Vulnerabilities in checkpoint
25 resultsCVE-2024-24919HIGHInformation disclosureEPSS 100.0%KEVCVE-2026-50751CRITICALUser Authentication Bypass in VPN Remote Access and Mobile AccessEPSS 71.1%KEVCVE-2026-50752HIGHCertificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1EPSS 4.9%CVE-2026-48133HIGHIdentity Awareness Captive Portal - Unauthenticated Local File InclusionEPSS 4.8%CVE-2026-48134MEDIUMSQL injection issue in UserCheck Portal when DLP Software Blade is activeEPSS 4.4%CVE-2026-48136MEDIUMAuthenticated Administrator Role-Based Access Control Bypass in ComplianceEPSS 4.1%CVE-2026-48131HIGHVPND IKE Fragment Reassembly - Heap Out-of-Bounds Write via Sequence Number ZeroEPSS 2.7%CVE-2026-48135MEDIUMHTTP service can incorrectly process malformed HTTP requestsEPSS 2.6%CVE-2026-48132HIGHVPN service may restart unexpectedly when processing IKE traffic over NAT-T 4500/UDPEPSS 2.1%CVE-2024-24916MEDIUMDLL-HiJackingEPSS 1.8%CVE-2024-52885MEDIUMPath TraversalEPSS 0.4%CVE-2024-24914HIGHAuthenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vEPSS 0.4%CVE-2025-3831HIGHExposed SFTP serverEPSS 0.4%CVE-2024-24911MEDIUMOut of Bounds read in the CPCA process on Check Point Management ServerEPSS 0.4%CVE-2023-28134HIGHLocal Privliege Escalation in Check Point Endpoint Security Remediation ServiceEPSS 0.2%CVE-2025-2028MEDIUMLack of TLS validationEPSS 0.2%CVE-2024-52888MEDIUMStored-XSSEPSS 0.2%CVE-2024-52887LOWSelf-XSSEPSS 0.2%CVE-2024-24915MEDIUMSmartConsole Sensitive Credential Exposure via Memory DumpEPSS 0.2%CVE-2024-24912MEDIUMLocal privilege escalation in Harmony Endpoint Security Client for Windows via crafted DLL fileEPSS 0.2%