← Back

Trendmicro

trendmicro

559 CVEs • 105 products

Products (105)

Click to collapse
Toggle
Apex One
apex_one
164 CVEs
Officescan
officescan
71 CVEs
Worry Free Business Security
worry-free_business_security
58 CVEs
Apex Central
apex_central
35 CVEs
Interscan Web Security Virtual Appliance
interscan_web_security_virtual_appliance
29 CVEs
Worry Free Business Security Services
worry-free_business_security_services
25 CVEs
Control Manager
control_manager
22 CVEs
Mobile Security
mobile_security
21 CVEs
Email Encryption Gateway
email_encryption_gateway
19 CVEs
Antivirus+
antivirus+
18 CVEs
Serverprotect
serverprotect
18 CVEs
Internet Security
internet_security
17 CVEs
Password Manager
password_manager
15 CVEs
Deep Security Agent
deep_security_agent
15 CVEs
Interscan Messaging Security Virtual Appliance
interscan_messaging_security_virtual_appliance
13 CVEs
Smart Protection Server
smart_protection_server
13 CVEs
Maximum Security
maximum_security
13 CVEs
Premium Security
premium_security
13 CVEs
Threat Discovery Appliance
threat_discovery_appliance
12 CVEs
Maximum Security 2020
maximum_security_2020
12 CVEs
Internet Security 2020
internet_security_2020
11 CVEs
Premium Security 2020
premium_security_2020
11 CVEs
Housecall
housecall
9 CVEs
Trend Micro Endpoint Encryption
trend_micro_endpoint_encryption
9 CVEs
Trend Micro Antivirus
trend_micro_antivirus
8 CVEs
Security
security
8 CVEs
Maximum Security 2019
maximum_security_2019
8 CVEs
Deep Security
deep_security
7 CVEs
Internet Security 2019
internet_security_2019
7 CVEs
Premium Security 2019
premium_security_2019
7 CVEs
Housecall For Home Networks
housecall_for_home_networks
7 CVEs
Maximum Security 2022
maximum_security_2022
7 CVEs
Deep Discovery Inspector
deep_discovery_inspector
6 CVEs
Scanmail
scanmail
6 CVEs
Antivirus + Security
antivirus_+_security
6 CVEs
Antivirus+ Security 2020
antivirus+_security_2020
6 CVEs
Antivirus For Mac 2017
antivirus_for_mac_2017
5 CVEs
Antivirus For Mac 2018
antivirus_for_mac_2018
5 CVEs
Antivirus For Mac 2019
antivirus_for_mac_2019
5 CVEs
Antivirus + Security 2019
antivirus_+_security_2019
5 CVEs
Vulnerability Protection
vulnerability_protection
5 CVEs
Maximum Security 2021
maximum_security_2021
5 CVEs
Home Network Security
home_network_security
5 CVEs
Trend Vision One
trend_vision_one
5 CVEs
Deep Security Manager
deep_security_manager
4 CVEs
Officescan Cloud
officescan_cloud
4 CVEs
Serverprotect For Storage
serverprotect_for_storage
4 CVEs
Interscan Messaging Security Suite
interscan_messaging_security_suite
3 CVEs
Endpoint Sensor
endpoint_sensor
3 CVEs
Deep Discovery Director
deep_discovery_director
3 CVEs
Antivirus+ 2020
antivirus+_2020
3 CVEs
Officescan Business Security
officescan_business_security
3 CVEs
Antivirus+ Security 2021
antivirus+_security_2021
3 CVEs
Internet Security 2021
internet_security_2021
3 CVEs
Premium Security 2021
premium_security_2021
3 CVEs
Serverprotect For Network Appliance Filer
serverprotect_for_network_appliance_filer
3 CVEs
Interscan Web Security Suite
interscan_web_security_suite
2 CVEs
Deep Discovery Email Inspector
deep_discovery_email_inspector
2 CVEs
Officescan Xg
officescan_xg
2 CVEs
Dr. Safety
dr._safety
2 CVEs
Anti Threat Toolkit
anti-threat_toolkit
2 CVEs
Antivirus + Security 2020
antivirus_+_security_2020
2 CVEs
Im Security
im_security
2 CVEs
Portable Security
portable_security
2 CVEs
Safe Lock
safe_lock
2 CVEs
Antivirus+ 2019
antivirus+_2019
2 CVEs
Cloud Edge
cloud_edge
2 CVEs
Maximum Security 2023
maximum_security_2023
2 CVEs
Antivirus One
antivirus_one
2 CVEs
Client Server Messaging Suite
client_server_messaging_suite
1 CVE
Trend Micro Internet Security
trend_micro_internet_security
1 CVE
Internet Security 2010
internet_security_2010
1 CVE
Tmeext.sys
tmeext.sys
1 CVE
Virtual Mobile Infrastructure
virtual_mobile_infrastructure
1 CVE
Encryption For Email
encryption_for_email
1 CVE
Endpoint Application Control
endpoint_application_control
1 CVE
Officescan Monthly
officescan_monthly
1 CVE
Apex One As A Service
apex_one_as_a_service
1 CVE
Business Security
business_security
1 CVE
Ransom Buster
ransom_buster
1 CVE
Deep Security As A Service
deep_security_as_a_service
1 CVE
Antivirus Toolkit
antivirus_toolkit
1 CVE
Officescan Business Security Service
officescan_business_security_service
1 CVE
Online Scan
online_scan
1 CVE
Rootkit Buster
rootkit_buster
1 CVE
Deep Discovery Analyzer
deep_discovery_analyzer
1 CVE
Portal Protect
portal_protect
1 CVE
Scanmail For Ibm Domino
scanmail_for_ibm_domino
1 CVE
Serverprotect For Network Appliance Filers
serverprotect_for_network_appliance_filers
1 CVE
Security For Best Buy
security_for_best_buy
1 CVE
Antivirus+ Security
antivirus+_security
1 CVE
Antivirus For Mac
antivirus_for_mac
1 CVE
Vpn Proxy One Pro
vpn_proxy_one_pro
1 CVE
Txone Stellarone
txone_stellarone
1 CVE
Antivirus+ Security 2022
antivirus+_security_2022
1 CVE
Internet Security 2022
internet_security_2022
1 CVE
Premium Security 2022
premium_security_2022
1 CVE
Antivirus+ Security 2023
antivirus+_security_2023
1 CVE
Internet Security 2023
internet_security_2023
1 CVE
Premium Security 2023
premium_security_2023
1 CVE

CVEs (559)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-37348
1Trendmicro
1Security
Nov 21, 2024
Sep 19, 2022
N/A· v4
5.5 MEDIUM· v3
N/A· v2
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a...Show more
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the same as CVE-2022-37347.Show less
CVE-2022-37347
1Trendmicro
1Security
May 29, 2025
Sep 19, 2022
N/A· v4
5.5 MEDIUM· v3
N/A· v2
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a...Show more
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the same as CVE-2022-35234.Show less
CVE-2022-34893
1Trendmicro
1Security
Nov 21, 2024
Sep 19, 2022
N/A· v4
7.8 HIGH· v3
N/A· v2
Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which could lead to escalation of privilege on an affected machine.
CVE-2022-36336
1Trendmicro
3Apex One
Worry Free Business SecurityWorry Free Business Security Services
Nov 21, 2024
Jul 30, 2022
N/A· v4
7.8 HIGH· v3
N/A· v2
A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for th...Show more
A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate to customers in an updated Spyware pattern. Customers who are up-to-date on detection patterns are not required to take any additional steps to mitigate this issue.Show less
CVE-2022-35234
1Trendmicro
1Security
Nov 21, 2024
Jul 30, 2022
N/A· v4
7.1 HIGH· v3
N/A· v2
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a...Show more
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine.Show less
CVE-2022-33158
1Trendmicro
1Vpn Proxy One Pro
Nov 21, 2024
Jul 30, 2022
N/A· v4
7.8 HIGH· v3
N/A· v2
Trend Micro VPN Proxy Pro version 5.2.1026 and below contains a vulnerability involving some overly permissive folders in a key directory which could allow a local attacker to obtain privilege escalation on an affected s...Show more
Trend Micro VPN Proxy Pro version 5.2.1026 and below contains a vulnerability involving some overly permissive folders in a key directory which could allow a local attacker to obtain privilege escalation on an affected system.Show less
CVE-2022-30703
1Trendmicro
1Security
Nov 21, 2024
Jun 9, 2022
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This v...Show more
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This vulnerability could also potentially be chained for privilege escalation.Show less
CVE-2022-30702
1Trendmicro
1Security
Nov 21, 2024
Jun 9, 2022
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to disclose sensitive information on an affected machine.
CVE-2022-30701
1Trendmicro
1Apex One
Nov 21, 2024
May 27, 2022
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privilege...Show more
An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2022-30700
1Trendmicro
1Apex One
Nov 21, 2024
May 27, 2022
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker...Show more
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2022-30687
1Trendmicro
1Maximum Security 2022
Nov 21, 2024
May 27, 2022
N/A· v4
7.1 HIGH· v3
6.6 MEDIUM· v2
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary files.
CVE-2022-28394
1Trendmicro
1Password Manager
Nov 21, 2024
May 27, 2022
N/A· v4
7.8 HIGH· v3
6.9 MEDIUM· v2
EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading D...Show more
EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Please note that this was reported on an EOL version of the product, and users are advised to upgrade to the latest supported version (5.x).Show less
CVE-2022-30523
1Trendmicro
1Password Manager
Nov 21, 2024
May 16, 2022
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow a low privileged local attacker to delete the contents of an arbi...Show more
Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Privilege Escalation Vulnerability that could allow a low privileged local attacker to delete the contents of an arbitrary folder as SYSTEM which can then be used for privilege escalation on the affected machine.Show less
CVE-2022-27883
1Trendmicro
1Antivirus For Mac
Nov 21, 2024
Apr 9, 2022
N/A· v4
7.3 HIGH· v3
8.5 HIGH· v2
A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an attacker must at lea...Show more
A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an attacker must at least have low-level privileges on the system to attempt to exploit this vulnerability.Show less
CVE-2022-26871
1Trendmicro
2Apex Central
Apex One
Dec 22, 2025
Mar 29, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
CVE-2022-26337
1Trendmicro
1Password Manager
Nov 21, 2024
Mar 8, 2022
N/A· v4
7.8 HIGH· v3
9.3 HIGH· v2
Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit th...Show more
Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine.Show less
CVE-2022-26319
1Trendmicro
1Portable Security
Nov 21, 2024
Mar 8, 2022
N/A· v4
6.5 MEDIUM· v3
6.9 MEDIUM· v2
An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privil...Show more
An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. Please note: an attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2022-25331
1Trendmicro
3Serverprotect
Serverprotect For Network Appliance FilerServerprotect For Storage
Nov 21, 2024
Feb 24, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.
CVE-2022-25330
1Trendmicro
3Serverprotect
Serverprotect For Network Appliance FilerServerprotect For Storage
Nov 21, 2024
Feb 24, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.
CVE-2022-25329
1Trendmicro
3Serverprotect
Serverprotect For Network Appliance FilerServerprotect For Storage
Nov 21, 2024
Feb 24, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information S...Show more
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.Show less