Filtered by vendor Trendmicro
Subscribe
Total
509 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25239 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Trend Micro Apex One (on-prem), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about x86 agent hotfixes. | |||||
| CVE-2021-25229 | 1 Trendmicro | 2 Apex One, Officescan | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the database server. | |||||
| CVE-2021-25231 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific hotfix history file. | |||||
| CVE-2021-25235 | 2 Microsoft, Trendmicro | 3 Windows, Apex One, Officescan | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about a content inspection configuration file. | |||||
| CVE-2021-25245 | 1 Trendmicro | 1 Worry-free Business Security | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various pieces of settings informaiton. | |||||
| CVE-2021-25244 | 1 Trendmicro | 1 Worry-free Business Security | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various pieces of configuration informaiton. | |||||
| CVE-2021-25246 | 1 Trendmicro | 3 Apex One, Officescan, Worry-free Business Security | 2022-06-28 | 6.4 MEDIUM | 6.5 MEDIUM |
| An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that could be used then make valid configuration queries. | |||||
| CVE-2021-25237 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an unauthenticated user to obtain information about the managing port used by agents. | |||||
| CVE-2021-25250 | 1 Trendmicro | 2 Apex One, Officescan | 2022-06-28 | 7.2 HIGH | 7.8 HIGH |
| An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2021-25234 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific notification configuration file. | |||||
| CVE-2021-25232 | 2 Microsoft, Trendmicro | 3 Windows, Apex One, Officescan | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database. | |||||
| CVE-2021-25230 | 2 Microsoft, Trendmicro | 3 Windows, Apex One, Officescan | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the contents of a scan connection exception file. | |||||
| CVE-2021-25238 | 2 Microsoft, Trendmicro | 3 Windows, Officescan, Worry-free Business Security | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about an agent's managing port. | |||||
| CVE-2021-25242 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain version and build information. | |||||
| CVE-2021-25240 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2022-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain x64 agent hofitx information. | |||||
| CVE-2021-32460 | 2 Microsoft, Trendmicro | 2 Windows, Maximum Security 2021 | 2022-06-28 | 7.2 HIGH | 7.8 HIGH |
| The Trend Micro Maximum Security 2021 (v17) consumer product is vulnerable to an improper access control vulnerability in the installer which could allow a local attacker to escalate privileges on a target machine. Please note than an attacker must already have local user privileges and access on the machine to exploit this vulnerability. | |||||
| CVE-2022-30703 | 2 Microsoft, Trendmicro | 2 Windows, Security | 2022-06-16 | 4.6 MEDIUM | 7.8 HIGH |
| Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This vulnerability could also potentially be chained for privilege escalation. | |||||
| CVE-2022-30702 | 2 Microsoft, Trendmicro | 2 Windows, Security | 2022-06-16 | 2.1 LOW | 5.5 MEDIUM |
| Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to disclose sensitive information on an affected machine. | |||||
| CVE-2022-30701 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-06-08 | 7.2 HIGH | 7.8 HIGH |
| An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2022-30700 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2022-06-08 | 7.2 HIGH | 7.8 HIGH |
| An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||