Vulnerabilities in Trend Micro, Inc.
180 resultsCVE-2025-69260HIGHA message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service conditionEPSS 1.4%CVE-2023-35695—A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 to download a particular log file whichEPSS 1.4%CVE-2025-49219CRITICALAn insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could lead to a pre-authentication remote code exeEPSS 1.3%CVE-2025-47867HIGHA Local File Inclusion vulnerability in a Trend Micro Apex Central widget in versions below 8.0.6955 could allow an attacker to include arbiEPSS 1.3%CVE-2023-32557—A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arEPSS 1.2%CVE-2024-46903MEDIUMA vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive informatiEPSS 1.2%CVE-2025-47865HIGHA Local File Inclusion vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to gain remote codeEPSS 1.2%CVE-2024-52047HIGHA widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected instEPSS 1.1%CVE-2025-49217CRITICALAn insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code exeEPSS 1.0%CVE-2024-41183HIGHTrend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevatioEPSS 1.0%CVE-2023-25069HIGHTXOne StellarOne has an improper access control privilege escalation vulnerability in every version before V2.0.1160 that could allow a maliEPSS 1.0%CVE-2023-52329MEDIUMCertain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an atEPSS 0.9%CVE-2024-36305HIGHA security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected instalEPSS 0.9%CVE-2025-49155HIGHAn uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module could allow an attacker to inject maliciouEPSS 0.8%CVE-2024-36307MEDIUMA security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose senEPSS 0.8%CVE-2022-44654HIGHAffected builds of Trend Micro Apex One and Apex One as a Service contain a monitor engine component that is complied without the /SAFESEH mEPSS 0.8%CVE-2025-49214HIGHAn insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code exEPSS 0.8%CVE-2024-48903HIGHAn improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affectEPSS 0.7%CVE-2022-44648MEDIUMAn Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive infEPSS 0.7%CVE-2022-44647MEDIUMAn Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive infEPSS 0.7%