Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•5 views

Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-11231)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

9.3CVSS8.7AI score0.07569EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11216)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe Acrobat and Reader improperly processes specially crafted Enhanced Metafile EMF image format files. A remote attacker can exploit this issue by enticing a victim to open a specially...

9.3CVSS8.9AI score0.07742EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-3122)

A Memory Corruption exists in Enhanced Metafile Format. The vulnerability is due to insufficient bounds check while processing EMF file. Attacker can exploit the vulnerability by using the out of bounds access for unintended reads, writes or frees potentially leading to code corruption,...

4.3CVSS7.7AI score0.07449EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11246)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory in a specially crafted JPG file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted JPG file ...

4.3CVSS7.9AI score0.07594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•7 views

Adobe Acrobat and Reader Heap Overflow (APSB17-24: CVE-2017-11220)

A heap overflow vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe processes memory bounds checks. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

9.3CVSS8.9AI score0.14673EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•7 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11227)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to the record component of EMF files. A remote attacker might exploit this issue by convincing a victim to open a specially crafted PDF file...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•6 views

Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-3120)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

9.3CVSS8.7AI score0.09362EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•15 views

Microsoft JET Database Engine Remote Code Execution (CVE-2017-0250)

A buffer overflow vulnerability exists in the Microsoft Jet Database Engine Jet. The vulnerability is due to an error in the way Microsoft JET Database Engine improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim ...

9.3CVSS8AI score0.23659EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11239)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to EMF records component. A remote attacker might exploit this issue by convincing a victim to open a specially crafted EMF file...

4.3CVSS7.9AI score0.07594EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11271)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•7 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11210)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to error while parsing fonts embedded in TTF file. A remote attacker can exploit this vulnerability for unintended reads potentially leading to information leak attack...

4.3CVSS7.9AI score0.11468EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11236)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

4.3CVSS7.9AI score0.09243EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•9 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11268)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•10 views

Adobe Acrobat And Reader Memory Corruption (APSB17-24: CVE-2017-11226)

A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image processing engine when processing JPEG 2000 JP2 code stream data. A remote attacker may exploit this vulnerability by using a crafted JP2 file that contains large values for til...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•8 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11263)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected version of Adobe Reader or Acrobat...

6.8CVSS8.9AI score0.26064EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•5 views

Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-11232)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted EMF file...

4.3CVSS7.7AI score0.07608EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•4 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-3119)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while opening a PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file with Adobe Reader...

6.8CVSS8.9AI score0.06592EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•9 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11209)

An out-of-bounds read vulnerability exists in the XPS component of Adobe Acrobat. The vulnerability is due to improper handling of embedded JPEG images in an XPS document. A remote attacker could exploit this vulnerability by enticing a target user into opening a crafted XPS document...

4.3CVSS7.5AI score0.11468EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•7 views

Adobe Acrobat and Reader Information Disclosure (APSB17-24: CVE-2017-3115)

A Information Disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

4.3CVSS7.4AI score0.05807EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•8 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11238)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted EMF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

4.3CVSS7.9AI score0.07594EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•6 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11212)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...

9.3CVSS8.9AI score0.0885EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•9 views

Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-11219)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

9.3CVSS8.7AI score0.09204EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•11 views

Microsoft Internet Explorer Security Feature Bypass (CVE-2017-8625)

A security feature bypass vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to Internet Explorer fails to validate User Mode Code Integrity UMCI policies. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected...

6.8CVSS8.3AI score0.15257EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•5 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11261)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe Acrobat and Reader improperly processes specially crafted Enhanced Metafile EMF image format files. A remote attacker can exploit this issue by enticing a victim to open a specially...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•9 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11214)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•8 views

Cisco Prime Collaboration Provisioning logconfigtracer.jsp Directory Traversal (CVE-2017-6621)

An information disclosure vulnerability exists in Cisco Prime Collaboration Provisioning. The vulnerability is due to insufficient validation on user supplied paths when a request is sent to logconfigtracer.jsp page. A remote, unauthenticated attacker can exploit this vulnerability by sending a...

