VYPR

Worry Free Business Security

by Trend Micro

CVEs (59)

  • CVE-2008-2433CriAug 27, 2008
    risk 0.65cvss 9.8epss 0.11

    The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via…

  • CVE-2016-1224MedJun 19, 2016
    risk 0.40cvss 6.1epss 0.02

    CRLF injection vulnerability in Trend Micro Worry-Free Business Security Service 5.x and Worry-Free Business Security 9.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.

  • CVE-2016-1223MedJun 19, 2016
    risk 0.35cvss 5.3epss 0.04

    Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business Security 9.0 allows remote attackers to read arbitrary files via unspecified vectors.

  • CVE-2020-8468KEVMar 18, 2020
    risk 0.14cvss epss 0.06

    Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user…

  • CVE-2023-41179KEVSep 19, 2023
    risk 0.12cvss epss 0.05

    A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected…

  • CVE-2021-36742KEVJul 29, 2021
    risk 0.12cvss epss 0.01

    A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to…

  • CVE-2021-36741KEVJul 29, 2021
    risk 0.12cvss epss 0.05

    An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the…

  • CVE-2020-24557KEVSep 1, 2020
    risk 0.12cvss epss 0.03

    A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An…

  • CVE-2008-3364Jul 30, 2008
    risk 0.06cvss epss 0.33

    Buffer overflow in the ObjRemoveCtrl Class ActiveX control in OfficeScanRemoveCtrl.dll 7.3.0.1020 in Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment 7.0, 7.3 build 1343 Patch 4 and other builds, and 8.0; Client Server Messaging Security (CSM) 3.5 and 3.6; and…

  • CVE-2008-2439Oct 3, 2008
    risk 0.05cvss epss 0.21

    Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before…

  • CVE-2020-8598Mar 18, 2020
    risk 0.01cvss epss 0.13

    Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not…

  • CVE-2025-49154Jun 17, 2025
    risk 0.00cvss epss 0.00

    An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. …

  • CVE-2022-36336Jul 29, 2022
    risk 0.00cvss epss 0.01

    A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate…

  • CVE-2022-24680Feb 24, 2022
    risk 0.00cvss epss 0.00

    A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create a…

  • CVE-2022-24679Feb 24, 2022
    risk 0.00cvss epss 0.00

    A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an…

  • CVE-2022-24678Feb 24, 2022
    risk 0.00cvss epss 0.02

    An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow an attacker to flood a…

  • CVE-2022-23805Feb 4, 2022
    risk 0.00cvss epss 0.01

    A security out-of-bounds read information disclosure vulnerability in Trend Micro Worry-Free Business Security Server could allow a local attacker to send garbage data to a specific named pipe and crash the server. Please note: an attacker must first obtain the ability to…

  • CVE-2021-45442Jan 8, 2022
    risk 0.00cvss epss 0.00

    A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. This is similar to, but not the same as CVE-2021-44024. Please note: an attacker must…

  • CVE-2021-45440Jan 8, 2022
    risk 0.00cvss epss 0.00

    A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only) could allow a local attacker to abuse an impersonation privilege and elevate to a higher level of privileges. Please note: an attacker must…

  • CVE-2021-45231Jan 8, 2022
    risk 0.00cvss epss 0.01

    A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to create a specially crafted file with arbitrary content which could grant local…

Page 1 of 3