Filtered by vendor Checkpoint
Subscribe
Total
117 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-28134 | 1 Checkpoint | 1 Endpoint Security | 2024-09-03 | N/A | 7.8 HIGH |
Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
CVE-2023-28130 | 1 Checkpoint | 1 Gaia Portal | 2024-08-23 | N/A | 7.2 HIGH |
Local user may lead to privilege escalation using Gaia Portal hostnames page. | |||||
CVE-2009-1227 | 1 Checkpoint | 1 Firewall-1 Pki Web Service | 2024-08-07 | 10.0 HIGH | N/A |
** DISPUTED ** NOTE: this issue has been disputed by the vendor. Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI Web Service allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) Authorization or (2) Referer HTTP header to TCP port 18624. NOTE: the vendor has disputed this issue, stating "Check Point Security Alert Team has analyzed this report. We've tried to reproduce the attack on all VPN-1 versions from NG FP2 and above with and without HFAs. The issue was not reproduced. We have conducted a thorough analysis of the relevant code and verified that we are secure against this attack. We consider this attack to pose no risk to Check Point customers." In addition, the original researcher, whose reliability is unknown as of 20090407, also states that the issue "was discovered during a pen-test where the client would not allow further analysis." | |||||
CVE-2010-5184 | 2 Checkpoint, Microsoft | 2 Zonealarm Extreme Security, Windows Xp | 2024-08-07 | 6.2 MEDIUM | N/A |
** DISPUTED ** Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute. | |||||
CVE-2014-7169 | 17 Apple, Arista, Canonical and 14 more | 85 Mac Os X, Eos, Ubuntu Linux and 82 more | 2024-07-24 | 10.0 HIGH | 9.8 CRITICAL |
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271. | |||||
CVE-2014-6271 | 17 Apple, Arista, Canonical and 14 more | 85 Mac Os X, Eos, Ubuntu Linux and 82 more | 2024-07-24 | 10.0 HIGH | 9.8 CRITICAL |
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix. | |||||
CVE-2021-3449 | 11 Checkpoint, Debian, Fedoraproject and 8 more | 163 Multi-domain Management, Multi-domain Management Firmware, Quantum Security Gateway and 160 more | 2024-06-21 | 4.3 MEDIUM | 5.9 MEDIUM |
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). | |||||
CVE-2024-24919 | 1 Checkpoint | 5 Cloudguard Network Security, Quantum Security Gateway, Quantum Security Gateway Firmware and 2 more | 2024-05-31 | N/A | 8.6 HIGH |
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available. | |||||
CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2024-02-15 | 5.0 MEDIUM | N/A |
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | |||||
CVE-2001-0682 | 2 Checkpoint, Zonelabs | 2 Zonealarm Pro, Zonealarm | 2024-02-15 | 2.1 LOW | 5.5 MEDIUM |
ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting. | |||||
CVE-2023-28133 | 1 Checkpoint | 1 Endpoint Security | 2024-02-05 | N/A | 7.8 HIGH |
Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration file | |||||
CVE-2022-23745 | 1 Checkpoint | 1 Capsule Workspace | 2024-02-04 | N/A | 7.5 HIGH |
A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). This could result in application crashing but could not be used to gather any sensitive information. | |||||
CVE-2022-23744 | 1 Checkpoint | 2 Endpoint Security, Harmony Endpoint | 2024-02-04 | 2.1 LOW | 2.3 LOW |
Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator. | |||||
CVE-2022-23742 | 2 Checkpoint, Microsoft | 2 Endpoint Security, Windows | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. | |||||
CVE-2022-23743 | 1 Checkpoint | 1 Zonealarm | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file write, leading to execution of code as local system, in ZoneAlarm versions before v15.8.211.192119 | |||||
CVE-2021-30361 | 1 Checkpoint | 4 Gaia Os, Gaia Portal, Quantum Security Gateway and 1 more | 2024-02-04 | 6.9 MEDIUM | 6.7 MEDIUM |
The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS. | |||||
CVE-2021-30360 | 1 Checkpoint | 1 Endpoint Security | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges. | |||||
CVE-2021-30359 | 2 Checkpoint, Microsoft | 3 Harmony Browse, Sandblast Agent For Browsers, Windows | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation repair and place a specially crafted binary in the repair folder, which runs with the admin privileges. | |||||
CVE-2021-30358 | 1 Checkpoint | 1 Mobile Access Portal Agent | 2024-02-04 | 6.0 MEDIUM | 7.2 HIGH |
Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent. | |||||
CVE-2021-30357 | 1 Checkpoint | 1 Ssl Network Extender | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
SSL Network Extender Client for Linux before build 800008302 reveals part of the contents of the configuration file supplied, which allows partially disclosing files to which the user did not have access. |