5CVSS3.3AI score0.06174EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•13 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-3124)

A memory corruption vulnerability exists in the picture exchange PCX file format parsing module. The vulnerability is due to how the image conversion engine processes picture exchange PCX file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted...

10CVSS8.9AI score0.08301EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•6 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11267)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•8 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11234)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted TIFF file...

9.3CVSS8.8AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•12 views

Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-11235)

An use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted JPEG file...

9.3CVSS8.7AI score0.07973EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•10 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11260)

A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image conversion engine when processing Enhanced Metafile Format EMF private data. A remote attacker may exploit this vulnerability by using the out of bounds access for unintended...

9.3CVSS9AI score0.06918EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•9 views

Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11262)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...

9.3CVSS8.9AI score0.06918EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2017/08/08 12:0 a.m.•10 views

Adobe Acrobat and Reader Security Bypass (APSB17-24: CVE-2017-11229)

A code injection vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to the FDF component of Adobe Reader and Acrobat. A remote attacker might exploit this issue by convincing a victim to open a specially crafted PDF file...

6.8CVSS9.1AI score0.06717EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/07 12:0 a.m.•9 views

Microsoft Windows Performance Monitor XXE Injection Information Disclosure (CVE-2017-0170)

An XML external entity XXE injection vulnerability exists in Windows Performance Monitor component of Microsoft Windows. The vulnerability is due to a failure to properly handle external entity references in XML files...

4.3CVSS8AI score0.06666EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/07 12:0 a.m.•7 views

Phamm helpers.php Cross-Site Scripting (CVE-2017-0378)

A reflected cross-site scripting vulnerability exists in Phamm. The vulnerability is due to insufficient validation of user-supplied input within views/helpers.php. A remote, unauthenticated attacker could exploit this vulnerability by enticing an user to click a maliciously crafted link or open ...

4.3CVSS2.1AI score0.01455EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2017/08/07 12:0 a.m.•6 views

Rpcbind XDR Parsing Memory Exhaustion Denial of Service (CVE-2017-8779)

A resource exhaustion vulnerability exists in rpcbind, within its associated library libtirpc. The vulnerability is due to an unbounded memory leak when parsing XDR strings. A remote attacker could exploit this vulnerability by sending specially crafted RPC messages to the vulnerable server...

7.8CVSS4.4AI score0.81921EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2017/08/06 12:0 a.m.•1 views

Dahua IoT Devices Backdoor Unauthorized Access

An Unauthorized Access Vulnerability exists in Dahua devices. Successful exploitation of this vulnerability could allow a remote attacker to gain administrator level access on the affected device...

5.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/06 12:0 a.m.•7 views

Microsoft Edge AsmJsInterpreter Use After Free (CVE-2017-8603)

A use-after-free vulnerability exists in Microsoft Edge. This vulnerability is due to an error while handling objects in memory when processing HTML and script code. A remote attacker could exploit these vulnerabilities by enticing the target user to open a specially crafted web page...

7.6CVSS7.5AI score0.08891EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/08/01 12:0 a.m.•10 views

ManageEngine Desktop Central Remote Code Execution (CVE-2017-11346)

A remote Code Execution vulnerability exists in ManageEngine Desktop Central. The vulnerability is due to insufficient check of parameter. By sending crafted request ,a remote attacker can place a file under a directory that allows server-side scripts to run...

7.5CVSS3.7AI score0.4327EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2017/07/31 12:0 a.m.•0 views

Microsoft Windows SMB SMBLoris Denial of Service

A memory saturation vulnerability has been reported in Windows NetBIOS Session Service protocol. A remote authenticated or guest attacker could exploit this vulnerability by sending specially crafted requests to the target server. Successful exploitation of this vulnerability results in a denial ...

4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/07/31 12:0 a.m.•18 views

Apache httpd ap_find_token Out of Bounds Read (CVE-2017-7668)

An out-of-bounds read vulnerability exists in Apache HTTP server. This vulnerability is due to improper token list parsing in the apfindtoken function. A remote, unauthenticated attacker could exploit the vulnerability by sending maliciously crafted HTTP request to the affected server...

