Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-24919 | 1 Checkpoint | 5 Cloudguard Network Security, Quantum Security Gateway, Quantum Security Gateway Firmware and 2 more | 2025-10-24 | N/A | 8.6 HIGH |
|
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
|
|||||
| CVE-2024-24914 | 1 Checkpoint | 9 Clusterxl, Gaia Os, Multi-domain Management and 6 more | 2025-08-26 | N/A | 8.0 HIGH |
|
Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available.
|
|||||
| CVE-2021-3449 | 12 Checkpoint, Debian, Fedoraproject and 9 more | 167 Multi-domain Management, Multi-domain Management Firmware, Quantum Security Gateway and 164 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). O ...
Show More |
|||||
| CVE-2021-30361 | 1 Checkpoint | 4 Gaia Os, Gaia Portal, Quantum Security Gateway and 1 more | 2024-11-21 | 6.9 MEDIUM | 6.7 MEDIUM |
|
The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS.
|
|||||