Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkpoint vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-8452
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with li...
Checkpoint Endpoint Security
Checkpoint Zonealarm
1 EDB exploit
NA
CVE-2008-7009
Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute arbitrary code via a file or directory with a long path. NOTE: some of these details are obtained from third party information.
Checkpoint Zonealarm 7.0.483.000
Checkpoint Zonealarm 8.0.020.000
1 EDB exploit
7.2
CVSSv3
CVE-2021-30358
Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent.
Checkpoint Mobile Access Portal Agent R80.20
Checkpoint Mobile Access Portal Agent R80.30
Checkpoint Mobile Access Portal Agent R80.40
Checkpoint Mobile Access Portal Agent R81
Checkpoint Mobile Access Portal Agent R81.10
NA
CVE-2008-1397
Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one...
Checkpoint Check Point Vpn-1 Pro Ngx R62 Ga
Checkpoint Vpn-1 Ngx R60
Checkpoint Vpn-1 Firewall-1 Ng Ai R55
Checkpoint Vpn-1 Power Utm Ngx R65 With Messaging Security
Checkpoint Vpn-1 Power Utm With Ngx R65
Checkpoint Check Point Vpn-1 Pro Ngx R61
NA
CVE-2004-0699
Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote malicious users to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data.
Checkpoint Firewall-1 4.1
Checkpoint Vpn-1
NA
CVE-2006-0255
Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the Sr_GUI.exe program.
Checkpoint Vpn-1
Checkpoint Vpn-1 4.1
5.9
CVSSv3
CVE-2019-8456
Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditions, may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server.
Checkpoint Ipsec Vpn R80.10
Checkpoint Ipsec Vpn R80.20
NA
CVE-2000-0482
Check Point Firewall-1 allows remote malicious users to cause a denial of service by sending a large number of malformed fragmented IP packets.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 4.1
1 EDB exploit
NA
CVE-2001-1303
The default configuration of SecuRemote for Check Point Firewall-1 allows remote malicious users to obtain sensitive configuration information for the protected network without authentication.
Checkpoint Firewall-1 4.1
Checkpoint Firewall-1 4.0
1 EDB exploit
NA
CVE-2014-1672
Check Point R75.47 Security Gateway and Management Server does not properly enforce Anti-Spoofing when the routing table is modified and the "Get - Interfaces with Topology" action is performed, which allows malicious users to bypass intended access restrictions.
Checkpoint Security Gateway R75.47
Checkpoint Management Server R75.47
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »