Filtered by vendor Checkpoint
Subscribe
Total
131 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0150 | 2 Checkpoint, Cisco | 2 Firewall-1, Pix Firewall Software | 2026-04-16 | 7.5 HIGH | N/A |
| Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. | |||||
| CVE-2002-1623 | 1 Checkpoint | 1 Vpn-1 Firewall-1 | 2026-04-16 | 5.0 MEDIUM | N/A |
| The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote. | |||||
| CVE-2005-0114 | 2 Checkpoint, Zonelabs | 3 Check Point Integrity Client, Zonealarm, Zonealarm Wireless Security | 2026-04-16 | 2.1 LOW | N/A |
| vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer. | |||||
| CVE-2001-0682 | 2 Checkpoint, Zonelabs | 2 Zonealarm Pro, Zonealarm | 2026-04-16 | 2.1 LOW | 5.5 MEDIUM |
| ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting. | |||||
| CVE-2001-0182 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | 5.0 MEDIUM | N/A |
| FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources. | |||||
| CVE-2001-1158 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | 7.5 HIGH | N/A |
| Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts. | |||||
| CVE-2000-1201 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | 5.0 MEDIUM | N/A |
| Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264. | |||||
| CVE-2000-0582 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | 5.0 MEDIUM | N/A |
| Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy. | |||||
| CVE-2024-24910 | 2 Checkpoint, Microsoft | 3 Identity Agent, Zonealarm Extreme Security Nextgen, Windows | 2026-01-15 | N/A | 7.3 HIGH |
| A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system. | |||||
| CVE-2024-6233 | 1 Checkpoint | 1 Zonealarm Extreme Security Nextgen | 2026-01-15 | N/A | 7.8 HIGH |
| Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Forensic Recorder service. By creating a symbolic link, an attacker can abuse the service to overwrite arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21677. | |||||
| CVE-2024-24919 | 1 Checkpoint | 5 Cloudguard Network Security, Quantum Security Gateway, Quantum Security Gateway Firmware and 2 more | 2025-10-24 | N/A | 8.6 HIGH |
| Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available. | |||||
| CVE-2024-24911 | 1 Checkpoint | 3 Gaia Os, Multi-domain Management, Quantum Security Management | 2025-10-15 | N/A | 5.3 MEDIUM |
| In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache. | |||||
| CVE-2024-24916 | 2 Checkpoint, Microsoft | 2 Smartconsole, Windows | 2025-09-04 | N/A | 6.5 MEDIUM |
| Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges (admin). | |||||
| CVE-2025-3831 | 1 Checkpoint | 1 Harmony Sase | 2025-09-03 | N/A | 8.1 HIGH |
| Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties. | |||||
| CVE-2024-24915 | 2 Checkpoint, Microsoft | 2 Smartconsole, Windows | 2025-09-03 | N/A | 6.1 MEDIUM |
| Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them. | |||||
| CVE-2024-52888 | 1 Checkpoint | 3 Gaia Os, Mobile Access, Remote Access Vpn | 2025-09-02 | N/A | 5.4 MEDIUM |
| For an authenticated end-user the portal may run a script while attempting to display a directory or some file's properties. | |||||
| CVE-2024-52887 | 1 Checkpoint | 3 Gaia Os, Mobile Access, Remote Access Vpn | 2025-09-02 | N/A | 3.5 LOW |
| Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing their own bookmark list. | |||||
| CVE-2024-52885 | 1 Checkpoint | 3 Gaia Os, Mobile Access, Remote Access Vpn | 2025-08-27 | N/A | 5.0 MEDIUM |
| The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user (authorized to at least one File Share application) to list the file names of 'nobody'-accessible directories on the Mobile Access gateway. | |||||
| CVE-2025-2028 | 1 Checkpoint | 1 Log Server | 2025-08-27 | N/A | 6.5 MEDIUM |
| Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used ONLY for displaying country flags in logs | |||||
| CVE-2024-24912 | 2 Checkpoint, Microsoft | 2 Harmony Endpoint, Windows | 2025-08-26 | N/A | 6.7 MEDIUM |
| A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and below. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system. | |||||