Vulnerabilities in Trend Micro

315 results

CVE-2021-25234—An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.EPSS 2.1%CVE-2021-25233—An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.EPSS 2.1%CVE-2020-25774—A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to trigger an out-of-bounds red informatioEPSS 2.1%CVE-2021-25232—An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated useEPSS 2.0%CVE-2020-8603—A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamperEPSS 2.0%CVE-2021-25253—An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource usedEPSS 1.9%CVE-2021-25236—A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security EPSS 1.9%CVE-2020-27016—Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a cross-site request forgery (CSRF) vulnerability whEPSS 1.9%CVE-2021-25241—A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 EPSS 1.9%CVE-2019-14688—Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had aEPSS 1.8%CVE-2018-18333—A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipuEPSS 1.8%CVE-2020-24560—An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allEPSS 1.8%CVE-2017-11397—A service DLL preloading vulnerability in Trend Micro Encryption for Email versions 5.6 and below could allow an unauthenticated remote attaEPSS 1.8%CVE-2019-15626—The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communicatEPSS 1.8%CVE-2020-27693—Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative passwords using a hash that is considered outdaEPSS 1.8%CVE-2018-3600—A external entity processing information disclosure (XXE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to EPSS 1.7%CVE-2021-25246—An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and WorryEPSS 1.7%CVE-2018-6227—A stored cross-site scripting (XSS) vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject client-side EPSS 1.7%CVE-2018-6226—Reflected cross-site scripting (XSS) vulnerabilities in two Trend Micro Email Encryption Gateway 5.5 configuration files could allow an attaEPSS 1.7%CVE-2020-15604—An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allEPSS 1.6%

← previouspage 7 / 16next →