Lucene search
K

542 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.9 views

CVE-2025-71211

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerabili...

9.8CVSS8.3AI score0.03754EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 1:3 p.m.6 views

CVE-2025-71217

An origin validation error vulnerability in the Trend Micro Apex One mac agent self-protection mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in ord...

7.8CVSS7.3AI score0.00295EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/21 1:2 p.m.16 views

CVE-2025-71216

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent cache mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...

7.3AI score0.00323EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/21 1:2 p.m.8 views

CVE-2025-71216

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent cache mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...

7.8CVSS7.3AI score0.00323EPSS
Exploits0References3
CVE
CVE
added 2026/05/21 1:2 p.m.17 views

CVE-2025-71215

The vulnerability CVE-2025-71215 is a TOCTOU race condition in the Trend Micro Apex One (mac) agent iCore service signature verification that can allow a local attacker with low-privilege code execution to escalate privileges. Affected software is the Apex One mac agent; the flaw arises during si...

7CVSS7.3AI score0.00301EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/21 1:2 p.m.8 views

EUVD-2025-209917

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent iCore service signature verification could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

7CVSS7.3AI score0.00301EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/21 1:2 p.m.19 views

EUVD-2025-209912

An origin validation error vulnerability in the Trend Micro Apex One mac agent iCore service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

7.8CVSS7.3AI score0.00357EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/21 1:2 p.m.12 views

CVE-2025-71212

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS7.3AI score0.00544EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/21 1:2 p.m.7 views

CVE-2025-71212

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS7.3AI score0.00544EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 1:2 p.m.18 views

EUVD-2025-209914

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS7.3AI score0.00544EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/21 1:1 p.m.12 views

EUVD-2025-209909

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via...

9.8CVSS7.7AI score0.03811EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/21 1:1 p.m.10 views

CVE-2025-71210

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via...

9.8CVSS7.7AI score0.03811EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

Trend Micro Apex One 路径遍历漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has a path traversal vulnerability, which originates from the management console. This vulnerability could allow remote attackers to upload malicious code and execute commands...

9.8CVSS7.6AI score0.03754EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.13 views

Trend Micro Apex One 访问控制错误漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has an access control vulnerability, which stems from a source verification error. This vulnerability may allow local attackers to gain elevated privileges...

7.8CVSS7.1AI score0.00337EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.13 views

Trend Micro Apex One和TrendAI Vision One Endpoint Security - Standard Endpoint Protection 访问控制错误漏洞

Trend Micro Apex One and TrendAI Vision One Endpoint Security – Standard Endpoint Protection are products of Trend Micro, a US-based company. Trend Micro Apex One is a terminal protection software. TrendAI Vision One Endpoint Security – Standard Endpoint Protection is an enterprise terminal...

7.8CVSS6.6AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has a security vulnerability, which stems from a race condition between the check time and the usage time in its caching mechanism. This vulnerability could allow local...

7.8CVSS7.1AI score0.00323EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.8 views

Trend Micro Apex One 访问控制错误漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has an access control vulnerability, which stems from errors in the self-protection mechanism’s source verification process. This vulnerability may allow local attackers to ga...

7.8CVSS7.1AI score0.00295EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.11 views

Trend Micro Apex One 后置链接漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has a postback link vulnerability, which stems from issues with the scanning engine’s link tracking mechanism. This vulnerability may allow local attackers to gain elevated...

7.8CVSS7.1AI score0.00544EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2026/05/21 12:0 a.m.13 views

Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability

Trend Micro Apex One on-premise contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations...

6.7CVSS5.9AI score0.12682EPSS
In wildExploits0
Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.9 views

TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apex One console, which listens on TCP ports 8080 and 4343 by default. The issu...

9.8CVSS7.7AI score0.20253EPSS
Exploits0References1
Rows per page
Query Builder