cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-24912,https://securityvulnerability.io/vulnerability/CVE-2024-24912,Local Privilege Escalation Vulnerability Affects Harmony Endpoint Security Client for Windows,"A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and below. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system.",Checkpoint,Harmony Endpoint Security Client For Windows,,,0.0004299999854993075,false,false,false,false,,false,false,2024-05-01T13:22:48.486Z,0
CVE-2022-23744,https://securityvulnerability.io/vulnerability/CVE-2022-23744,,Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.,Checkpoint,Enterprise Endpoint Security Windows Clients.,2.3,LOW,0.0004400000034365803,false,false,false,false,,false,false,2022-07-07T15:51:44.000Z,0
CVE-2022-23742,https://securityvulnerability.io/vulnerability/CVE-2022-23742,,"Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links.",Checkpoint,Check Point Endpoint Security Client For Windows,7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2022-05-12T19:23:18.000Z,0
CVE-2020-6021,https://securityvulnerability.io/vulnerability/CVE-2020-6021,,"Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted DLL in the repair folder which will run with the Endpoint client’s privileges.",Checkpoint,Check Point Endpoint Security Client For Windows,7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2020-12-03T13:31:22.000Z,0
CVE-2020-6015,https://securityvulnerability.io/vulnerability/CVE-2020-6015,,Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations.,Checkpoint,Check Point Endpoint Security For Windows,5.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2020-11-05T19:37:06.000Z,0
CVE-2020-6014,https://securityvulnerability.io/vulnerability/CVE-2020-6014,,"Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.",Checkpoint,Check Point Endpoint Security Client For Windows,6.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2020-10-30T14:22:05.000Z,0
CVE-2019-8461,https://securityvulnerability.io/vulnerability/CVE-2019-8461,,Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.,Checkpoint,Check Point Endpoint Security Initial Client For Windows,7.8,HIGH,0.0013000000035390258,false,false,false,false,,false,false,2019-08-29T20:41:54.000Z,0
CVE-2013-7304,https://securityvulnerability.io/vulnerability/CVE-2013-7304,,"Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does not configure X.509 certificate validation for client devices, which allows man-in-the-middle attackers to spoof SSL servers by presenting an arbitrary certificate during a session established by a client.",Checkpoint,Endpoint Security Mi Server R73,,,0.0009899999713525176,false,false,false,false,,false,false,2014-01-22T19:00:00.000Z,0
CVE-2013-5635,https://securityvulnerability.io/vulnerability/CVE-2013-5635,,"Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously.",Checkpoint,Endpoint Security,,,0.000590000010561198,false,false,false,false,,false,false,2013-11-30T11:00:00.000Z,0
CVE-2013-5636,https://securityvulnerability.io/vulnerability/CVE-2013-5636,,"Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by overwriting DVREM.EPM with a copy of itself after each few password guesses.",Checkpoint,Endpoint Security,,,0.000590000010561198,false,false,false,false,,false,false,2013-11-30T11:00:00.000Z,0
CVE-2012-2753,https://securityvulnerability.io/vulnerability/CVE-2012-2753,,"Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint Connect R73.x, and Remote Access Clients E75.x allows local users to gain privileges via a Trojan horse DLL in the current working directory.",Checkpoint,"Remote Access Clients,Endpoint Security,Endpoint Connect,Endpoint Security Vpn",,,0.0004199999966658652,false,false,false,false,,false,false,2012-06-19T20:55:00.000Z,0