Trendmicro

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-32461 1Trendmicro 1Password Manager Nov 21, 2024 Jul 8, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer Truncation Privilege Escalation vulnerability which could allow a local attacker to trigger a buffer overflow and escalate...Show more Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer Truncation Privilege Escalation vulnerability which could allow a local attacker to trigger a buffer overflow and escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-31521 1Trendmicro 1Interscan Web Security Virtual Appliance Nov 21, 2024 Jun 17, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Trend Micro InterScan Web Security Virtual Appliance version 6.5 was found to have a reflected cross-site scripting (XSS) vulnerability in the product's Captive Portal.
CVE-2021-32460 1Trendmicro 1Maximum Security 2021 Nov 21, 2024 Jun 3, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The Trend Micro Maximum Security 2021 (v17) consumer product is vulnerable to an improper access control vulnerability in the installer which could allow a local attacker to escalate privileges on a target machine. Pleas...Show more The Trend Micro Maximum Security 2021 (v17) consumer product is vulnerable to an improper access control vulnerability in the installer which could allow a local attacker to escalate privileges on a target machine. Please note than an attacker must already have local user privileges and access on the machine to exploit this vulnerability.Show less
CVE-2021-32459 1Trendmicro 1Home Network Security Nov 21, 2024 May 27, 2021 N/A· v4 6.5 MEDIUM· v3 5.5 MEDIUM· v2 Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to...Show more Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication. An attacker must first obtain the ability to execute high-privileged code on the target device in order to exploit this vulnerability.Show less
CVE-2021-32458 1Trendmicro 1Home Network Security Nov 21, 2024 May 27, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code...Show more Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability.Show less
CVE-2021-32457 1Trendmicro 1Home Network Security Nov 21, 2024 May 26, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on...Show more Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability.Show less
CVE-2021-31519 1Trendmicro 1Housecall For Home Networks Nov 21, 2024 May 12, 2021 N/A· v4 7.3 HIGH· v3 4.4 MEDIUM· v2 An incorrect permission vulnerability in the product installer folders for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a...Show more An incorrect permission vulnerability in the product installer folders for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.Show less
CVE-2021-28649 1Trendmicro 1Housecall For Home Networks Nov 21, 2024 May 12, 2021 N/A· v4 7.3 HIGH· v3 4.4 MEDIUM· v2 An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specifie...Show more An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.Show less
CVE-2021-31520 1Trendmicro 1Im Security Nov 21, 2024 May 10, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 A weak session token authentication bypass vulnerability in Trend Micro IM Security 1.6 and 1.6.5 could allow an remote attacker to guess currently logged-in administrators' session session token in order to gain access...Show more A weak session token authentication bypass vulnerability in Trend Micro IM Security 1.6 and 1.6.5 could allow an remote attacker to guess currently logged-in administrators' session session token in order to gain access to the product's web management interface.Show less
CVE-2021-31518 1Trendmicro 1Home Network Security Nov 21, 2024 May 5, 2021 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerabili...Show more Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31517.Show less
CVE-2021-31517 1Trendmicro 1Home Network Security Nov 21, 2024 May 5, 2021 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerabili...Show more Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31518.Show less
CVE-2021-28648 1Trendmicro 1Antivirus+ Nov 21, 2024 Apr 22, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to fu...Show more Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.Show less
CVE-2021-28647 1Trendmicro 1Password Manager Nov 21, 2024 Apr 13, 2021 N/A· v4 7.8 HIGH· v3 4.4 MEDIUM· v2 Trend Micro Password Manager version 5 (Consumer) is vulnerable to a DLL Hijacking vulnerability which could allow an attacker to inject a malicious DLL file during the installation progress and could execute a malicious...Show more Trend Micro Password Manager version 5 (Consumer) is vulnerable to a DLL Hijacking vulnerability which could allow an attacker to inject a malicious DLL file during the installation progress and could execute a malicious program each time a user installs a program.Show less
CVE-2021-28646 1Trendmicro 2Apex One Officescan Nov 21, 2024 Apr 13, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations.
CVE-2021-28645 1Trendmicro 2Apex One Officescan Nov 21, 2024 Apr 13, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacke...Show more An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-25253 1Trendmicro 2Apex One Officescan Nov 21, 2024 Apr 13, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected...Show more An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-25250 1Trendmicro 2Apex One Officescan Nov 21, 2024 Apr 13, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations....Show more An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less
CVE-2021-25252 1Trendmicro 19Apex Central Apex OneCloud Edge+16 more Nov 21, 2024 Mar 3, 2021 N/A· v4 5.5 MEDIUM· v3 4.9 MEDIUM· v2 Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a sp...Show more Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.Show less
CVE-2021-25251 1Trendmicro 8Antivirus+ Security 2020 Antivirus+ Security 2021Internet Security 2020+5 more Nov 21, 2024 Feb 10, 2021 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program's password protection and disable protection. An...Show more The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program's password protection and disable protection. An attacker must already have administrator privileges on the machine to exploit this vulnerability.Show less
CVE-2021-25249 1Trendmicro 3Apex One OfficescanWorry Free Business Security Nov 21, 2024 Feb 4, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate...Show more An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Show less

Previous 1...121314...28 Next