5CVSS2.7AI score0.57472EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2017/07/31 12:0 a.m.•1 views

Trend Micro SafeSync for Enterprise replace_local_disk Command Injection

A command injection vulnerability exists in Trend Micro's SafeSync for Enterprise. The vulnerability is due to insufficient validation of the user-supplied parameters in replacelocaldisk function. A remote, authenticated attacker could exploit this vulnerability by sending crafted input to the...

4.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/07/30 12:0 a.m.•7 views

FreeRADIUS data2vp_wimax Heap Buffer Overflow (CVE-2017-10984)

A heap-based buffer overflow vulnerability exists in FreeRADIUS. The vulnerability is due to improper handling of the continuation flag in WiMAX attributes. A remote attacker can exploit the vulnerability by sending a crafted RADIUS packet with a malformed WiMAX attribute with the continuation fl...

7.5CVSS3AI score0.18318EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/07/26 12:0 a.m.•4 views

Kaspersky Anti-Virus for Linux File Server getReportStatus Directory Traversal (CVE-2017-9812)

A directory traversal vulnerability exists in Kaspersky Anti-Virus for Linux File Server. The vulnerability is due to a lack of proper validation of a user-supplied path when a request is sent to check the status of a report. A remote, authenticated attacker can exploit this vulnerability by...

5CVSS3.9AI score0.11265EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2017/07/26 12:0 a.m.•16 views

Netgear DGN2200 dnslookup.cgi Command Injection (CVE-2017-6334)

A command injection vulnerability exists in NETGEAR DGN2200 Router. The vulnerability is due to insufficient input validation in the router's web administration. Successful exploitation of this vulnerability could allow a remote attacker with valid login details to execute arbitrary code...

9CVSS5.4AI score0.72199EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2017/07/25 12:0 a.m.•10 views

MediaWiki SyntaxHighlight Option Injection (CVE-2017-0372)

A remote code execution vulnerability has been reported in MediaWiki. The vulnerability is due to improper validation of user data. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request to the target, potentially leading to arbitrary code execution...

7.5CVSS2.6AI score0.11653EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2017/07/25 12:0 a.m.•6 views

ISC BIND RPZ Query Processing Denial of Service (CVE-2017-3140)

A denial-of-service vulnerability has been reported in ISC BIND. The vulnerability is due to a defect that can cause the named service to enter an infinite loop while processing a query and running a specific configuration. A remote, unauthenticated attacker could exploit this vulnerability by...

4.3CVSS3.1AI score0.1213EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2017/07/23 12:0 a.m.•5 views

IPFire ids.cgi OINKCODE Parameter Command Injection (CVE-2017-9757)

A command injection vulnerability exists in the ids.cgi script of IPFire. The vulnerability is due to incorrect handling of the OINKCODE HTTP parameter. A remote authenticated attacker may exploit this vulnerability by sending a crafted request to the vulnerable CGI script...

6.5CVSS1.4AI score0.38498EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/07/23 12:0 a.m.•4 views

Cisco Prime Infrastructure and EPNM multiple functions Cross Site Scripting (CVE-2017-6699)

A reflected cross-site scripting vulnerability has been reported in Cisco Prime Infrastructure and Evolved Programmable Network Manager. The vulnerability is due to insufficient validation of some request parameters in jsp functions. A remote user can exploit this vulnerability by enticing a targ...

4.3CVSS1.2AI score0.0128EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2017/07/23 12:0 a.m.•1 views

Trend Micro SafeSync for Enterprise check_nfs_server_status Command Injection

A command injection vulnerability exists in Trend Micro's SafeSync for Enterprise. The vulnerability is due to insufficient validation of the user-supplied parameters in checknfsserverstatus function. A remote, authenticated attacker could exploit this vulnerability by sending a crafted input to...

4.5AI score
Exploits0
Total number of security vulnerabilities13538