209 matches found
CVE-2025-30642
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service DoS situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
CVE-2025-30642
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service DoS situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
CVE-2025-30642
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service DoS situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
CVE-2025-30642
CVE-2025-30642 concerns a local DoS in Trend Micro Deep Security Agent 20.0 caused by a link-following issue in the Damage Cleanup Engine. An attacker who can run code with low privileges on the target can trigger a denial of service by creating a junction that leads to file deletion, according t...
CVE-2025-30641
CVE-2025-30641 is a local privilege-escalation in Trend Micro Deep Security Deep Security Agent’s Anti-Malware component (20.0). The flaw arises from a link-following issue that can be exploited by a local attacker who already has low-privilege code execution to escalate privileges, potentially v...
CVE-2025-30641
A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in...
CVE-2025-30640
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...
CVE-2025-30640
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...
CVE-2025-30640
CVE-2025-30640 is a confirmed local privilege escalation affecting Trend Micro Deep Security 20.0 agents, attributed to a link-following flaw in the Anti-Malware/Deep Security Platform. The root cause involves abusing symbolic links to escalate privileges, with an attacker needing to run low-priv...
Trend Micro Deep Security 后置链接漏洞
Trend Micro Deep Security is a server deep security protection system client from Trend Micro. A security vulnerability exists in Trend Micro Deep Security version 20.0 that stems from a link following issue in the anti-malware component that could lead to elevated privileges...
Trend Micro Deep Security 后置链接漏洞
Trend Micro Deep Security is a server deep security system client from Trend Micro. A security vulnerability exists in Trend Micro Deep Security version 20.0 that stems from a link-following issue that could lead to a denial of service...
Trend Micro Deep Security 后置链接漏洞
Trend Micro Deep Security is a server deep security system client from Trend Micro. A security vulnerability exists in Trend Micro Deep Security version 20.0 that stems from a link-following issue that could lead to elevated privileges...
CVE-2024-55955
An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...
CVE-2023-52337
An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileg...
CVE-2022-40707
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code o...
CVE-2022-40710
A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2022-40708
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code o...
CVE-2019-9488
Trend Micro Deep Security Manager 10.x, 11.x and Vulnerability Protection 2.0 are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep Security Manager DSM...
CVE-2019-15627
Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected...
CVE-2019-15626
The Deep Security Manager application Versions 10.0, 11.0 and 12.0, when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability...