Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkpoint endpoint security vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-8461
Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location a...
Checkpoint Capsule Docs Standalone Client
Checkpoint Remote Access Clients
Checkpoint Endpoint Security
3.5
CVSSv2
CVE-2019-8458
Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Poi...
Checkpoint Endpoint Security Clients
Checkpoint Remote Access Clients
Checkpoint Capsule Docs
7.5
CVSSv2
CVE-2019-8459
Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one.
Checkpoint Jumbo Hotfix For Endpoint Security Server
Checkpoint Endpoint Security Server Package
Checkpoint Smartconsole For Endpoint Security Server
Checkpoint Smartconsole For Endpoint Security Server E80.83
Checkpoint Endpoint Security Clients
Checkpoint Remote Access Clients
Checkpoint Capsule Docs Standalone Client
6.9
CVSSv2
CVE-2019-8454
A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the ...
Checkpoint Endpoint Security
4.6
CVSSv2
CVE-2019-8452
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with li...
Checkpoint Endpoint Security
Checkpoint Zonealarm
1 EDB exploit
4.3
CVSSv2
CVE-2013-7304
Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does not configure X.509 certificate validation for client devices, which allows man-in-the-middle malicious users to spoof SSL servers by presenting an arbitrary certificate during a session established by a client...
Checkpoint Endpoint Security Mi Server R73
3.3
CVSSv2
CVE-2013-5636
Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate malicious users to bypass the device-locking protection mechanism by overwriting DVREM...
Checkpoint Endpoint Security E80.40
Checkpoint Endpoint Security E80.41
Checkpoint Endpoint Security E80.50
Checkpoint Endpoint Security E80
Checkpoint Endpoint Security E80.10
Checkpoint Endpoint Security E80.30
Checkpoint Endpoint Security E80.20
3.3
CVSSv2
CVE-2013-5635
Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate malicious users to bypass the device-locking protection mechanism by entering password guesses w...
Checkpoint Endpoint Security E80.40
Checkpoint Endpoint Security E80.41
Checkpoint Endpoint Security E80.50
Checkpoint Endpoint Security E80
Checkpoint Endpoint Security E80.20
Checkpoint Endpoint Security E80.10
Checkpoint Endpoint Security E80.30
6.9
CVSSv2
CVE-2012-2753
Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint Connect R73.x, and Remote Access Clients E75.x allows local users to gain privile...
Checkpoint Endpoint Security E80
Checkpoint Remote Access Clients E75.10
Checkpoint Endpoint Security E80.20
Checkpoint Endpoint Security E80.30
Checkpoint Endpoint Security Vpn R75
Checkpoint Endpoint Connect R73
Checkpoint Endpoint Security R73
Checkpoint Endpoint Security E80.10
Checkpoint Remote Access Clients E75
Checkpoint Remote Access Clients E75.20
9.3
CVSSv2
CVE-2011-1827
Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote malicious users to execute arbitrary code via vectors involving a (1) Active...
Checkpoint Connectra Ngx R66.1
Checkpoint Vpn-1 Firewall-1 Vsx R65.20
Checkpoint Vpn-1 R65.70
Checkpoint Vpn-1 R70.40
Checkpoint Vpn-1 R71.30
Checkpoint Vpn-1 R75
Checkpoint Connectra Ngx R66.1n
Checkpoint Vpn-1 Firewall-1 Vsx R67
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »