution

A remote code execution vulnerability has been reported in D-Link DSL-2750B routers. Successful exploitation could lead to arbitrary code execution on the vulnerable device...

6.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/29 12:0 a.m.•2 views

TP-Link TL-WR840N/TL-WR841N Authentication Bypass

An authentication bypass vulnerability exists in TP-Link WR840N and TL-WR841N routers. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

6.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/28 12:0 a.m.•0 views

Squid Proxy ESI Response Processing Denial of Service v2

A denial-of-service vulnerability exists in Squid Proxy. The vulnerability is due to incorrect pointer handling when processing ESI responses...

2.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/28 12:0 a.m.•24 views

Linksys WVBR0-25 Command Injection (CVE-2017-17411)

A command injection vulnerability exists in Linksys WVBR0-25. The vulnerability is due to insufficient input validation in the router's web management portal. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS5.5AI score0.87929EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2018/05/27 12:0 a.m.•0 views

Netgear DGN2200B Cross-Site Scripting

A cross-site scripting vulnerability has been reported in Netgear DGN2200B routers. Successful exploitation will result in the attacker-controlled script code being executed in the target user's browser in the context of the affected machine...

3.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/27 12:0 a.m.•3 views

Dell EMC VMAX Virtual Appliance Manager Directory Traversal Remote Code Execution (CVE-2018-1215)

A directory traversal vulnerability exists in Dell EMC VMAX Virtual Appliance vApp. The vulnerability is due to improper handling of user-supplied requests for file uploads. Successful exploitation of this vulnerability could lead to arbitrary code execution...

9CVSS5.3AI score0.04362EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/27 12:0 a.m.•2 views

Adobe Acrobat and Reader Client Side Request Injection (APSB18-09: CVE-2018-4995)

A Security Bypass vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

7.5CVSS8.6AI score0.08008EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/27 12:0 a.m.•6 views

Apache Tika Chmparser Denial Of Service (CVE-2018-1339)

A denial-of-service vulnerability exists in Apache Tika. The vulnerability is due to improper handling of a Microsoft Compiled HTML Help file during enumerating its listing chunks...

4.3CVSS2.3AI score0.02648EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/27 12:0 a.m.•15 views

Apache httpd mod_cache_socache Denial of Service (CVE-2018-1303)

A denial-of-service vulnerability exists in Apache httpd. The vulnerability is due to improper validation of the headers in HTTP requests...

5CVSS2.3AI score0.70783EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/27 12:0 a.m.•2 views

Squid Proxy Denial of Service (CVE-2018-1172; CVE-2018-1000027)

A denial of service vulnerability exists in Squid Proxy. Successful exploitation of this vulnerability would allow remote attackers to cause denial of service on the affected system...

5CVSS6AI score0.13149EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/27 12:0 a.m.•2 views

NetGain Systems Enterprise Manager snmpwalk ip Directory Traversal (CVE-2017-16598)

A directory traversal vulnerability exists in NetGain Systems Enterprise Manager. The vulnerability is due to an improper input validation. Successful exploitation could lead to arbitrary code execution...

6.5CVSS5AI score0.04123EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/27 12:0 a.m.•8 views

QNAP QTS Remote Command Injection (CVE-2013-0143)

Remote command injection vulnerabilities exist in QNAP QTS. A remote attacker can exploit these weaknesses to execute arbitrary commands in the affected devices via a crafted request...

6.5CVSS6AI score0.06965EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/24 12:0 a.m.•1 views

NETGEAR DGN2200 Remote Code Execution (CVE-2017-5521; CVE-2017-6077)

A remote code execution vulnerability has been reported in NETGEAR DGN2200 routers. Successful exploitation could lead to arbitrary code execution...

10CVSS5.7AI score0.89294EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2018/05/24 12:0 a.m.•5 views

Netgear WNDR4700 Router Authentication Bypass (CVE-2013-3071)

An authentication bypass vulnerability exists in Netgear WNDR4700 routers. This allows remote attackers to perform administrative actions without authentication...

7.5CVSS6AI score0.0215EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/24 12:0 a.m.•1 views

VPNFilter Client Malicious Self-Signed Certificate

VPNFilter is multi-stage malware that infects certain routers. It uses a custom SSL certificate in order to download data required to proceed to the second stage of the infection. Successful exploitation may lead to the device being compromised...

