Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deep security vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-15626
The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability.
Trendmicro Deep Security 10.0
Trendmicro Deep Security 11.0
Trendmicro Deep Security 12.0
NA
CVE-2023-52337
An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability ...
Trendmicro Deep Security 20.0
Trendmicro Deep Security Agent 20.0
NA
CVE-2023-52338
A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to exe...
Trendmicro Deep Security 20.0
Trendmicro Deep Security Agent 20.0
356
VMScore
CVE-2019-9488
Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep ...
Trendmicro Vulnerability Protection 2.0
Trendmicro Deep Security Manager 10.0
Trendmicro Deep Security Manager 11.0
Trendmicro Deep Security Manager 11.3
436
VMScore
CVE-2021-25252
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
Trendmicro Apex Central 2019
Trendmicro Apex One 2019
Trendmicro Cloud Edge 5.0
Trendmicro Apex One -
Trendmicro Deep Security 10.0
Trendmicro Deep Security 11.0
Trendmicro Deep Security 12.0
Trendmicro Deep Security 20.0
Trendmicro Control Manager 7.0
Trendmicro Deep Discovery Analyzer 5.1
Trendmicro Deep Discovery Email Inspector 2.5
Trendmicro Deep Discovery Inspector 3.8
Trendmicro Interscan Messaging Security Virtual Appliance 9.1
Trendmicro Interscan Web Security Virtual Appliance 6.5
Trendmicro Officescan -
Trendmicro Portal Protect 2.6
Trendmicro Scanmail 14.0
Trendmicro Scanmail For Ibm Domino 5.8
Trendmicro Serverprotect For Storage 6.0
Trendmicro Serverprotect 5.8
Trendmicro Serverprotect For Network Appliance Filers 5.8
Trendmicro Safe Lock 1.1
454
VMScore
CVE-2018-6218
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an malicious user to run arbitrary code on a vulnerable system.
Trendmicro Deep Security 10.0
Trendmicro Deep Security 10.1
Trendmicro Endpoint Sensor 1.6
Trendmicro Officescan 11.0
Trendmicro Officescan 12.0
Trendmicro Security 12.0
Trendmicro Worry-free Business Security 9.5
578
VMScore
CVE-2019-18191
A privilege escalation vulnerability in the Trend Micro Deep Security as a Service Quick Setup cloud formation template could allow an authenticated entity with certain unrestricted AWS execution privileges to escalate to full privileges within the target AWS account.
Trendmicro Deep Security As A Service -
668
VMScore
CVE-2018-3750
The utilities function in all versions <= 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that wil...
Deep Extend Project Deep Extend
668
VMScore
CVE-2019-10746
mixin-deep is vulnerable to Prototype Pollution in versions prior to 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
Mixin-deep Project Mixin-deep
Mixin-deep Project Mixin-deep 2.0.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.4.0
1 Github repository
578
VMScore
CVE-2015-8988
Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path.
Mcafee Epo Deep Command 2.1
Mcafee Epo Deep Command 2.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »