Lucene search
K

153 matches found

CNNVD
CNNVD
added 2025/06/17 12:0 a.m.3 views

Trend Micro Endpoint Encryption PolicyServer SQL注入漏洞

Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from a post-authentication SQL injection issue that could result in elevated privileges...

7.8CVSS7.7AI score0.0011EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.3 views

Trend Micro Endpoint Encryption PolicyValueTableSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PolicyValueTableSerializationBinder class. The issue results from th...

9.8CVSS7.8AI score0.07935EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.16 views

Trend Micro Endpoint Encryption PolicyServerWindowsService Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PolicyServerWindowsService class. The issue results from the lack of...

9.8CVSS7.8AI score0.07935EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.4 views

Trend Micro Endpoint Encryption GetGroupFilteredUsers SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.8AI score0.00339EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.5 views

Trend Micro Endpoint Encryption BuildEnterpriseSearchString SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.8AI score0.0011EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.6 views

Trend Micro Endpoint Encryption DeserializeFromBase64String Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.9AI score0.07935EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.5 views

Trend Micro Endpoint Encryption DbAppDomain Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Endpoint Encryption. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DbAppDomain service. The issue results from an improper implementatio...

9.8CVSS7.3AI score0.00489EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.4 views

Trend Micro Endpoint Encryption ProcessWhereClause SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.8AI score0.0011EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.5 views

Trend Micro Endpoint Encryption ValidateToken Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the ValidateToken method. The issue results from t...

8.1CVSS7.8AI score0.01024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.6 views

PT-2025-25268 · Trend Micro · Trend Micro Endpoint Encryption

Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption affected versions not specified Description: The issue is related to an authentication bypass, allowing an attacker to access key methods as an admin user and modify product configurations on affected...

9.8CVSS9.3AI score0.00489EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.8 views

PT-2025-25270 · Trend Micro · Trend Micro Endpoint Encryption

Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption affected versions not specified Description: A post-auth SQL injection issue could allow an attacker to escalate privileges on affected installations. This requires the attacker to first obtain the ability to...

7.7CVSS7.4AI score0.0011EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.5 views

PT-2025-25269 · Trend Micro · Trend Micro Endpoint Encryption

Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption affected versions not specified Description: The issue is related to an insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer, which could lead to a pre-authentication remote co...

9.8CVSS9.5AI score0.01024EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.5 views

PT-2025-25267 · Trend Micro · Trend Micro Endpoint Encryption

Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption affected versions not specified Description: A post-auth SQL injection issue could allow an attacker to escalate privileges on affected installations. The attacker must first obtain the ability to execute...

8.8CVSS7.2AI score0.00339EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 6:1 a.m.5 views

CVE-2023-28005

A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the...

6.8CVSS6.7AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:58 a.m.10 views

CVE-2019-9703

Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels...

7.8CVSS7.2AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:14 a.m.10 views

CVE-2019-9702

Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels...

7.8CVSS7.2AI score0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.7 views

PT-2025-25266 · Trend Micro · Trend Micro Endpoint Encryption

Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption TMEE affected versions not specified Description: The issue is related to insufficient input validation in the PolicyServerWindowsService class of the Trend Micro Endpoint Encryption TMEE PolicyServer data...

10CVSS9.4AI score0.07935EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.5 views

PT-2025-25265 · Trend Micro · Trend Micro Endpoint Encryption

Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption versions prior to 6.0.0.4013 Description: An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected...

9.8CVSS9.5AI score0.07935EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.8 views

PT-2025-25264 · Trend Micro · Trend Micro Endpoint Encryption

Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption affected versions not specified Description: A SQL injection issue allows an attacker to escalate privileges on affected installations. To exploit this, an attacker must first obtain the ability to execute...

9CVSS7.4AI score0.0011EPSS
Exploits0References7
NVD
NVD
added 2023/03/22 6:15 a.m.24 views

CVE-2023-28005

A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the...

6.8CVSS6.4AI score0.00196EPSS
Exploits0References1
Rows per page
Query Builder