Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkpoint vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2021-30358
Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent.
Checkpoint Mobile Access Portal Agent R80.20
Checkpoint Mobile Access Portal Agent R80.30
Checkpoint Mobile Access Portal Agent R80.40
Checkpoint Mobile Access Portal Agent R81
Checkpoint Mobile Access Portal Agent R81.10
6.9
CVSSv2
CVE-2008-7009
Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute arbitrary code via a file or directory with a long path. NOTE: some of these details are obtained from third party information.
Checkpoint Zonealarm 7.0.483.000
Checkpoint Zonealarm 8.0.020.000
1 EDB exploit
6.9
CVSSv2
CVE-2021-30361
The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS.
Checkpoint Gaia Portal
Checkpoint Gaia Os -
7.2
CVSSv2
CVE-2006-0255
Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the Sr_GUI.exe program.
Checkpoint Vpn-1 4.1
Checkpoint Vpn-1
7.5
CVSSv2
CVE-2004-0699
Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote malicious users to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.
Checkpoint Firewall-1 4.1
Checkpoint Vpn-1
4
CVSSv2
CVE-2014-1672
Check Point R75.47 Security Gateway and Management Server does not properly enforce Anti-Spoofing when the routing table is modified and the "Get - Interfaces with Topology" action is performed, which allows malicious users to bypass intended access restrictions.
Checkpoint Management Server R75.47
Checkpoint Security Gateway R75.47
5
CVSSv2
CVE-2008-5849
Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote malicious users to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response contain...
Checkpoint Vpn-1 R55
Checkpoint Vpn-1 R65
5
CVSSv2
CVE-2000-1032
The client authentication interface for Check Point Firewall-1 4.0 and previous versions generates different error messages for invalid usernames versus invalid passwords, which allows remote malicious users to identify valid usernames on the firewall.
Checkpoint Firewall-1 3.0
Checkpoint Firewall-1 4.0
7.2
CVSSv2
CVE-2021-30359
The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer prior to 90.08.7405 can start ...
Checkpoint Harmony Browse
Checkpoint Sandblast Agent For Browsers
7.1
CVSSv2
CVE-2014-8950
Unspecified vulnerability in Check Point Security Gateway R77 and R77.10, when the (1) URL Filtering or (2) Identity Awareness blade is used, allows remote malicious users to cause a denial of service (crash) via vectors involving an HTTPS request.
Checkpoint Security Gateway R77
Checkpoint Security Gateway R77.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »