Lucene search

K

Trend Micro Apex Central Security Vulnerabilities

cve
cve

CVE-2023-52326

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to...

6.1CVSS

6.3AI Score

0.001EPSS

2024-01-23 09:15 PM
17
cve
cve

CVE-2023-52327

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to...

6.1CVSS

6.3AI Score

0.001EPSS

2024-01-23 09:15 PM
13
cve
cve

CVE-2023-52329

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to...

6.1CVSS

6.3AI Score

0.001EPSS

2024-01-23 09:15 PM
16
cve
cve

CVE-2023-52331

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...

7.1CVSS

7AI Score

0.001EPSS

2024-01-23 09:15 PM
13
cve
cve

CVE-2023-52330

A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to execute arbitrary code on affected installations of Trend Micro Apex Central. Please note: user interaction is required to exploit this vulnerability in that the target must visit a malicious page or.....

6.1CVSS

6.2AI Score

0.001EPSS

2024-01-23 09:15 PM
16
cve
cve

CVE-2023-52328

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to...

6.1CVSS

6.3AI Score

0.001EPSS

2024-01-23 09:15 PM
16
cve
cve

CVE-2023-52325

A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitrary code on affected installations. Please note: this vulnerability must be used in conjunction with another one to exploit an affected system. In addition, an attacker.....

7.5CVSS

7.6AI Score

0.006EPSS

2024-01-23 09:15 PM
14
cve
cve

CVE-2023-52324

An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations. Please note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any...

8.8CVSS

9AI Score

0.003EPSS

2024-01-23 09:15 PM
17
cve
cve

CVE-2023-38624

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the.....

5.4CVSS

5.4AI Score

0.001EPSS

2024-01-23 09:15 PM
20
cve
cve

CVE-2023-38627

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the.....

5.4CVSS

5.5AI Score

0.001EPSS

2024-01-23 09:15 PM
15
cve
cve

CVE-2023-38625

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the.....

5.4CVSS

5.5AI Score

0.001EPSS

2024-01-23 09:15 PM
14
cve
cve

CVE-2023-38626

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the.....

5.4CVSS

5.4AI Score

0.001EPSS

2024-01-23 09:15 PM
15
cve
cve

CVE-2023-32604

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on the target system in...

5.4CVSS

5.2AI Score

0.0004EPSS

2023-06-26 10:15 PM
33
cve
cve

CVE-2023-32605

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on the target system in...

5.4CVSS

5.2AI Score

0.0004EPSS

2023-06-26 10:15 PM
20
cve
cve

CVE-2023-32536

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on the target system in...

5.4CVSS

5.2AI Score

0.0004EPSS

2023-06-26 10:15 PM
29
cve
cve

CVE-2023-32532

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through...

6.1CVSS

6.3AI Score

0.002EPSS

2023-06-26 10:15 PM
9
cve
cve

CVE-2023-32537

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on the target system in...

5.4CVSS

5.2AI Score

0.0004EPSS

2023-06-26 10:15 PM
26
cve
cve

CVE-2023-32533

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through...

6.1CVSS

6.3AI Score

0.002EPSS

2023-06-26 10:15 PM
8
cve
cve

CVE-2023-32530

Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution. Please note: an attacker must first obtain authentication on the target system in order to exploit these...

8.8CVSS

9.1AI Score

0.005EPSS

2023-06-26 10:15 PM
9
cve
cve

CVE-2023-32531

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32532 through...

6.1CVSS

6.3AI Score

0.002EPSS

2023-06-26 10:15 PM
8
cve
cve

CVE-2023-32535

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through...

6.1CVSS

6.3AI Score

0.002EPSS

2023-06-26 10:15 PM
26
cve
cve

CVE-2023-32529

Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution. Please note: an attacker must first obtain authentication on the target system in order to exploit these...

8.8CVSS

9.1AI Score

0.005EPSS

2023-06-26 10:15 PM
8
cve
cve

CVE-2023-32534

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through...

6.1CVSS

6.3AI Score

0.002EPSS

2023-06-26 10:15 PM
22
cve
cve

CVE-2022-26871

An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code...

9.8CVSS

9.8AI Score

0.168EPSS

2022-03-29 09:15 PM
963
In Wild
cve
cve

CVE-2021-25252

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted...

5.5CVSS

5.4AI Score

0.0004EPSS

2021-03-03 04:15 PM
31
cve
cve

CVE-2019-19692

Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japanese version of the product is NOT...

6.1CVSS

6AI Score

0.001EPSS

2019-12-20 04:15 PM
26