Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2017/08/17 12:0 a.m.•12 views

Firefox SVG Cross-Domain Cookie Setting (CVE-2016-9078)

A cross-domain Cookie vulnerability exists in Firefox. The vulnerability is due to the way that Firefox handles Cookie creation. A successful attack could lead to a execution of arbitrary code on the affected system...

6.8CVSS2.4AI score0.01884EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/08/17 12:0 a.m.•9 views

Trend Micro OfficeScan Proxy.php Command Injection (CVE-2017-11394)

A command injection vulnerability exists in Trend Micro's OfficeScan. The vulnerability is due to improper validation of HTTP parameters within the Proxy.php script. A remote, authenticated attacker could exploit the vulnerability by sending a crafted request to the vulnerable system...

10CVSS1.9AI score0.66774EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/08/16 12:0 a.m.•7 views

Microsoft Edge Use After Free (CVE-2017-8652)

A use-after-free vulnerability exists in Microsoft Edge. The vulnerability is due to improper access of objects in memory. A remote attacker can exploit this vulnerability by enticing a victim to open a maliciously crafted web page...

4.3CVSS6.3AI score0.22937EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2017/08/15 12:0 a.m.•10 views

Mitsubishi Electric E-Designer SetupAlarm Font Stack Buffer Overflow (CVE-2017-9638)

A stack-based buffer overflow vulnerability exists in Mitsubishi's Electric E-Designer. The vulnerability is due to the missing input validation of the Font property of SetupAlarm section of the .mpa project file. A remote attacker can exploit this vulnerability by enticing a user to visit a...

10CVSS3.6AI score0.03636EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/15 12:0 a.m.•17 views

HPE Intelligent Management Center dbman RestoreDBase Command Injection (CVE-2017-5817; CVE-2017-5819)

A command injection vulnerability exists in the dbman component of HPE Intelligent Management Center. The vulnerability exists due to missing validation of user-provided parameters when handling RestoreDBase commands for MSSQL and MySQL databases. A remote, unauthenticated attacker can exploit th...

10CVSS2.7AI score0.82877EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2017/08/14 12:0 a.m.•1 views

McAfee SaaS Remote Command Execution

A Remote Command Execution exists in McAfee Security-as-a-Service SaaS. The vulnerability is due to a fail in parameter check. Successful exploitation may cause a remote code execution...

3.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/14 12:0 a.m.•4 views

Dell Storage Manager EmWebsiteServlet Directory Traversal (CVE-2017-10949)

An information disclosure vulnerability exists in the Dell Storage Manager. The vulnerability is due to an input validation error in doGet method of the EmWebsiteServlet servlet. A remote, unauthenticated attacker could exploit the vulnerability by sending crafted packets to the target system...

5CVSS3.4AI score0.054EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/14 12:0 a.m.•8 views

Trend Micro Control Manager cmdHandlerLicenseManager SQL Injection (CVE-2017-11384)

An SQL injection vulnerability exists in Trend Micro Control Manager. The vulnerability is due to improper validation of the user-supplied input for cmdHandlerLicenseManager.dll. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to the target server...

7.5CVSS3.1AI score0.3874EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/13 12:0 a.m.•10 views

Nitro Pro PDF Reader JavaScript API Remote Code Execution (CVE-2017-7442)

A Remote Code Execution Vulnerability exists in JavaScript API of Nitro and Nitro Pro PDF Reader. The vulnerability is due to the use of trusted function which provides certain privileges that allows overwriting objects. A remote attacker can exploit this vulnerability by enticing the user to ope...

6.8CVSS3.3AI score0.40692EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2017/08/13 12:0 a.m.•4 views

Trend Micro SafeSync for Enterprise dead_local_device Command Injection

A command injection vulnerability exists in Trend Micro's SafeSync for Enterprise. The vulnerability is due to insufficient validation of the user-supplied parameters in the deadlocaldevice function. A remote, authenticated attacker could exploit this vulnerability by sending a crafted request to...

4.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/10 12:0 a.m.•29 views

Nginx ngx_http_range_filter_module Integer Overflow (CVE-2017-7529)

An integer overflow vulnerability exists in Nginx. The vulnerability is due to insufficient validation of requested byte ranges...

5CVSS3.9AI score0.62597EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2017/08/10 12:0 a.m.•6 views

PHP gdImageCreateFromGifCtx Out of Bounds Read (CVE-2017-7890)

An out of bounds read vulnerability exists in PHP. The vulnerability is due to improper handling of objects in memory within the gdImageCreateFromGifCtx function of gdgifin.c. A remote attacker could exploit this vulnerability by supplying a crafted image file to an application using the affected...

4.3CVSS1.7AI score0.03418EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/10 12:0 a.m.•6 views

HPE Intelligent Management Center Imcwlandm Stack Buffer Overflow (CVE-2017-5804; CVE-2017-5805)

An integer underflow vulnerability exists in HPE Intelligent Management Center. The vulnerability is due to improper validation of the size field when parsing data. A remote, unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted packet to the target server...

10CVSS5.4AI score0.22622EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/09 12:0 a.m.•1 views

Suspicious Credential Harvesting

Compromised websites injected with malicious JavaScript, have been identified. Successful exploitation could result in remote code execution on the target system once the malicious page is loaded, leading to credential harvesting...

2.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/09 12:0 a.m.•13 views

Apache Struts 2 Content-Disposition Remote Code Execution (CVE-2017-5638)

A remote code execution vulnerability exists in the Apache Struts2 using Jakarta multipart parser. An attacker could exploit this vulnerability by sending an invalid content-disposition as part of a file upload request. Successful exploitation could result in execution of arbitrary code on the...

