Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkpoint check point vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2020-6023
Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.
Checkpoint Zonealarm
4.6
CVSSv2
CVE-2019-8452
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with li...
Checkpoint Endpoint Security
Checkpoint Zonealarm
1 EDB exploit
4.4
CVSSv2
CVE-2020-6021
Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a ...
Checkpoint Endpoint Security
4.4
CVSSv2
CVE-2020-6014
Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution wit...
Checkpoint Endpoint Security
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
4.3
CVSSv2
CVE-2019-8456
Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditions, may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server.
Checkpoint Ipsec Vpn R80.10
Checkpoint Ipsec Vpn R80.20
4.3
CVSSv2
CVE-2013-7304
Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does not configure X.509 certificate validation for client devices, which allows man-in-the-middle malicious users to spoof SSL servers by presenting an arbitrary certificate during a session established by a client...
Checkpoint Endpoint Security Mi Server R73
4.3
CVSSv2
CVE-2008-7025
TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service (crash) and disable the HIDS module via a crafted response.
Checkpoint Zonealarm 8.0.020.000
1 EDB exploit
4.3
CVSSv2
CVE-2008-5994
Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows remote malicious users to inject arbitrary web script or HTML via the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...
Checkpoint Connectra Ngx R62
4.3
CVSSv2
CVE-2008-1208
Cross-site scripting (XSS) vulnerability in the login page in Check Point VPN-1 UTM Edge W Embedded NGX 7.0.48x allows remote malicious users to inject arbitrary web script or HTML via the user parameter.
Checkpoint Vpn-1 Utm Edge W Embedded Ngx 7.0.48
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »