Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trendmicro vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-25143
An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an malicious user to achieve a remote code execution state on affected products.
Trendmicro Apex One
Trendmicro Apex One 2019
7.8
CVSSv3
CVE-2023-25144
An improper access control vulnerability in the Trend Micro Apex One agent could allow a local malicious user to gain elevated privileges and create arbitrary directories with arbitrary ownership.
Trendmicro Apex One
Trendmicro Apex One 2019
7.8
CVSSv3
CVE-2023-25145
A link following vulnerability in the scanning function of Trend Micro Apex One agent could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in...
Trendmicro Apex One
Trendmicro Apex One 2019
7.8
CVSSv3
CVE-2023-25146
A security agent link following vulnerability in the Trend Micro Apex One agent could allow a local malicious user to quarantine a file, delete the original folder and replace with a junction to an arbitrary location, ultimately leading to an arbitrary file dropped to an arbitrar...
Trendmicro Apex One
Trendmicro Apex One 2019
6.7
CVSSv3
CVE-2023-25147
An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other means to bypass the protection by using a specifically crafted DLL during a specific update process. Please note: an attacker must first obtain administr...
Trendmicro Apex One
Trendmicro Apex One 2019
7.8
CVSSv3
CVE-2023-25148
A security agent link following vulnerability in Trend Micro Apex One could allow a local malicious user to exploit the vulnerability by changing a specific file into a pseudo-symlink, allowing privilege escalation on affected installations. Please note: an attacker must first ob...
Trendmicro Apex One
Trendmicro Apex One 2019
9.1
CVSSv3
CVE-2023-0587
A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSub...
Trendmicro Apex One -
7
CVSSv3
CVE-2022-48191
A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrar...
Trendmicro Maximum Security 2022 17.7
7.8
CVSSv3
CVE-2022-45798
A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local malicious user to escalate privileges by creating a symbolic link and abusing the service to delete a file. Please note: an atta...
Trendmicro Apex One -
Trendmicro Apex One 2019
5.5
CVSSv3
CVE-2022-44647
An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local malicious user to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the targe...
Trendmicro Apex One
Trendmicro Apex One 2019
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »