52 matches found
EUVD-2021-12145
Malware in sbrugna...
EUVD-2020-20980
Malware in sbrugna...
EUVD-2021-12141
Malware in sbrugna...
EUVD-2021-12143
Malware in sbrugna...
CVE-2021-25234
An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific notification configuration file...
Authentication flaw
An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute...
CVE-2021-32465
An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute...
CVE-2021-32465
CVE-2021-32465 is an authenticated bypass vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1. Affected component is the patching/permissions handling where permissions are not preserved during certain operations, enabling a remote attacker to bypass authentication....
CVE-2021-28646
An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations...
CVE-2021-28645
An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2021-25250
An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute...
CVE-2021-25253
An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to...
Design/Logic Flaw
An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations...
CVE-2021-28646
CVE-2021-28646 describes an insecure file-permissions flaw in Trend Micro Apex One, Apex One as a Service, and OfficeScan XG SP1 that could allow a local attacker to take control of a specific log file on affected installations. Connected sources indicate the root cause is improper log-file permi...
CVE-2021-28645
CVE-2021-28645 affects Trend Micro Apex One, Apex One as a Service, and OfficeScan XG SP1. The root cause is an incorrect permissions assignment on a resource used by the ApexOne Security Agent, enabling a local attacker who can run low-privileged code to escalate to higher privileges (up to SYST...
CVE-2021-25253
CVE-2021-25253 affects Trend Micro Apex One, Apex One as a Service, and OfficeScan XG SP1. The issue is caused by improper access control on a resource used by the Apex One service, enabling a local attacker who can run low-privilege code to escalate privileges (often to SYSTEM) on affected insta...
CVE-2021-25242
An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain version and build information...
CVE-2021-25246
An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that could be used then make valid configuration...
CVE-2021-25238
An improper access control information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about an agent's managing port...
CVE-2021-25229
An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the database server...