VYPR
Vendor

Checkpoint

Products
65
CVEs
138
Across products
176
Status
Private

Products

65
View all 65 products →

Recent CVEs

138
View all 138 CVEs →
  • CVE-2014-7169CriKEVSep 25, 2014
    risk 0.87cvss 9.8epss 1.00

    GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by…

  • CVE-2014-6271CriKEVSep 24, 2014
    risk 0.87cvss 9.8epss 1.00

    GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd,…

  • CVE-2026-50751CriKEVJun 8, 2026
    risk 0.80cvss 9.3epss 0.71

    A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

  • CVE-2025-15389HigDec 31, 2025
    risk 0.57cvss 8.8epss 0.01

    VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

  • CVE-2025-15388HigDec 31, 2025
    risk 0.57cvss 8.8epss 0.01

    VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

  • CVE-2025-15387HigDec 31, 2025
    risk 0.57cvss 8.8epss 0.00

    VPN Firewall developed by QNO Technology has a Insufficient Entropy vulnerability, allowing unauthenticated remote attackers to obtain any logged-in user session through brute-force attacks and subsequently log into the system.

  • CVE-2026-10847HigJun 11, 2026
    risk 0.51cvss 7.8epss 0.00

    A local privilege escalation vulnerability exists in Check Point Identity Agent Full for Windows OS. An authenticated local user may be able to execute arbitrary code with SYSTEM privileges due to improper handling of executable resolution during the log collection process.…

  • CVE-2022-23742HigMay 12, 2022
    risk 0.51cvss 7.8epss 0.04

    Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or…

  • CVE-2008-0662HigFeb 8, 2008
    risk 0.51cvss 7.8epss 0.00

    The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing…

  • CVE-2004-0079HigNov 23, 2004
    risk 0.50cvss 7.5epss 0.10

    The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

  • CVE-2026-48133HigMay 26, 2026
    risk 0.49cvss 7.5epss 0.05

    When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway.

  • CVE-2025-9142HigJan 14, 2026
    risk 0.49cvss 7.5epss 0.00

    A local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory.

  • CVE-2026-50752HigJun 8, 2026
    risk 0.48cvss 7.4epss 0.05

    A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful…

  • CVE-2025-8305MedDec 22, 2025
    risk 0.42cvss 6.5epss 0.00

    An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being printed in plaintext in Identity Agent for Terminal Services debug files.

  • CVE-2025-8304MedDec 22, 2025
    risk 0.42cvss 6.5epss 0.00

    An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being accessible in the Windows Registry keys for Check Point Identity Agent running on a Terminal Server.

  • CVE-2026-48134MedMay 26, 2026
    risk 0.36cvss 5.6epss 0.04

    When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information.…

  • CVE-2001-0682MedAug 29, 2001
    risk 0.36cvss 5.5epss 0.00

    ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting.

  • CVE-2024-24919KEVMay 28, 2024
    risk 0.29cvss epss 1.00

    Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

  • CVE-2026-48136MedMay 26, 2026
    risk 0.27cvss 4.1epss 0.04

    When Compliance is enabled on Check Point Multi-Domain Management, an authenticated administrator with read-write access to one Management Domain (CMA) can modify stored metadata associated with Compliance Best Practices in another Management Domain, where the administrator has…

  • CVE-2009-1227Apr 2, 2009
    risk 0.04cvss epss 0.07

    NOTE: this issue has been disputed by the vendor. Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI Web Service allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) Authorization or (2) Referer HTTP…