203 matches found
CVE-2022-23745 - Memory corruption issue in Capsule Workspace on Android mobile devices
Symptoms A potential memory corruption issue was found in Capsule Workspace Android app running on GrapheneOS. This could result in application crashing but could not be used to gather any sensitive information. This issue was discovered and responsibly disclosed by Gabe Flawedworld and received ...
Check Point Response to CVE-2016-0728 kernel: Possible use-after-free vulnerability in keyring facility
...
Check Point response to Sockstress TCP DoS attacks (CVE-2008-4609)
...
CVE-2026-48135 - HTTP service can incorrectly process malformed HTTP requests
Cause An input-handling issue in the HTTP request processing path. Symptoms - A Check Point HTTP-based service, such as Mobile Access Portal or Identity Awareness Portals except for Captive Portal, can incorrectly handle malformed HTTP requests. Gaia Portal is not affected by this issue. - The...
Check Point Response to CVE-2022-23744 - Use of unprotected registry change to disable Endpoint protection
Symptoms - Check Point Endpoint Security Client before version E86.50 fails to protect against specific registry change, allowing a local administrator to disable endpoint protection. This issue was discovered and responsibly disclosed by Erwin Chan and received ID CVE-2022-23744. Solution This...
Check Point response to Apache CVEs - November 2021 for httpd versions between 2.4.41 and 2.4.51
Solution In November 2021, Apache open source published CVEs for httpd versions between 2.4.41 and 2.4.51 see the list of the CVEs in the "Cause" section. Check Point uses the Apache HTTP Server as the Web server for several of its user portals on both the Security Gateway Gaia Portal, Identity...
Check Point Response to CVE-2015-0204 - TLS FREAK Attack
Symptoms - On Tuesday, March 3, 2015, researchers disclosed a new SSL/TLS vulnerability - the FREAK attack. The vulnerability allows attackers to intercept HTTPS connections between vulnerable clients and vulnerable servers and force them to use the "export-grade" cryptography, which can then be...
Check Point response to TCP reassembly vulnerability (CVE-2014-3000; FreeBSD-SA-14:08.tcp)
...
Check Point Response to CVE-2019-8461 - Endpoint Security Initial Client
...
Check Point response to SegmentSmack (CVE-2018-5390) and FragmentSmack (CVE-2018-5391)
...
Check Point response to NTP "panic threshold" Bypass Vulnerability (CVE-2015-5300)
...
Blocking NTP access on Gaia OS / IPSO OS (CVE-2013-5211)
...
Check Point response to OpenSSL ASN1 BIO vulnerability (CVE-2012-2110, CVE-2012-2131)
...
Check Point response to Linux NULL pointer dereference vulnerability (CVE-2009-2692)
...
Check Point response to DNS poisoning vulnerability CVE-2008-1447
...
OpenSSL Vulnerability CVE-2007-4995
...
Check Point response to CVE-2015-3456 (VENOM)
Symptoms - A vulnerability in the virtual floppy drive code was discovered CVE-2015-3456. Solution The relevant fix for Threat Emulation gateway is already available and has been integrated in Threat Emulation engine version 24.990000010 refer to sk95235. Any Threat Emulation engine version that ...
Check Point response to the POODLE Bites vulnerability (CVE-2014-3566)
...
Check Point response to GnuTLS certificate verification vulnerability (CVE-2014-0092)
...
Check Point response to OpenSSL CVE-2012-0884
...
Check Point response to "DoS through hash table against Web Application Platforms" (CVE-2011-4838)
...
Check Point response to NET-SNMP vulnerability CVE-2008-0960
...
Check Point response to OpenSSL vulnerability CVE-2006-3738
...
Check Point Response to CVE-2019-14899 (Inferring and hijacking VPN-tunneled TCP connections)
...
Check Point's response to Oracle Java Floating-Point Value Denial of Service Vulnerability (CVE-2010-4476)
Symptoms Oracle Java Runtime Environment is prone to a remote denial-of-service vulnerability. Successful attacks will cause applications written in Java to hang, creating a denial-of-service condition. For more details please refer to Oracle Security Alert for CVE-2010-4476. All versions of...
