16 matches found
EUVD-2018-17983
Malware in sbrugna...
EUVD-2018-17989
Malware in sbrugna...
CVE-2018-10356
A SQL injection remote code execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRequestDomains class. Authentication is required to exploit this vulnerability...
CVE-2018-10353
A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to disclose sensitive information on vulnerable installations due to a flaw in the formChangePass class. Authentication is required to exploit this vulnerability...
CVE-2018-10354
A command injection remote command execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the LauncherServer. Authentication is required to exploit this vulnerability...
CVE-2018-10353
A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to disclose sensitive information on vulnerable installations due to a flaw in the formChangePass class. Authentication is required to exploit this vulnerability...
CVE-2018-6227
A stored cross-site scripting XSS vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject client-side scripts into vulnerable systems...
CVE-2018-6226
Reflected cross-site scripting XSS vulnerabilities in two Trend Micro Email Encryption Gateway 5.5 configuration files could allow an attacker to inject client-side scripts into vulnerable systems...
CVE-2018-6225
An XML external entity injection XXE vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an authenticated user to expose a normally protected configuration script...
Cross site request forgery (csrf)
A lack of cross-site request forgery CSRF protection vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to submit authenticated requests to a user browsing an attacker-controlled domain...
Xxe
An XML external entity injection XXE vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an authenticated user to expose a normally protected configuration script...
CVE-2018-6221
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle attacker to tamper with an update file and inject their own...
CVE-2018-6225
An XML external entity injection XXE vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an authenticated user to expose a normally protected configuration script...
Trend Micro Email Encryption Gateway Multiple Vulnerabilities
1. Advisory Information Title: Trend Micro Email Encryption Gateway Multiple Vulnerabilities Advisory ID: CORE-2017-0006 Advisory URL:http://www.coresecurity.com/core-labs/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities Date published: 2018-02-21 Date of last update:...
CVE-2016-4351
Trend Micro Email Encryption Gateway (TMEEG) 5.5 before build 1107 is affected by CVE-2016-4351, a SQL injection in the authentication functionality that allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Public disclosures (CNVD, NVD, CVE) describe authentication ...
CVE-2016-4351
SQL injection vulnerability in the authentication functionality in Trend Micro Email Encryption Gateway TMEEG 5.5 before build 1107 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...