Lucene search
K

699 matches found

CISA KEV Catalog
CISA KEV Catalog
added 2021/11/03 12:0 a.m.13 views

Trend Micro Multiple Products Content Validation Escape Vulnerability

Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components...

8.8CVSS8.3AI score0.05754EPSS
In wildExploits0
BDU FSTEC
BDU FSTEC
added 2021/08/25 12:0 a.m.6 views

The vulnerability of the Apex One and OfficeScan antivirus software lies in errors during the saving of permissions, allowing a hacker to bypass the security measures.

The vulnerability of the Apex One and OfficeScan antivirus software lies in errors during the saving of permissions. Exploiting this vulnerability can allow a remote attacker to bypass security measures...

8.8CVSS7.3AI score0.04341EPSS
Exploits0References8
NVD
NVD
added 2021/08/04 7:15 p.m.20 views

CVE-2021-32465

An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute...

8.8CVSS0.04341EPSS
Exploits0References3
Prion
Prion
added 2021/08/04 7:15 p.m.22 views

Authentication flaw

An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute...

6.5CVSS8.9AI score0.04341EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2021/08/04 6:29 p.m.28 views

CVE-2021-32465

An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute...

9.1AI score0.04341EPSS
Exploits0References3
CVE
CVE
added 2021/08/04 6:29 p.m.74 views

CVE-2021-32465

CVE-2021-32465 is an authenticated bypass vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1. Affected component is the patching/permissions handling where permissions are not preserved during certain operations, enabling a remote attacker to bypass authentication....

8.8CVSS8.9AI score0.04341EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2021/07/30 12:0 a.m.30 views

Multiple Trend Micro Products Input Validation Error Vulnerability

Trend Micro OfficeScan XG is a distributed anti-virus software, and Trend Micro Apex One is an endpoint security protection software that provides automated threat detection and response. Trend Micro Worry-Free Business Security is an enterprise-class information security protection solution...

7.8CVSS1.9AI score0.01482EPSS
Exploits0References1
OSV
OSV
added 2021/07/29 8:15 p.m.3 views

CVE-2021-36741

An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the...

8.8CVSS7.3AI score0.04951EPSS
Exploits0References5
Prion
Prion
added 2021/07/29 8:15 p.m.21 views

Input validation

An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the...

6.5CVSS8.6AI score0.04951EPSS
Exploits0References4Affected Software4
CVE
CVE
added 2021/07/29 7:23 p.m.1100 views

CVE-2021-36742

CVE-2021-36742 is an improper input validation vulnerability that affects Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1. The root cause is flawed input validation that lets a local attacker escalate privileges after obtaining the ability to r...

7.8CVSS7.9AI score0.01482EPSS
In wildExploits0References5Affected Software2
CNNVD
CNNVD
added 2021/07/28 12:0 a.m.6 views

多款Trend Micro产品输入验证错误漏洞

Trend Micro OfficeScan XG is a distributed anti-virus software, and Trend Micro Apex One is an endpoint security protection software that provides automated threat detection and response. Trend Micro Worry-Free Business Security is an enterprise-class information security protection solution...

7.8CVSS8.4AI score0.01482EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/07/28 12:0 a.m.8 views

Trend Micro 多款产品 代码问题漏洞

Trend Micro Apex One and Trend Micro Apex One as a Service are both products of Trend Micro, Inc.Trend Micro Apex One is endpoint protection software.Trend Micro Apex One as a Service is an Trend Micro Apex One as a Service is an enhanced endpoint security solution. A code issue vulnerability...

8.8CVSS8.3AI score0.04951EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.3 views

The vulnerability of the Trend Micro OfficeScan antivirus protection lies in the improper restriction of the path to the restricted access catalog, allowing attackers to execute arbitrary code.

The vulnerability of the Trend Micro OfficeScan antivirus protection relates to an incorrect restriction on the path to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created zip file...

8.7CVSS7.7AI score0.25125EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.5 views

The vulnerability of the Apex One and OfficeScan anti-virus software lies in the ability to disclose information, allowing attackers to connect to the server and identify the number of controlled agents.

The vulnerability of the Apex One and OfficeScan antivirus software relates to the disclosure of information. Exploiting this vulnerability allows a malicious actor to connect to the server remotely and discover the number of controlled agents...

5.3CVSS5.9AI score0.03206EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.4 views

The vulnerability of the Trend Micro OfficeScan antivirus protection, related to privilege management errors, allows a perpetrator to elevate their privileges or cause service interruptions.

The vulnerability of the Trend Micro OfficeScan antivirus protection lies in privilege management errors. Exploiting this vulnerability allows a remote attacker to increase their privileges or cause service interruptions...

7.8CVSS7.2AI score0.00573EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.2 views

The vulnerability of the Apex One and OfficeScan anti-virus software lies in their lack of access control mechanisms, which allows attackers to enhance their privileges.

The vulnerability of the anti-virus software programs Apex One and OfficeScan is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.2AI score0.01909EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.7 views

The vulnerability of the Apex One and OfficeScan antivirus software lies in the insufficient checking of privilege assignments for critical resources, allowing attackers to increase their privileges.

The vulnerability of the anti-virus software programs Apex One and OfficeScan is related to insufficient checking of privilege assignments for critical resources. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.2AI score0.00508EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.4 views

The vulnerability of the Apex One and OfficeScan antivirus software lies in the insufficient checking of privilege assignments for critical resources, allowing a hacker to trigger a service failure.

The vulnerability of the anti-virus software programs Apex One and OfficeScan is related to insufficient checking of permission assignment for critical resources. Exploiting this vulnerability can allow a hacker to cause service failures...

5.5CVSS6AI score0.00424EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.4 views

The vulnerability of the Apex One and OfficeScan anti-virus software relates to the disclosure of information, which allows a malicious actor to gain unauthorized access to protected data.

The vulnerability of the Apex One and OfficeScan antivirus software relates to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.03206EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.5 views

The vulnerability of the Apex One and OfficeScan anti-virus software lies in the ability to disclose information, allowing a malicious actor to gain unauthorized access to protected data.

The vulnerability of the Apex One and OfficeScan antivirus software relates to the disclosure of information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.03206EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder