VYPR

Mobile Security

by Trend Micro

CVEs (21)

  • CVE-2017-14078CriSep 22, 2017
    risk 0.68cvss 9.8epss 0.50

    SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.

  • CVE-2017-14080CriSep 22, 2017
    risk 0.64cvss 9.8epss 0.03

    Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password.

  • CVE-2017-14081HigSep 22, 2017
    risk 0.59cvss 8.8epss 0.17

    Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.

  • CVE-2017-14079HigSep 22, 2017
    risk 0.58cvss 8.8epss 0.11

    Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.

  • CVE-2016-3664HigMay 23, 2016
    risk 0.48cvss 7.4epss 0.01

    Trend Micro Mobile Security for iOS before 3.2.1188 does not verify the X.509 certificate of the mobile application login server, which allows man-in-the-middle attackers to spoof this server and obtain sensitive information via a crafted certificate.

  • CVE-2016-9319MedMar 31, 2017
    risk 0.38cvss 5.9epss 0.01

    There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android Application before 9.7.1193, aka VRTS-398.

  • CVE-2024-31684LowJun 3, 2024
    risk 0.23cvss 3.5epss 0.00

    Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated API.

  • CVE-2023-32521Jun 26, 2023
    risk 0.05cvss epss 0.69

    A path traversal exists in a specific service dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an unauthenticated remote attacker to delete arbitrary files.

  • CVE-2025-52521Jul 10, 2025
    risk 0.00cvss epss 0.00

    Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

  • CVE-2025-49384Jun 17, 2025
    risk 0.00cvss epss 0.00

    Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

  • CVE-2023-41178Jan 23, 2024
    risk 0.00cvss epss 0.02

    Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,…

  • CVE-2023-41177Jan 23, 2024
    risk 0.00cvss epss 0.01

    Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,…

  • CVE-2023-41176Jan 23, 2024
    risk 0.00cvss epss 0.02

    Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,…

  • CVE-2023-35695Jun 26, 2023
    risk 0.00cvss epss 0.01

    A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 to download a particular log file which may contain sensitive information regarding the product.

  • CVE-2023-32528Jun 26, 2023
    risk 0.00cvss epss 0.03

    Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system…

  • CVE-2023-32527Jun 26, 2023
    risk 0.00cvss epss 0.03

    Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system…

  • CVE-2023-32526Jun 26, 2023
    risk 0.00cvss epss 0.02

    Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2023-32525Jun 26, 2023
    risk 0.00cvss epss 0.02

    Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2023-32524Jun 26, 2023
    risk 0.00cvss epss 0.03

    Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute…

  • CVE-2023-32523Jun 26, 2023
    risk 0.00cvss epss 0.03

    Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute…

Page 1 of 2