Apex One

apex_one

Vendor: Trendmicro • 164 CVEs

CVEs (164)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-19691 1Trendmicro 2Apex One Officescan Nov 21, 2024 Dec 20, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. Note that the attacker must already have admin/ro...Show more A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. Note that the attacker must already have admin/root privileges on the product console to exploit this vulnerability.Show less
CVE-2019-18189 1Trendmicro 3Apex One OfficescanWorry Free Business Security Nov 21, 2024 Oct 28, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an affected product's managemen...Show more A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow an attacker to bypass authentication and log on to an affected product's management console as a root user. The vulnerability does not require authentication.Show less
CVE-2019-18188 1Trendmicro 1Apex One Nov 21, 2024 Oct 28, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to...Show more Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to the IUSR account, which has restricted permission and is unable to make major system changes. An attempted attack requires user authentication.Show less
CVE-2019-9489 1Trendmicro 5Apex One Apex One As A ServiceBusiness Security+2 more Nov 21, 2024 Apr 5, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affec...Show more A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console.Show less

Previous 1...5 6 7 89