Filtered by vendor Checkpoint
Subscriptions
Total
119 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-6023 | 1 Checkpoint | 1 Zonealarm | 2024-08-04 | 7.8 High |
| Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware. | ||||
| CVE-2021-30358 | 1 Checkpoint | 1 Mobile Access Portal Agent | 2024-08-03 | 7.2 High |
| Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent. | ||||
| CVE-2021-30361 | 1 Checkpoint | 4 Gaia Os, Gaia Portal, Quantum Security Gateway and 1 more | 2024-08-03 | 6.7 Medium |
| The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS. | ||||
| CVE-2021-30360 | 1 Checkpoint | 1 Endpoint Security | 2024-08-03 | 7.8 High |
| Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges. | ||||
| CVE-2021-30359 | 2 Checkpoint, Microsoft | 3 Harmony Browse, Sandblast Agent For Browsers, Windows | 2024-08-03 | 7.8 High |
| The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation repair and place a specially crafted binary in the repair folder, which runs with the admin privileges. | ||||
| CVE-2021-30356 | 1 Checkpoint | 1 Identity Agent | 2024-08-03 | 8.1 High |
| A denial of service vulnerability was reported in Check Point Identity Agent before R81.018.0000, which could allow low privileged users to overwrite protected system files. | ||||
| CVE-2021-30357 | 1 Checkpoint | 1 Ssl Network Extender | 2024-08-03 | 5.3 Medium |
| SSL Network Extender Client for Linux before build 800008302 reveals part of the contents of the configuration file supplied, which allows partially disclosing files to which the user did not have access. | ||||
| CVE-2022-41604 | 1 Checkpoint | 1 Zonealarm | 2024-08-03 | 8.8 High |
| Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM. | ||||
| CVE-2022-23742 | 2 Checkpoint, Microsoft | 2 Endpoint Security, Windows | 2024-08-03 | 7.8 High |
| Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. | ||||
| CVE-2022-23746 | 1 Checkpoint | 1 Ssl Network Extender | 2024-08-03 | 7.5 High |
| The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX). If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords. | ||||
| CVE-2022-23743 | 1 Checkpoint | 1 Zonealarm | 2024-08-03 | 7.8 High |
| Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file write, leading to execution of code as local system, in ZoneAlarm versions before v15.8.211.192119 | ||||
| CVE-2022-23745 | 1 Checkpoint | 1 Capsule Workspace | 2024-08-03 | 7.5 High |
| A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). This could result in application crashing but could not be used to gather any sensitive information. | ||||
| CVE-2022-23744 | 1 Checkpoint | 2 Endpoint Security, Harmony Endpoint | 2024-08-03 | 2.3 Low |
| Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator. | ||||
| CVE-2023-28133 | 1 Checkpoint | 1 Endpoint Security | 2024-08-02 | 7.8 High |
| Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration file | ||||
| CVE-2024-24919 | 1 Checkpoint | 5 Cloudguard Network Security, Quantum Security Gateway, Quantum Security Gateway Firmware and 2 more | 2024-08-01 | 8.6 High |
| Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available. | ||||
| CVE-1999-1204 | 1 Checkpoint | 1 Firewall-1 | 2024-08-01 | N/A |
| Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator. | ||||
| CVE-1999-0895 | 1 Checkpoint | 1 Firewall-1 | 2024-08-01 | N/A |
| Firewall-1 does not properly restrict access to LDAP attributes. | ||||
| CVE-1999-0770 | 1 Checkpoint | 1 Firewall-1 | 2024-08-01 | N/A |
| Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems. | ||||
| CVE-1999-0675 | 1 Checkpoint | 1 Firewall-1 | 2024-08-01 | N/A |
| Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host. | ||||