4.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/24 12:0 a.m.•8 views

NETGEAR WNR2000 Authentication Bypass (CVE-2016-10176)

An authentication bypass vulnerability exists in NETGEAR WMR2000 Routers. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

7.5CVSS5.9AI score0.77426EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2018/05/21 12:0 a.m.•5 views

Red Hat Linux DHCP Client Command Injection (CVE-2018-1111)

A remote command execution vulnerability exists in DHCP client implementation of Red Hat Linux. A remote attacker could exploit this vulnerability by sending a malicious request to the victim. Successful exploitation of this vulnerability can result in the execution of arbitrary code in the conte...

7.9CVSS3.4AI score0.94457EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2018/05/17 12:0 a.m.•3 views

Quest NetVault Backup Multipart Request Authentication Bypass (CVE-2018-1163)

An authentication bypass vulnerability exists in the web interface component of Quest NetVault Backup. The vulnerability is due to how the server handles the HTTP requests...

10CVSS1.2AI score0.16331EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/17 12:0 a.m.•5 views

Cisco Prime File Upload Servlet Remote Code Execution (CVE-2018-0258)

A remote code execution vulnerability has been reported in Cisco Prime File Upload Servlet. This is due to improper input validation of the parameters in the HTTP request and a processing error in the role-based access control RBAC of URLs. A remote attacker could exploit this vulnerability by...

10CVSS9.7AI score0.49867EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/16 12:0 a.m.•1 views

OpenPGP and S/MIME eFail Information Disclosure

An information disclosure vulnerability exists in OpenPGP and S/MIME. Successful exploitation would allow the attacker to decrypt the traffic and obtain or modify sensitive information...

2.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/15 12:0 a.m.•2 views

Electron NodeIntegration Remote Code Execution (CVE-2018-1000136)

A remote code execution vulnerability exists in Electron. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.7AI score0.04778EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2018/05/15 12:0 a.m.•7 views

Adobe Flash Player Matrix3D Integer Overflow Remote Code Execution (APSB12-19: CVE-2012-5054)

A remote code execution vulnerability exists in Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.3AI score0.21194EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2018/05/14 12:0 a.m.•1 views

Opera Browser Content Length Buffer Overflow (CVE-2010-1349)

A buffer overflow vulnerability exists in Opera Browser. The vulnerability is due to a boundary error in the way the browser processes HTTP server replies. Remote attackers could exploit this vulnerability by persuading a target user to connect to an attacker-controlled HTTP server with a...

10CVSS6.7AI score0.19792EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2018/05/14 12:0 a.m.•3 views

FreeBSD Routed Daemon Routing Information Protocol Assertion Failure (CVE-2015-5674)

A Routing Information Protocol Assertion Failure vulnerability exists in the FreeBSD. The vulnerability is caused due to improper handling of crafted requests. A remote attacker can exploit this vulnerability by sending crafted packets through the router...

4CVSS1.6AI score0.02649EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/14 12:0 a.m.•6 views

HPE Operations Orchestration backwards-compatibility beanutils Insecure Deserialization (CVE-2017-8994)

An insecure deserialization vulnerability exists in HPE Operations Orchestration. The vulnerability is due to the incomplete fix for deserialization of untrusted data in backwards-compatibility servlets...

7.5CVSS2.3AI score0.0984EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/14 12:0 a.m.•4 views

Apache Solr Data Import Handler XML External Entity Expansion Information Disclosure (CVE-2018-1308)

An XML external entity expansion vulnerability has been reported in Apache Solr. The vulnerability is due to improper handling of XML external entities in XML content submitted to the DataImportHandler. A remote attacker can exploit this vulnerability by submitting a crafted request to the target...

5CVSS1AI score0.20937EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/14 12:0 a.m.•5 views

VMware VNC VMWDynResolution Heap Buffer Overflow (CVE-2017-4933)

A heap buffer overflow vulnerability exists in the VNC component of VMware. The vulnerability is due to an error in processing VMWDynResolution requests...

6CVSS8.7AI score0.03571EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2018/05/14 12:0 a.m.•4 views

Mozilla Firefox Vorbis Audio Residue Codebook Out of Bounds Write (CVE-2018-5146)

An out of bounds write vulnerability exists in Mozilla Firefox. The vulnerability is due to insufficient handling of residue codebooks in Vorbis audio data...

6.8CVSS1.4AI score0.12054EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2018/05/14 12:0 a.m.•3 views

NetGain Systems Enterprise Manager misc.sample_jsp type Directory Traversal (CVE-2017-16599)

A directory traversal vulnerability exists in NetGain Systems Enterprise Manager. The vulnerability is due to an input validation while processing type parameter in org.apache.jsp.u.jsp.reports.templates.misc.samplejsp servlet...

4CVSS3.7AI score0.03027EPSS
Exploits0
Total number of security vulnerabilities13538