Vendor CVEs
Trend Micro
All CVEs
696 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-46902 | 0.00 | — | 0.02 | Oct 22, 2024 | A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on… | |||
| CVE-2024-45335 | 0.00 | — | 0.00 | Oct 22, 2024 | Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection. | |||
| CVE-2024-45334 | 0.00 | — | 0.00 | Oct 22, 2024 | Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions. | |||
| CVE-2024-37289 | 0.00 | — | 0.01 | Jun 10, 2024 | An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this… | |||
| CVE-2024-36473 | 0.00 | — | 0.00 | Jun 10, 2024 | Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of privileges. | |||
| CVE-2024-36359 | 0.00 | — | 0.00 | Jun 10, 2024 | A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on… | |||
| CVE-2024-36358 | 0.00 | — | 0.01 | Jun 10, 2024 | A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target… | |||
| CVE-2024-36307 | 0.00 | — | 0.01 | Jun 10, 2024 | A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute… | |||
| CVE-2024-36306 | 0.00 | — | 0.01 | Jun 10, 2024 | A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute… | |||
| CVE-2024-36305 | 0.00 | — | 0.01 | Jun 10, 2024 | A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit… | |||
| CVE-2024-36304 | 0.00 | — | 0.00 | Jun 10, 2024 | A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the… | |||
| CVE-2024-36303 | 0.00 | — | 0.00 | Jun 10, 2024 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | |||
| CVE-2024-36302 | 0.00 | — | 0.01 | Jun 10, 2024 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | |||
| CVE-2024-32849 | 0.00 | — | 0.00 | Jun 10, 2024 | Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. | |||
| CVE-2023-42125 | 0.00 | — | 0.00 | May 3, 2024 | Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged… | |||
| CVE-2023-42124 | 0.00 | — | 0.00 | May 3, 2024 | Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute… | |||
| CVE-2024-26362 | 0.00 | — | 0.01 | Apr 10, 2024 | HTML injection vulnerability in Enpass Password Manager Desktop Client 6.9.2 for Windows and Linux allows attackers to run arbitrary HTML code via creation of crafted note. | |||
| CVE-2024-23940 | 0.00 | — | 0.01 | Jan 29, 2024 | Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on… | |||
| CVE-2023-52338 | 0.00 | — | 0.00 | Jan 23, 2024 | A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to… | |||
| CVE-2023-52337 | 0.00 | — | 0.00 | Jan 23, 2024 | An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to… | |||
| CVE-2023-52331 | 0.00 | — | 0.01 | Jan 23, 2024 | A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target… | |||
| CVE-2023-52330 | 0.00 | — | 0.02 | Jan 23, 2024 | A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to execute arbitrary code on affected installations of Trend Micro Apex Central. Please note: user interaction is required to exploit this vulnerability in that the target must… | |||
| CVE-2023-52329 | 0.00 | — | 0.01 | Jan 23, 2024 | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to… | |||
| CVE-2023-52328 | 0.00 | — | 0.02 | Jan 23, 2024 | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to… | |||
| CVE-2023-52327 | 0.00 | — | 0.02 | Jan 23, 2024 | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to… | |||
| CVE-2023-52326 | 0.00 | — | 0.02 | Jan 23, 2024 | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to… | |||
| CVE-2023-52325 | 0.00 | — | 0.05 | Jan 23, 2024 | A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitrary code on affected installations. Please note: this vulnerability must be used in conjunction with another one to exploit an affected system. In… | |||
| CVE-2023-52094 | 0.00 | — | 0.00 | Jan 23, 2024 | An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations. Please note: an attacker must first obtain the… | |||
| CVE-2023-52093 | 0.00 | — | 0.00 | Jan 23, 2024 | An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | |||
| CVE-2023-52092 | 0.00 | — | 0.00 | Jan 23, 2024 | A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit… | |||
| CVE-2023-52091 | 0.00 | — | 0.00 | Jan 23, 2024 | An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | |||
| CVE-2023-52090 | 0.00 | — | 0.00 | Jan 23, 2024 | A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit… | |||
| CVE-2023-47202 | 0.00 | — | 0.00 | Jan 23, 2024 | A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in… | |||
| CVE-2023-47201 | 0.00 | — | 0.00 | Jan 23, 2024 | A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target… | |||
| CVE-2023-47200 | 0.00 | — | 0.00 | Jan 23, 2024 | A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target… | |||
| CVE-2023-47199 | 0.00 | — | 0.00 | Jan 23, 2024 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | |||
| CVE-2023-47198 | 0.00 | — | 0.00 | Jan 23, 2024 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | |||
| CVE-2023-47197 | 0.00 | — | 0.00 | Jan 23, 2024 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | |||
| CVE-2023-47196 | 0.00 | — | 0.00 | Jan 23, 2024 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | |||
| CVE-2023-47195 | 0.00 | — | 0.00 | Jan 23, 2024 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | |||
| CVE-2023-47194 | 0.00 | — | 0.00 | Jan 23, 2024 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | |||
| CVE-2023-47193 | 0.00 | — | 0.00 | Jan 23, 2024 | An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to… | |||
| CVE-2023-47192 | 0.00 | — | 0.00 | Jan 23, 2024 | An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit… | |||
| CVE-2023-41178 | 0.00 | — | 0.02 | Jan 23, 2024 | Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,… | |||
| CVE-2023-41177 | 0.00 | — | 0.01 | Jan 23, 2024 | Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,… | |||
| CVE-2023-41176 | 0.00 | — | 0.02 | Jan 23, 2024 | Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,… | |||
| CVE-2023-38627 | 0.00 | — | 0.00 | Jan 23, 2024 | A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute… | |||
| CVE-2023-38626 | 0.00 | — | 0.00 | Jan 23, 2024 | A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute… | |||
| CVE-2023-38625 | 0.00 | — | 0.00 | Jan 23, 2024 | A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute… | |||
| CVE-2023-38624 | 0.00 | — | 0.00 | Jan 23, 2024 | A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute… |
- CVE-2024-46902Oct 22, 2024risk 0.00cvss —epss 0.02
A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on…
- CVE-2024-45335Oct 22, 2024risk 0.00cvss —epss 0.00
Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection.