Check Point response to Linux kernel 2.6 with IPv6 support DoS vulnerability (CVE-2010-1188)
...
Check Point response to Phrack article "Exploiting TCP Persist Timer Infiniteness" (CVE-2009-1926, VU#723308)
...
Check Point Response to CVE-2022-23742 - local privileges escalation in Endpoint Security Client's EFRService
Symptoms - The EFRService, which collects forensics data for various blades for the Check Point Endpoint Security Client for Windows, copies files for forensics reports from a directory with insufficient privileges. A local attacker can replace those files with malicious or linked content, which...
Check Point response to "VPN-1 PAT information disclosure" vulnerability (CVE-2008-5849)
...
OpenSSL CVE-2006-4339 8732 vulnerability Fix
...
Check Point Response to CVE-2021-3156 - sudo Privilege Escalation
Symptoms - CVE-2021-3156 states: "Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character." - For more information, refer to https://www.sudo.ws/stable.html1.9.5p2 Solutio...
Check Point response to vulnerability in ISC BIND (CVE-2009-4022) on UTM-1 Edge
...
Check Point response to CVE-2009-1385
...
Check Point response to ISC DHCP dhclient buffer overflow vulnerability (CVE-2009-0692)
...
Check Point response to Integer Overflow Vulnerability in GNU C Library (CVE-2007-3508)
...
Check Point response to Apache HTTP CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477, CVE-2024-39573, CVE-2024-39884
Symptoms - These issues were reported in the Apache HTTP Server version 2.4.60 and lower: 1. CVE-2024-38473 - Apache HTTP Server: proxy encoding problem 2. CVE-2024-38474 - Apache HTTP Server: weakness with encoded question marks in backreferences 3. CVE-2024-38475 - Apache HTTP Server: weakness...
Check Point response to ISC BIND 9 DoS vulnerability (CVE-2009-0696)
...
Check Point response to NET-SNMP vulnerability CVE-2007-5846
...
Check Point response to OpenSSL vulnerability CVE-2007-3108
...
CA Products Anti-Virus Engine CAB File Handling Vulnerabilities (CVE-2007-2863, CVE-2007-2864)
...
Check Point response to "libcrypt 'crypt()' Password Encryption Weakness" (CVE-2012-2143)
...
CVE-2026-48132 - VPN service may restart unexpectedly when processing IKE traffic over NAT-T 4500/UDP
Symptoms - The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption o...
Check Point Response to CVE-2025-3831 - Exposed SFTP server
Cause The agent used a shared SFTP key embedded in the software to upload diagnostic logs. The key was granted permission to read and list files on the server, rather than restricted to upload-only access. As a result, anyone possessing the key could access log files uploaded by other customers...
Anti-Spoofing might be enforced incorrectly in specific scenarios on R75.47 Security Gateway
...
Check Point response to SecuRemote Topology Service Hostname Disclosure
...
CVE-2026-50751 - User Authentication bypass on VPN Remote Access and Mobile Access in deprecated IKEv1 key exchange
Symptoms - An attacker can bypass user authentication by exploiting a logic flow weakness in the Remote Access and Mobile Access certificate validation and establish a remote access VPN connection without a valid user password. Check Point is aware of this vulnerability being exploited in the wil...
Check Point Response to CVE-2024-6387 - OpenSSH Library RCE
Cause A security regression CVE-2006-5051 was discovered in the OpenSSH server sshd version 8.5p1. There is a race condition, which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time...
Local Privilege Escalation in Check Point Endpoint Security Remediation Service
Symptoms - This vulnerability allows local attackers to escalate privileges on affected installations of Check Point Harmony Endpoint / ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...
Check Point's response to PHP Floating-Point Value Denial of Service Vulnerability (CVE-2010-4645)
...
Check Point response to Vulnerabilities in Visual Studio Active Template Library (MS09-035)
...