Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trendmicro vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2010-3189
The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote malicious users to execute arbitrary code via an invalid address that is dereferenced as a pointer.
Trendmicro Internet Security 2010
1 EDB exploit
9
CVSSv2
CVE-2021-32462
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations....
Trendmicro Password Manager
9
CVSSv2
CVE-2020-28581
A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote malicious user to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
9
CVSSv2
CVE-2020-28580
A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote malicious user to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
Trendmicro Interscan Web Security Virtual Appliance 6.5
9
CVSSv2
CVE-2020-24561
A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an malicious user to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileges on the SPLX console to exploit this vulnerability.
Trendmicro Serverprotect 3.0
9
CVSSv2
CVE-2018-10350
A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote malicious user to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\_bwlists\_handler....
Trendmicro Smart Protection Server 3.3
Trendmicro Smart Protection Server 3.2
Trendmicro Smart Protection Server 3.0
Trendmicro Smart Protection Server 3.1
9
CVSSv2
CVE-2018-10351
A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote malicious user to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRegistration2 class. Authentication is required to exploit this vulnerability.
Trendmicro Email Encryption Gateway
9
CVSSv2
CVE-2018-10354
A command injection remote command execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote malicious user to execute arbitrary code on vulnerable installations due to a flaw in the LauncherServer. Authentication is required to exploit this vulnera...
Trendmicro Email Encryption Gateway
9
CVSSv2
CVE-2018-10356
A SQL injection remote code execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an malicious user to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRequestDomains class. Authentication is required to exploit this ...
Trendmicro Email Encryption Gateway
9
CVSSv2
CVE-2018-10357
A directory traversal vulnerability in Trend Micro Endpoint Application Control 2.0 could allow a remote malicious user to execute arbitrary code on vulnerable installations due to a flaw in the FileDrop servlet. Authentication is required to exploit this vulnerability.
Trendmicro Endpoint Application Control 2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »