Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
checkpoint vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2019-8455
A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
Checkpoint Zonealarm
7.8
CVSSv3
CVE-2022-23742
Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or usin...
Checkpoint Endpoint Security
7.8
CVSSv3
CVE-2022-23743
Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file...
Checkpoint Zonealarm
NA
CVE-2000-1201
Check Point FireWall-1 allows remote malicious users to cause a denial of service (high CPU) via a flood of packets to port 264.
Checkpoint Firewall-1
NA
CVE-2010-5184
Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memo...
Checkpoint Zonealarm Extreme Security 9.1.507.000
6.5
CVSSv3
CVE-2020-6014
Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution wit...
Checkpoint Endpoint Security
7.8
CVSSv3
CVE-2020-6021
Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a ...
Checkpoint Endpoint Security
NA
CVE-2004-0039
Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote malicious users to execute arbitrary code via HTTP ...
Checkpoint Firewall-1
7.5
CVSSv3
CVE-2019-8462
In a rare scenario, Check Point R80.30 Security Gateway before JHF Take 50 managed by Check Point R80.30 Management crashes with a unique configuration of enhanced logging.
Checkpoint Security Gateway R80.30
7.5
CVSSv3
CVE-2022-23745
A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). This could result in application crashing but could not be used to gather any sensitive information.
Checkpoint Capsule Workspace
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »