Apex One

apex_one

Vendor: Trendmicro • 164 CVEs

CVEs (164)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-42104 1Trendmicro 3Apex One Worry Free Business SecurityWorry Free Business Security Services Nov 21, 2024 Oct 21, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on...Show more Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42105, 42106 and 42107.Show less
CVE-2021-42103 1Trendmicro 1Apex One Nov 21, 2024 Oct 21, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the abili...Show more An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42101.Show less
CVE-2021-42102 1Trendmicro 1Apex One Nov 21, 2024 Oct 21, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain th...Show more An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-42101 1Trendmicro 1Apex One Nov 21, 2024 Oct 21, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the abili...Show more An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar but not identical to CVE-2021-42103.Show less
CVE-2021-42012 1Trendmicro 3Apex One Worry Free Business SecurityWorry Free Business Security Services Nov 21, 2024 Oct 21, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please n...Show more A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-42011 1Trendmicro 1Apex One Nov 21, 2024 Oct 21, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker...Show more An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-23139 1Trendmicro 3Apex One Worry Free Business SecurityWorry Free Business Security Services Nov 21, 2024 Oct 21, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations.
CVE-2021-3848 1Trendmicro 2Apex One Worry Free Business Security Nov 21, 2024 Oct 6, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could allow a local attack...Show more An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could allow a local attacker to create an arbitrary file with higher privileges that could lead to a denial-of-service (DoS) on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-32465 1Trendmicro 2Apex One Officescan Nov 21, 2024 Aug 4, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations....Show more An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-32464 1Trendmicro 2Apex One Officescan Nov 21, 2024 Aug 4, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it...Show more An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-36742 1Trendmicro 4Apex One OfficescanOfficescan Business Security+1 more Oct 31, 2025 Jul 29, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations....Show more A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-36741 1Trendmicro 4Apex One OfficescanOfficescan Business Security+1 more Oct 31, 2025 Jul 29, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installat...Show more An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product�s management console in order to exploit this vulnerability.Show less
CVE-2021-32463 1Trendmicro 2Apex One Worry Free Business Security Nov 21, 2024 Jul 20, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to esc...Show more An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to escalate privileges and delete files with system privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-28646 1Trendmicro 2Apex One Officescan Nov 21, 2024 Apr 13, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations.
CVE-2021-28645 1Trendmicro 2Apex One Officescan Nov 21, 2024 Apr 13, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacke...Show more An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-25253 1Trendmicro 2Apex One Officescan Nov 21, 2024 Apr 13, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected...Show more An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-25250 1Trendmicro 2Apex One Officescan Nov 21, 2024 Apr 13, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations....Show more An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-25252 1Trendmicro 19Apex Central Apex OneCloud Edge+16 more Nov 21, 2024 Mar 3, 2021 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a sp...Show more Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.Show less
CVE-2021-25249 1Trendmicro 3Apex One OfficescanWorry Free Business Security Nov 21, 2024 Feb 4, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate...Show more An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-25248 1Trendmicro 3Apex One OfficescanWorry Free Business Security Nov 21, 2024 Feb 4, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow an attacker to disclose sensi...Show more An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow an attacker to disclose sensitive information about a named pipe. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less

Previous 1...567 8 9 Next