- CVE-2024-45334Oct 22, 2024risk 0.00cvss —epss 0.00
Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions.
- CVE-2024-37289Jun 10, 2024risk 0.00cvss —epss 0.01
An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this…
- CVE-2024-36473Jun 10, 2024risk 0.00cvss —epss 0.00
Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of privileges.
- CVE-2024-36359Jun 10, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on…
- CVE-2024-36358Jun 10, 2024risk 0.00cvss —epss 0.01
A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…
- CVE-2024-36307Jun 10, 2024risk 0.00cvss —epss 0.01
A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute…
- CVE-2024-36306Jun 10, 2024risk 0.00cvss —epss 0.01
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute…
- CVE-2024-36305Jun 10, 2024risk 0.00cvss —epss 0.01
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit…
- CVE-2024-36304Jun 10, 2024risk 0.00cvss —epss 0.00
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the…
- CVE-2024-36303Jun 10, 2024risk 0.00cvss —epss 0.00
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- CVE-2024-36302Jun 10, 2024risk 0.00cvss —epss 0.01
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- CVE-2024-32849Jun 10, 2024risk 0.00cvss —epss 0.00
Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.
- CVE-2023-42125May 3, 2024risk 0.00cvss —epss 0.00
Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged…
- CVE-2023-42124May 3, 2024risk 0.00cvss —epss 0.00
Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute…
- CVE-2024-26362Apr 10, 2024risk 0.00cvss —epss 0.01
HTML injection vulnerability in Enpass Password Manager Desktop Client 6.9.2 for Windows and Linux allows attackers to run arbitrary HTML code via creation of crafted note.
- CVE-2024-23940Jan 29, 2024risk 0.00cvss —epss 0.01
Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on…
- CVE-2023-52338Jan 23, 2024risk 0.00cvss —epss 0.00
A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to…
- CVE-2023-52337Jan 23, 2024risk 0.00cvss —epss 0.00
An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to…
- CVE-2023-52331Jan 23, 2024risk 0.00cvss —epss 0.01
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…
- CVE-2023-52330Jan 23, 2024risk 0.00cvss —epss 0.02
A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to execute arbitrary code on affected installations of Trend Micro Apex Central. Please note: user interaction is required to exploit this vulnerability in that the target must…
- CVE-2023-52329Jan 23, 2024risk 0.00cvss —epss 0.01
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to…
- CVE-2023-52328Jan 23, 2024risk 0.00cvss —epss 0.02
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to…
- CVE-2023-52327Jan 23, 2024risk 0.00cvss —epss 0.02
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to…
- CVE-2023-52326Jan 23, 2024risk 0.00cvss —epss 0.02
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to…
- CVE-2023-52325Jan 23, 2024risk 0.00cvss —epss 0.05
A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitrary code on affected installations. Please note: this vulnerability must be used in conjunction with another one to exploit an affected system. In…
- CVE-2023-52094Jan 23, 2024risk 0.00cvss —epss 0.00
An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations. Please note: an attacker must first obtain the…
- CVE-2023-52093Jan 23, 2024risk 0.00cvss —epss 0.00
An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- CVE-2023-52092Jan 23, 2024risk 0.00cvss —epss 0.00
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit…
- CVE-2023-52091Jan 23, 2024risk 0.00cvss —epss 0.00
An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- CVE-2023-52090Jan 23, 2024risk 0.00cvss —epss 0.00
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit…
- CVE-2023-47202Jan 23, 2024risk 0.00cvss —epss 0.00
A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in…
- CVE-2023-47201Jan 23, 2024risk 0.00cvss —epss 0.00
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…
- CVE-2023-47200Jan 23, 2024risk 0.00cvss —epss 0.00
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…
- CVE-2023-47199Jan 23, 2024risk 0.00cvss —epss 0.00
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- CVE-2023-47198Jan 23, 2024risk 0.00cvss —epss 0.00
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- CVE-2023-47197Jan 23, 2024risk 0.00cvss —epss 0.00
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- CVE-2023-47196Jan 23, 2024risk 0.00cvss —epss 0.00
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- CVE-2023-47195Jan 23, 2024risk 0.00cvss —epss 0.00
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- CVE-2023-47194Jan 23, 2024risk 0.00cvss —epss 0.00
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- CVE-2023-47193Jan 23, 2024risk 0.00cvss —epss 0.00
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…
- CVE-2023-47192Jan 23, 2024risk 0.00cvss —epss 0.00
An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit…
- CVE-2023-41178Jan 23, 2024risk 0.00cvss —epss 0.02
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,…
- CVE-2023-41177Jan 23, 2024risk 0.00cvss —epss 0.01
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,…
- CVE-2023-41176Jan 23, 2024risk 0.00cvss —epss 0.02
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,…
- CVE-2023-38627Jan 23, 2024risk 0.00cvss —epss 0.00
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…
- CVE-2023-38626Jan 23, 2024risk 0.00cvss —epss 0.00
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…
- CVE-2023-38625Jan 23, 2024risk 0.00cvss —epss 0.00
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…
- CVE-2023-38624Jan 23, 2024risk 0.00cvss —epss 0.00
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…
Page 7 of 14