Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkpoint vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2011-2664
Unspecified vulnerability in Check Point Multi-Domain Management / Provider-1 NGX R65, R70, R71, and R75, and SmartCenter during installation on non-Windows machines, allows local users on the MDS system to overwrite arbitrary files via unknown vectors.
Checkpoint Multi-domain Management\\/provider-1 Ngx Smartcenter
Checkpoint Multi-domain Management\\/provider-1 Ngx R71
Checkpoint Multi-domain Management\\/provider-1 Ngx R75
Checkpoint Multi-domain Management\\/provider-1 Ngx R65
Checkpoint Multi-domain Management\\/provider-1 Ngx R70
7.2
CVSSv2
CVE-2008-0662
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing t...
Checkpoint Vpn-1 Secureclient Ngx R60
Checkpoint Vpn-1 Secureclient Ngai R56
5
CVSSv2
CVE-2002-1623
The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote malicious users to determine valid usernames by (1) monitoring respon...
Checkpoint Vpn-1 Firewall-1 4.0
Checkpoint Vpn-1 Firewall-1 4.1
7.2
CVSSv2
CVE-2007-2174
The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm prior to 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses.
Checkpoint Zonealarm
3.6
CVSSv2
CVE-2020-6022
Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware.
Checkpoint Zonealarm
4.6
CVSSv2
CVE-2022-23742
Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or usin...
Checkpoint Endpoint Security
NA
CVE-2022-41604
Check Point ZoneAlarm Extreme Security prior to 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junct...
Checkpoint Zonealarm
4.6
CVSSv2
CVE-2020-6023
Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.
Checkpoint Zonealarm
2.1
CVSSv2
CVE-2019-8453
Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local malicious user to replace a DLL file with a malicious one and cause Denial of Service to the client.
Checkpoint Zonealarm
6.9
CVSSv2
CVE-2019-8454
A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the ...
Checkpoint Endpoint Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »