Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apex vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-47202
A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in or...
Trendmicro Apex One 2019
Trendmicro Apex One
NA
CVE-2022-44651
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the ...
Trendmicro Apex One 2019
Trendmicro Apex One
NA
CVE-2022-44652
An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged cod...
Trendmicro Apex One 2019
Trendmicro Apex One
NA
CVE-2022-44653
A security agent directory traversal vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the t...
Trendmicro Apex One 2019
Trendmicro Apex One
NA
CVE-2022-44654
Affected builds of Trend Micro Apex One and Apex One as a Service contain a monitor engine component that is complied without the /SAFESEH memory protection mechanism which helps to monitor for malicious payloads. The affected component's memory protection mechanism has been...
Trendmicro Apex One 2019
Trendmicro Apex One
10
CVSSv2
CVE-2018-16462
A command injection vulnerability in the apex-publish-static-files npm module version <2.0.1 which allows arbitrary shell command execution through a maliciously crafted argument.
Apex-publish-static-files Project Apex-publish-static-files
6
CVSSv2
CVE-2006-7138
SQL injection vulnerability in wwv_flow_utilities.gen_popup_list in the WWV_FLOW_UTILITIES package for Oracle APEX/HTMLDB prior to 2.2 allows remote authenticated users to execute arbitrary SQL by modifying the P_LOV parameter and calculating a matching MD5 checksum for the P_LOV...
Oracle Apex
4.3
CVSSv2
CVE-2006-7158
Cross-site scripting (XSS) vulnerability in Oracle Application Express (APEX) prior to 2.2.1, aka Oracle HTML DB, allows remote malicious users to inject arbitrary web script or HTML via the NOTIFICATION_MSG parameter. NOTE: it is likely that this issue overlaps one of the identi...
Oracle Apex
4.3
CVSSv2
CVE-2006-5599
Cross-site scripting (XSS) vulnerability in Oracle Application Express (formerly HTML DB) prior to 2.2.1 allows remote malicious users to inject arbitrary HTML or web script via the WWV_FLOW_ITEM_HELP package. NOTE: it is likely that this issue overlaps one of the Oracle VulnIDs ...
Oracle Apex 2.2
NA
CVE-2023-0587
A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSub...
Trendmicro Apex One -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »