Lucene search
K

699 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.6 views

CVE-2021-25235

An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about a content inspection configuration file...

5.3CVSS6.6AI score0.02083EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.6 views

CVE-2021-25239

An improper access control vulnerability in Trend Micro Apex One on-prem, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about x86 agent hotfixes...

5.3CVSS6.6AI score0.02094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.11 views

CVE-2021-25231

An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific hotfix history file...

5.3CVSS6.6AI score0.02153EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:29 p.m.10 views

CVE-2021-25230

An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the contents of a scan connection exception file...

5.3CVSS6.6AI score0.02083EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:51 p.m.7 views

CVE-2020-8467

A migration tool component of Trend Micro Apex One 2019 and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations RCE. An attempted attack requires user authentication...

8.8CVSS7.7AI score0.10793EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:36 p.m.9 views

CVE-2020-28573

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server...

5.3CVSS6.7AI score0.03206EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:36 p.m.15 views

CVE-2020-28577

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names...

5.3CVSS6.7AI score0.03206EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:36 p.m.7 views

CVE-2020-28582

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents...

5.3CVSS6.7AI score0.03206EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:36 p.m.11 views

CVE-2020-28583

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information...

5.3CVSS6.7AI score0.03206EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:27 p.m.9 views

CVE-2020-28576

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information...

5.3CVSS6.7AI score0.03206EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:57 a.m.8 views

CVE-2019-9492

A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. The attacker must have already gained authentication and have local access to the vulnerable...

7.8CVSS7.5AI score0.00596EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:26 a.m.6 views

CVE-2019-19691

A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. Note that the attacker must already have admin/root privileges on the product console to exploit this vulnerability...

4.9CVSS6.8AI score0.01158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:39 a.m.6 views

CVE-2017-8801

Trend Micro OfficeScan 11.0 before SP1 CP 6325 with Agent Module Build before 6152 and XG before CP 1352 has XSS via a crafted URI using a blocked website...

6.1CVSS5.8AI score0.00732EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2023/05/24 12:0 a.m.370 views

Trend Micro OfficeScan Client 10.0 Local Privilege Escalation

Exploit Title: Trend Micro OfficeScan Client 10.0 - ACL Service LPE Date: 2023/05/04 Exploit Author: msd0pe Vendor Homepage: https://www.trendmicro.com My Github: https://github.com/msd0pe-1 Trend Micro OfficeScan Client: Versions = icacls "C:\Program Files x86\Trend Micro\OfficeScan Client"...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/05/23 12:0 a.m.170 views

Trend Micro OfficeScan Client 10.0 - ACL Service Local Privilege Escalation Vulnerability

Exploit Title: Trend Micro OfficeScan Client 10.0 - ACL Service LPE Exploit Author: msd0pe Vendor Homepage: https://www.trendmicro.com My Github: https://github.com/msd0pe-1 Trend Micro OfficeScan Client: Versions = icacls "C:\Program Files x86\Trend Micro\OfficeScan Client" C:\Program Files...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/23 12:0 a.m.232 views

Trend Micro OfficeScan Client 10.0 - ACL Service LPE

Exploit Title: Trend Micro OfficeScan Client 10.0 - ACL Service LPE Date: 2023/05/04 Exploit Author: msd0pe Vendor Homepage: https://www.trendmicro.com My Github: https://github.com/msd0pe-1 Trend Micro OfficeScan Client: Versions = icacls "C:\Program Files x86\Trend Micro\OfficeScan Client"...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/11/08 12:0 a.m.33 views

Trend Micro OfficeScan 10 SP1 < 10 SP1 Patch 2329 Multiple Vulnerabilities (000287815)

According to its self-reported version, the Trend Micro OfficeScan application running on the remote host is prior to 10 SP1 Patch 2329. It is, therefore, affected by multiple vulnerabilities: - An improper input validation vulnerability has been identified in business security. This may allow yo...

8.8CVSS8.2AI score0.04951EPSS
Exploits0References3
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.10 views

Trend Micro OfficeScan Directory Traversal Vulnerability

Trend Micro OfficeScan contains a directory traversal vulnerability by extracting files from a zip file to a specific folder on the OfficeScan server, leading to remote code execution...

8.8CVSS7.8AI score0.25125EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.13 views

Trend Micro Multiple Products Content Validation Escape Vulnerability

Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components...

8.8CVSS8.3AI score0.05754EPSS
In wildExploits0
CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.23 views

Trend Micro Apex One and OfficeScan Authentication Bypass Vulnerability

Trend Micro Apex One and OfficeScan server contain a vulnerable EXE file that could allow a remote attacker to write data to a path on affected installations and bypass root login...

10CVSS8.9AI score0.11576EPSS
In wildExploits0
Rows per page
Query Builder