10CVSS5.8AI score0.99999EPSS
Exploits44
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•5 views

Adobe Acrobat and Reader Security Bypass (APSB17-24: CVE-2017-3118)

A Security Bypass vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

4.3CVSS7.7AI score0.0889EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•1 views

Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-11254)

A use-after-free vulnerability exists in Adobe Acrobat and Acrobat Reader. The vulnerability is dueto an error while processing addAnnot method. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted document...

6.8CVSS8.7AI score0.08128EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•3 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11249)

A Memory Corruption vulnerability exists in Enhanced Metafile Format. The vulnerability is due to an error in the way Adobe Acrobat and Reader parses EMF files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted EMF file...

4.3CVSS7.6AI score0.07594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•3 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11242)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe Acrobat and Reader improperly processes specially crafted Enhanced Metafile EMF image format files. A remote attacker can exploit this issue by enticing a victim to open a specially...

4.3CVSS7.9AI score0.06967EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•2 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11258)

A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image conversion engine when processing Enhanced Metafile Format EMF private data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended...

4.3CVSS8.1AI score0.07594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•2 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11233)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. the vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...

4.3CVSS7.9AI score0.07594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•25 views

Adobe Flash Player Security Bypass (APSB17-23: CVE-2017-3085)

A security bypass vulnerability exists in Adobe Flash Player. The vulnerability is due to insufficient redirection checks when performing URL redirect. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

4.3CVSS2.8AI score0.04478EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•10 views

Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-3113)

A Use After Free vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

9.3CVSS8.7AI score0.09362EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-3116; CVE-2017-11237)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

9.3CVSS8.9AI score0.08129EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•2 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11255)

A memory corruption vulnerability exists in TIFF files. The vulnerability is due to how the image conversion engine processes TIFF files. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted TIFF file...

4.3CVSS7.9AI score0.07594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•6 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11243)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

4.3CVSS7.8AI score0.07594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•10 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-3123)

A Memory Corruption exists in Enhanced Metafile Format. The vulnerability is due to insufficient bounds check while processing EMF file. Attacker can exploit the vulnerability by using the out of bounds access for unintended reads, writes or frees potentially leading to code corruption,...

9.3CVSS8.9AI score0.14365EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•7 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11228)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to code stream specification components. A remote attacker might exploit this issue by creating an incomplete code stream which can cause memory corruption...

9.3CVSS9.1AI score0.07069EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•9 views

Adobe Acrobat And Reader Memory Corruption (APSB17-24: CVE-2017-11259)

A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image conversion engine when processing Enhanced Metafile Format EMF private data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended...

9.3CVSS9AI score0.12787EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•9 views

Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-11256)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how Adobe processes XFA layout. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file with Adobe Reader...

9.3CVSS8.8AI score0.07569EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•3 views

Adobe Acrobat and Reader Heap Overflow (APSB17-24: CVE-2017-11241)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. the vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...

9.3CVSS8.9AI score0.14673EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•3 views

Adobe Flash Player Type Confusion (APSB17-23: CVE-2017-3106)

A type confusion overflow vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

9.3CVSS5AI score0.22311EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•7 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11245)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while processing Enhanced Metafile Format EMF data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended reads, write...

4.3CVSS8.1AI score0.07594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•7 views

Adobe Acrobat and Reader Heap Overflow (APSB17-24: CVE-2017-11211)

A Heap Overflow vulnerability exists in Adobe Reader and Acrobat. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted image file with Adobe Reader and Acrobat...

9.3CVSS8.7AI score0.27071EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•2 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11248)

A Memory Corruption vulnerability exists in Enhanced Metafile Format. The vulnerability is due to an error in the way Adobe Acrobat and Reader parses EMF files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted EMF file...

4.3CVSS7.6AI score0.07594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11222)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe processes embedded RPC data. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11244)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while processing Enhanced Metafile Format EMF data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended reads, write...

4.3CVSS8.1AI score0.10067EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•3 views

Adobe Acrobat and Reader Heap Overflow (APSB17-24: CVE-2017-3121)

A Heap Overflow vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted EMF file...

9.3CVSS8.4AI score0.08129EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•7 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11217)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe Acrobat and Reader improperly processes specially crafted Enhanced Metafile EMF image format files. A remote attacker can exploit this issue by enticing a victim to open a specially...

4.3CVSS7.9AI score0.08396EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11252)

A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

4.3CVSS7.9AI score0.07594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•9 views

Adobe Acrobat And Reader Use After Free (APSB17-24: CVE-2017-11223)

A use after free vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to a freed memory area being reused by another object. This provides a remote attacker with an unintended memory access -- potentially leading to code corruption, control-flow hijack, or information leak...

9.3CVSS9.2AI score0.09523EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•7 views

Adobe Acrobat and Reader Type Confusion (APSB17-24: CVE-2017-11257)

A type confusion overflow vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how Adobe processes XFA layout. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

9.3CVSS8.8AI score0.08422EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•10 views

Adobe Acrobat And Reader Use After Free (APSB17-24: CVE-2017-11224)

A use after free vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to a freed memory area being reused by another object. This provides a remote attacker with an unintended memory access -- potentially leading to code corruption, control-flow hijack, or information leak...

9.3CVSS9.2AI score0.09204EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•5 views

Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-11218)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

9.3CVSS8.7AI score0.09523EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11230)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how Adobe processes JPEG format. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file with Adobe Reader...

4.3CVSS7.9AI score0.10067EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•8 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11270)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•6 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11269)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11265)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected version of Adobe Reader or Acrobat...

4.3CVSS7.9AI score0.07594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•3 views

Adobe Acrobat and Reader Type Confusion (APSB17-24: CVE-2017-11221)

A type confusion overflow vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe processes font locations. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

9.3CVSS8.8AI score0.0887EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•3 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11251)

A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
Total number of security vulnerabilities13538