Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trendmicro vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-8468
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an malicious user to manipulate certain agent client components. An attempted attack requires user authe...
Trendmicro Officescan Xg
Trendmicro Apex One 2019
Trendmicro Worry-free Business Security 9.5
Trendmicro Worry-free Business Security 10.0
Trendmicro Worry-free Business Security 9.0
9.4
CVSSv2
CVE-2020-8470
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an malicious user to delete any file on the server with SYSTEM level privileges. Authentication is not required to exploit t...
Trendmicro Apex One 2019
Trendmicro Officescan Xg
Trendmicro Worry-free Business Security 9.0
Trendmicro Worry-free Business Security 9.5
Trendmicro Worry-free Business Security 10.0
5
CVSSv2
CVE-2019-15629
Trend Micro Password Manager versions 3.x, 5.0, and 5.1 for Android is affected by a FLAG_MISUSE vulnerability that could be exploited to allow the application to share information to third-party applications on the device.
Trendmicro Password Manager
Trendmicro Password Manager 5.0
Trendmicro Password Manager 5.1
4
CVSSv2
CVE-2019-9488
Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep ...
Trendmicro Vulnerability Protection 2.0
Trendmicro Deep Security Manager 10.0
Trendmicro Deep Security Manager 11.0
Trendmicro Deep Security Manager 11.3
4.3
CVSSv2
CVE-2019-15626
The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability.
Trendmicro Deep Security 10.0
Trendmicro Deep Security 11.0
Trendmicro Deep Security 12.0
4.3
CVSSv2
CVE-2015-2872
Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software prior to 3.5.1477, 3.6.x prior to 3.6.1217, 3.7.x prior to 3.7.1248, 3.8.x prior to 3.8.1263, and other versions allow remote malici...
Trendmicro Deep Discovery Inspector 3.5
Trendmicro Deep Discovery Inspector 3.6
Trendmicro Deep Discovery Inspector 3.7
Trendmicro Deep Discovery Inspector 3.8
5.5
CVSSv2
CVE-2015-2873
Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software prior to 3.5.1477, 3.6.x prior to 3.6.1217, 3.7.x prior to 3.7.1248, 3.8.x prior to 3.8.1263, and other versions allows remote malicious users to obtain sensitive information or change th...
Trendmicro Deep Discovery Inspector 3.5
Trendmicro Deep Discovery Inspector 3.6
Trendmicro Deep Discovery Inspector 3.7
Trendmicro Deep Discovery Inspector 3.8
7.5
CVSSv2
CVE-2008-2433
The web management console in Trend Micro OfficeScan 7.0 up to and including 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote malicious users to hijac...
Trendmicro Client Server Messaging Suite 3.5
Trendmicro Client Server Messaging Suite 3.6
Trendmicro Officescan
Trendmicro Worry-free Business Security 5.0
7.2
CVSSv2
CVE-2022-30700
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local malicious user to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privilege...
Trendmicro Apex One 2019
Trendmicro Apex One
7.2
CVSSv2
CVE-2022-30701
An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local malicious user to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. Please note: an attacker ...
Trendmicro Apex One 2019
Trendmicro Apex One
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »