High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-29	CVE-2019-8461	Untrusted Search Path vulnerability in Checkpoint products Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. local low complexity checkpoint CWE-426	7.8
2019-04-29	CVE-2019-8454	Link Following vulnerability in Checkpoint Endpoint Security A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system. local high complexity checkpoint CWE-59	7.0
2019-04-22	CVE-2019-8452	Link Following vulnerability in Checkpoint Endpoint Security and Zonealarm A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. local low complexity checkpoint CWE-59	7.8
2019-04-17	CVE-2019-8455	Link Following vulnerability in Checkpoint Zonealarm A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. local low complexity checkpoint CWE-59	7.1
2019-03-01	CVE-2018-8790	Unspecified vulnerability in Checkpoint Zonealarm Check Point ZoneAlarm version 15.3.064.17729 and below expose a WCF service that can allow a local low privileged user to execute arbitrary code as SYSTEM. local low complexity checkpoint	7.8
2008-02-08	CVE-2008-0662	Incorrect Permission Assignment for Critical Resource vulnerability in Checkpoint Vpn-1 Secureclient Ngair56/Ngxr60 The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials. local low complexity checkpoint CWE-732	7.8
2004-11-23	CVE-2004-0079	NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. network low complexity cisco symantec hp avaya redhat freebsd openbsd apple sco 4d checkpoint dell lite neoteris novell openssl sgi stonesoft tarantella vmware bluecoat securecomputing sun CWE-476	7.5