Vulnerabilities > Checkpoint > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-07 | CVE-2022-23744 | Unspecified vulnerability in Checkpoint Endpoint Security and Harmony Endpoint Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator. | 2.1 |
| 2020-11-05 | CVE-2020-6015 | Unspecified vulnerability in Checkpoint Endpoint Security E84.10 Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations. | 2.1 |
| 2020-10-27 | CVE-2020-6022 | Unspecified vulnerability in Checkpoint Zonealarm Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware. | 3.6 |
| 2019-06-20 | CVE-2019-8458 | Unspecified vulnerability in Checkpoint products Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. network checkpoint | 3.5 |
| 2019-04-17 | CVE-2019-8453 | Untrusted Search Path vulnerability in Checkpoint Zonealarm Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. | 2.1 |
| 2019-04-17 | CVE-2019-8455 | Link Following vulnerability in Checkpoint Zonealarm A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. | 3.6 |
| 2013-11-30 | CVE-2013-5635 | Credentials Management vulnerability in Checkpoint Endpoint Security Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously. | 3.3 |
| 2013-11-30 | CVE-2013-5636 | Credentials Management vulnerability in Checkpoint Endpoint Security Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by overwriting DVREM.EPM with a copy of itself after each few password guesses. | 3.3 |
| 2011-07-08 | CVE-2011-2664 | Local Security vulnerability in Check Point Provider-1 Unspecified vulnerability in Check Point Multi-Domain Management / Provider-1 NGX R65, R70, R71, and R75, and SmartCenter during installation on non-Windows machines, allows local users on the MDS system to overwrite arbitrary files via unknown vectors. | 3.6 |
| 2005-02-11 | CVE-2005-0114 | Local Denial of Service vulnerability in Zone Labs ZoneAlarm vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer. | 2.1 |