153 matches found
Trend Micro Endpoint Encryption PolicyServer SQL注入漏洞
Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from a post-authentication SQL injection issue that could result in elevated privileges...
Trend Micro Endpoint Encryption PolicyValueTableSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PolicyValueTableSerializationBinder class. The issue results from th...
Trend Micro Endpoint Encryption PolicyServerWindowsService Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PolicyServerWindowsService class. The issue results from the lack of...
Trend Micro Endpoint Encryption GetGroupFilteredUsers SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Trend Micro Endpoint Encryption BuildEnterpriseSearchString SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Trend Micro Endpoint Encryption DeserializeFromBase64String Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Trend Micro Endpoint Encryption DbAppDomain Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Endpoint Encryption. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DbAppDomain service. The issue results from an improper implementatio...
Trend Micro Endpoint Encryption ProcessWhereClause SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Trend Micro Endpoint Encryption ValidateToken Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the ValidateToken method. The issue results from t...
PT-2025-25268 · Trend Micro · Trend Micro Endpoint Encryption
Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption affected versions not specified Description: The issue is related to an authentication bypass, allowing an attacker to access key methods as an admin user and modify product configurations on affected...
PT-2025-25270 · Trend Micro · Trend Micro Endpoint Encryption
Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption affected versions not specified Description: A post-auth SQL injection issue could allow an attacker to escalate privileges on affected installations. This requires the attacker to first obtain the ability to...
PT-2025-25269 · Trend Micro · Trend Micro Endpoint Encryption
Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption affected versions not specified Description: The issue is related to an insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer, which could lead to a pre-authentication remote co...
PT-2025-25267 · Trend Micro · Trend Micro Endpoint Encryption
Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption affected versions not specified Description: A post-auth SQL injection issue could allow an attacker to escalate privileges on affected installations. The attacker must first obtain the ability to execute...
CVE-2023-28005
A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the...
CVE-2019-9703
Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels...
CVE-2019-9702
Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels...
PT-2025-25266 · Trend Micro · Trend Micro Endpoint Encryption
Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption TMEE affected versions not specified Description: The issue is related to insufficient input validation in the PolicyServerWindowsService class of the Trend Micro Endpoint Encryption TMEE PolicyServer data...
PT-2025-25265 · Trend Micro · Trend Micro Endpoint Encryption
Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption versions prior to 6.0.0.4013 Description: An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected...
PT-2025-25264 · Trend Micro · Trend Micro Endpoint Encryption
Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption affected versions not specified Description: A SQL injection issue allows an attacker to escalate privileges on affected installations. To exploit this, an attacker must first obtain the ability to execute...
CVE-2023-28005
A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the...