Every CVE whose affected-product data names Checkpoint Zonealarm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2022-41604 — CVSS 8.8 (high): Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak…
CVE-2019-8452 — CVSS 7.8 (high): A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows…
CVE-2018-8790 — CVSS 7.8 (high): Check Point ZoneAlarm version 15.3.064.17729 and below expose a WCF service that can allow a local low privileged user to execute arbitrary…
CVE-2020-6023 — CVSS 7.8 (high): Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.
CVE-2022-23743 — CVSS 7.8 (high): Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition…
CVE-2007-2730 — CVSS 7.2 (high): Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows…
CVE-2007-2174 — CVSS 7.2 (high): The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local…
CVE-2005-2932 — CVSS 7.2 (high): Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure…
CVE-2007-4216 — CVSS 7.2 (high): vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt…
CVE-2019-8455 — CVSS 7.1 (high): A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so…
CVE-2008-7009 — CVSS 6.9 (medium): Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute…
CVE-2020-6022 — CVSS 5.5 (medium): Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware.
CVE-2019-8453 — CVSS 5.5 (medium): Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can…
CVE-2008-7025 — CVSS 4.3 (medium): TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service (crash)…