VYPR

Vendor CVEs

Trend Micro

All CVEs

696 total · sorted by risk
  • CVE-2024-46902Oct 22, 2024
    risk 0.00cvss epss 0.02

    A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on…

  • CVE-2024-45335Oct 22, 2024
    risk 0.00cvss epss 0.00

    Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection.

  • CVE-2024-45334Oct 22, 2024
    risk 0.00cvss epss 0.00

    Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions.

  • CVE-2024-37289Jun 10, 2024
    risk 0.00cvss epss 0.01

    An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this…

  • CVE-2024-36473Jun 10, 2024
    risk 0.00cvss epss 0.00

    Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of privileges.

  • CVE-2024-36359Jun 10, 2024
    risk 0.00cvss epss 0.00

    A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on…

  • CVE-2024-36358Jun 10, 2024
    risk 0.00cvss epss 0.01

    A link following vulnerability in Trend Micro Deep Security 20.x agents below build 20.0.1-3180 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2024-36307Jun 10, 2024
    risk 0.00cvss epss 0.01

    A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute…

  • CVE-2024-36306Jun 10, 2024
    risk 0.00cvss epss 0.01

    A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute…

  • CVE-2024-36305Jun 10, 2024
    risk 0.00cvss epss 0.01

    A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit…

  • CVE-2024-36304Jun 10, 2024
    risk 0.00cvss epss 0.00

    A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the…

  • CVE-2024-36303Jun 10, 2024
    risk 0.00cvss epss 0.00

    An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2024-36302Jun 10, 2024
    risk 0.00cvss epss 0.01

    An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2024-32849Jun 10, 2024
    risk 0.00cvss epss 0.00

    Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

  • CVE-2023-42125May 3, 2024
    risk 0.00cvss epss 0.00

    Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged…

  • CVE-2023-42124May 3, 2024
    risk 0.00cvss epss 0.00

    Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute…

  • CVE-2024-26362Apr 10, 2024
    risk 0.00cvss epss 0.01

    HTML injection vulnerability in Enpass Password Manager Desktop Client 6.9.2 for Windows and Linux allows attackers to run arbitrary HTML code via creation of crafted note.

  • CVE-2024-23940Jan 29, 2024
    risk 0.00cvss epss 0.01

    Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on…

  • CVE-2023-52338Jan 23, 2024
    risk 0.00cvss epss 0.00

    A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to…

  • CVE-2023-52337Jan 23, 2024
    risk 0.00cvss epss 0.00

    An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to…

  • CVE-2023-52331Jan 23, 2024
    risk 0.00cvss epss 0.01

    A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2023-52330Jan 23, 2024
    risk 0.00cvss epss 0.02

    A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to execute arbitrary code on affected installations of Trend Micro Apex Central. Please note: user interaction is required to exploit this vulnerability in that the target must…

  • CVE-2023-52329Jan 23, 2024
    risk 0.00cvss epss 0.01

    Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to…

  • CVE-2023-52328Jan 23, 2024
    risk 0.00cvss epss 0.02

    Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to…

  • CVE-2023-52327Jan 23, 2024
    risk 0.00cvss epss 0.02

    Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to…

  • CVE-2023-52326Jan 23, 2024
    risk 0.00cvss epss 0.02

    Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to…

  • CVE-2023-52325Jan 23, 2024
    risk 0.00cvss epss 0.05

    A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitrary code on affected installations. Please note: this vulnerability must be used in conjunction with another one to exploit an affected system. In…

  • CVE-2023-52094Jan 23, 2024
    risk 0.00cvss epss 0.00

    An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations. Please note: an attacker must first obtain the…

  • CVE-2023-52093Jan 23, 2024
    risk 0.00cvss epss 0.00

    An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2023-52092Jan 23, 2024
    risk 0.00cvss epss 0.00

    A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit…

  • CVE-2023-52091Jan 23, 2024
    risk 0.00cvss epss 0.00

    An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2023-52090Jan 23, 2024
    risk 0.00cvss epss 0.00

    A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit…

  • CVE-2023-47202Jan 23, 2024
    risk 0.00cvss epss 0.00

    A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in…

  • CVE-2023-47201Jan 23, 2024
    risk 0.00cvss epss 0.00

    A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2023-47200Jan 23, 2024
    risk 0.00cvss epss 0.00

    A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2023-47199Jan 23, 2024
    risk 0.00cvss epss 0.00

    An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2023-47198Jan 23, 2024
    risk 0.00cvss epss 0.00

    An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2023-47197Jan 23, 2024
    risk 0.00cvss epss 0.00

    An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2023-47196Jan 23, 2024
    risk 0.00cvss epss 0.00

    An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2023-47195Jan 23, 2024
    risk 0.00cvss epss 0.00

    An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2023-47194Jan 23, 2024
    risk 0.00cvss epss 0.00

    An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2023-47193Jan 23, 2024
    risk 0.00cvss epss 0.00

    An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2023-47192Jan 23, 2024
    risk 0.00cvss epss 0.00

    An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit…

  • CVE-2023-41178Jan 23, 2024
    risk 0.00cvss epss 0.02

    Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,…

  • CVE-2023-41177Jan 23, 2024
    risk 0.00cvss epss 0.01

    Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,…

  • CVE-2023-41176Jan 23, 2024
    risk 0.00cvss epss 0.02

    Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to,…

  • CVE-2023-38627Jan 23, 2024
    risk 0.00cvss epss 0.00

    A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…

  • CVE-2023-38626Jan 23, 2024
    risk 0.00cvss epss 0.00

    A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…

  • CVE-2023-38625Jan 23, 2024
    risk 0.00cvss epss 0.00

    A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…

  • CVE-2023-38624Jan 23, 2024
    risk 0.00cvss epss 0.00

    A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute…

Page 7 of 14