NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2022-23744 | Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator. | 2.3 | 4.35% | 2022-07-07 | 2026-06-17 |
| CVE-2024-52887 | Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing their own bookmark list. | 3.5 | 0.18% | 2025-04-27 | 2026-06-17 |
| CVE-2026-48136 | When Compliance is enabled on Check Point Multi-Domain Management, an authenticated administrator with read-write access to one Management Domain (CMA) can modify stored metadata associated with Compliance Best Practices in another Management Domain, where the administrator has no access permissions, bypassing Role-Based Access Control (RBAC). | 4.1 | 4.10% | 2026-05-26 | 2026-06-17 |
| CVE-2019-8458 | Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate. | 4.4 | 0.97% | 2019-06-20 | 2026-06-16 |
| CVE-2024-52885 | The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user (authorized to at least one File Share application) to list the file names of 'nobody'-accessible directories on the Mobile Access gateway. | 5.0 | 0.46% | 2025-08-06 | 2026-06-17 |
| CVE-2026-48135 | A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation. | 5.3 | 2.61% | 2026-05-26 | 2026-06-17 |
| CVE-2024-24911 | In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache. | 5.3 | 0.37% | 2025-02-06 | 2026-06-17 |
| CVE-2021-30357 | SSL Network Extender Client for Linux before build 800008302 reveals part of the contents of the configuration file supplied, which allows partially disclosing files to which the user did not have access. | 5.3 | 22.79% | 2021-06-08 | 2026-06-16 |
| CVE-2024-52888 | For an authenticated end-user the portal may run a script while attempting to display a directory or some file's properties. | 5.4 | 0.25% | 2025-04-27 | 2026-06-17 |
| CVE-2020-6022 | Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware. | 5.5 | 0.31% | 2020-10-27 | 2026-06-16 |
| CVE-2020-6015 | Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations. | 5.5 | 0.34% | 2020-11-05 | 2026-06-16 |
| CVE-2019-8453 | Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client. | 5.5 | 0.32% | 2019-04-17 | 2026-06-16 |
| CVE-2018-20251 | In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format. The UNACE module (UNACEV2.dll) creates files and folders as written in the filename field even when WinRAR validator noticed the traversal attempt and requestd to abort the extraction process. the operation is cancelled only after the folders and files were created but prior to them being written, therefore allowing the attacker to create empty files and folde | 5.5 | 31.53% | 2019-02-05 | 2026-06-16 |
| CVE-2017-8314 | Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles. | 5.5 | 2.52% | 2017-05-23 | 2026-06-16 |
| CVE-2017-8313 | Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via a crafted subtitles file. | 5.5 | 1.48% | 2017-05-23 | 2026-06-16 |
| CVE-2017-8312 | Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file. | 5.5 | 1.36% | 2017-05-23 | 2026-06-16 |
| CVE-2017-8310 | Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process (causing a denial of service) via a crafted subtitles file. | 5.5 | 1.26% | 2017-05-23 | 2026-06-16 |
| CVE-2026-48134 | When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to disruptions such as loss of stored incident entries, incorrect handling of pending approvals, or resource impact if the issue is abused repeatedly. Exposure is reduced if the UserCheck Portal is not acces | 5.6 | 4.36% | 2026-05-26 | 2026-06-17 |
| CVE-2019-8456 | Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditions, may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server. | 5.9 | 20.39% | 2019-04-09 | 2026-06-16 |
| CVE-2024-24915 | Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them. | 6.1 | 0.18% | 2025-06-29 | 2026-06-17 |