VYPR

Apex Central

by Trend Micro

CVEs (35)

  • CVE-2023-32533MedJun 26, 2023
    risk 0.40cvss 6.1epss 0.02

    Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through 32535.

  • CVE-2023-32532MedJun 26, 2023
    risk 0.40cvss 6.1epss 0.02

    Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through 32535.

  • CVE-2023-32531MedJun 26, 2023
    risk 0.40cvss 6.1epss 0.02

    Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32532 through 32535.

  • CVE-2023-38627MedJan 23, 2024
    risk 0.35cvss 5.4epss 0.00

    A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…

  • CVE-2023-38626MedJan 23, 2024
    risk 0.35cvss 5.4epss 0.00

    A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…

  • CVE-2023-38625MedJan 23, 2024
    risk 0.35cvss 5.4epss 0.00

    A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…

  • CVE-2023-38624MedJan 23, 2024
    risk 0.35cvss 5.4epss 0.00

    A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…

  • CVE-2023-32605MedJun 26, 2023
    risk 0.35cvss 5.4epss 0.00

    Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on…

  • CVE-2023-32604MedJun 26, 2023
    risk 0.35cvss 5.4epss 0.00

    Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on…

  • CVE-2023-32537MedJun 26, 2023
    risk 0.35cvss 5.4epss 0.00

    Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on…

  • CVE-2023-32536MedJun 26, 2023
    risk 0.35cvss 5.4epss 0.00

    Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on…

  • CVE-2025-47866MedJun 17, 2025
    risk 0.28cvss 4.3epss 0.00

    An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to upload arbitrary files on affected installations.

  • CVE-2025-69260Jan 8, 2026
    risk 0.00cvss epss 0.01

    A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations. Please note: authentication is not required in order to exploit this vulnerability.

  • CVE-2025-69259Jan 8, 2026
    risk 0.00cvss epss 0.01

    A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations. Please note: authentication is not required in order to exploit this vulnerability..

  • CVE-2025-69258Jan 8, 2026
    risk 0.00cvss epss 0.03

    A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations.

Page 2 of 2