Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
interscan web security virtual appliance vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2020-8461
A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to get a victim's browser to send a specifically encoded request without requiring a valid CSRF token.
Trendmicro Interscan Web Security Virtual Appliance 6.5
312
VMScore
CVE-2020-8462
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to tamper with the web interface of the product.
Trendmicro Interscan Web Security Virtual Appliance 6.5
445
VMScore
CVE-2020-8463
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to bypass a global authorization check for anonymous users by manipulating request paths.
Trendmicro Interscan Web Security Virtual Appliance 6.5
445
VMScore
CVE-2020-8464
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to send requests that appear to come from the localhost which could expose the product's admin interface to users who would not normally have access.
Trendmicro Interscan Web Security Virtual Appliance 6.5
890
VMScore
CVE-2020-8465
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an malicious user to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authentication bypass (CVE-2020-8464) to execute code as user root.
Trendmicro Interscan Web Security Virtual Appliance 6.5
668
VMScore
CVE-2020-8466
A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated malicious user to execute certain commands by providing a manipulated password.
Trendmicro Interscan Web Security Virtual Appliance 6.5
801
VMScore
CVE-2020-28580
A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote malicious user to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
383
VMScore
CVE-2014-3922
Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual Appliance 8.5.1.1516 allows remote authenticated users to inject arbitrary web script or HTML via the addWhiteListDomainStr parameter to addWhiteListDomain.imss.
Trendmicro Interscan Messaging Security Virtual Appliance 8.5.1.1516
940
VMScore
CVE-2017-6398
An issue exists in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is root). Besides, the default installation of IMSVA comes with default administrator creden...
Trendmicro Interscan Messaging Security Virtual Appliance 9.1-1600
436
VMScore
CVE-2021-25252
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
Trendmicro Apex Central 2019
Trendmicro Apex One 2019
Trendmicro Cloud Edge 5.0
Trendmicro Apex One -
Trendmicro Deep Security 10.0
Trendmicro Deep Security 11.0
Trendmicro Deep Security 12.0
Trendmicro Deep Security 20.0
Trendmicro Control Manager 7.0
Trendmicro Deep Discovery Analyzer 5.1
Trendmicro Deep Discovery Email Inspector 2.5
Trendmicro Deep Discovery Inspector 3.8
Trendmicro Interscan Messaging Security Virtual Appliance 9.1
Trendmicro Interscan Web Security Virtual Appliance 6.5
Trendmicro Officescan -
Trendmicro Portal Protect 2.6
Trendmicro Scanmail 14.0
Trendmicro Scanmail For Ibm Domino 5.8
Trendmicro Serverprotect For Storage 6.0
Trendmicro Serverprotect 5.8
Trendmicro Serverprotect For Network Appliance Filers 5.8
Trendmicro Safe Lock 1.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »