Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkpoint check point vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-8461
Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location a...
Checkpoint Capsule Docs Standalone Client
Checkpoint Remote Access Clients
Checkpoint Endpoint Security
7.8
CVSSv3
CVE-2019-8452
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with li...
Checkpoint Endpoint Security
Checkpoint Zonealarm
1 EDB exploit
7.8
CVSSv3
CVE-2018-8790
Check Point ZoneAlarm version 15.3.064.17729 and below expose a WCF service that can allow a local low privileged user to execute arbitrary code as SYSTEM.
Checkpoint Zonealarm
7.8
CVSSv3
CVE-2008-0662
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing t...
Checkpoint Vpn-1 Secureclient Ngx R60
Checkpoint Vpn-1 Secureclient Ngai R56
7.5
CVSSv3
CVE-2019-8463
A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations.
Checkpoint Endpoint Security Clients
7.5
CVSSv3
CVE-2019-8462
In a rare scenario, Check Point R80.30 Security Gateway before JHF Take 50 managed by Check Point R80.30 Management crashes with a unique configuration of enhanced logging.
Checkpoint Security Gateway R80.30
7.1
CVSSv3
CVE-2019-8455
A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
Checkpoint Zonealarm
7
CVSSv3
CVE-2019-8454
A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the ...
Checkpoint Endpoint Security
6.7
CVSSv3
CVE-2021-30361
The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS.
Checkpoint Gaia Portal
Checkpoint Gaia Os -
6.5
CVSSv3
CVE-2020-6014
Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution wit...
Checkpoint Endpoint Security
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »