Lucene search
K

32 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-31730

Malicious code in bioql PyPI...

6.8CVSS6.7AI score0.00196EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/07 3:25 a.m.3 views

Trend Micro Endpoint security products for enterprises vulnerable to multiple OS command injection

Overview Trend Micro Endpoint security products for enterprises contain the following vulnerabilities. OS command injection vulnerability in the management console CWE-78 - CVE-2025-54948, CVE-2025-54987 Trend Micro Incorporated has reported that attacks exploiting CVE-2025-54948 have been observ...

9.8CVSS8.3AI score0.20253EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/06/23 8:38 a.m.6 views

CVE-2025-49218

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. This is similar to, but not identical to CVE-2025-49215. Please note: an attacker must first obtain the ability to execute...

8.8CVSS8.6AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:38 a.m.5 views

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS8.2AI score0.00755EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:38 a.m.5 views

CVE-2025-49217

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49213 but is in a different method...

9.8CVSS8.1AI score0.07935EPSS
Exploits0References1
NVD
NVD
added 2025/06/17 9:15 p.m.6 views

CVE-2025-49213

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49212 but is in a different method...

9.8CVSS0.07935EPSS
Exploits0References2
NVD
NVD
added 2025/06/17 9:15 p.m.5 views

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS0.00755EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:28 p.m.3 views

CVE-2025-49218

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. This is similar to, but not identical to CVE-2025-49215. Please note: an attacker must first obtain the ability to execute...

7.7CVSS8.2AI score0.0011EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/17 8:28 p.m.11 views

CVE-2025-49217

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49213 but is in a different method...

9.8CVSS0.01024EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:28 p.m.2 views

CVE-2025-49217

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49213 but is in a different method...

9.8CVSS9.9AI score0.01024EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/17 8:28 p.m.8 views

CVE-2025-49215

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS0.00339EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:28 p.m.2 views

CVE-2025-49215

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS8.5AI score0.00339EPSS
Exploits0References2
CVE
CVE
added 2025/06/17 8:28 p.m.24 views

CVE-2025-49215

CVE-2025-49215 describes a post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer that can lead to privilege escalation on affected installations. The main affected component is PolicyServer; the underlying issue is an SQL injection flaw exploitable after the at...

8.8CVSS8.2AI score0.00339EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/06/17 8:27 p.m.8 views

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS0.00755EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:27 p.m.5 views

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS9AI score0.00755EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/17 8:27 p.m.9 views

CVE-2025-49213

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49212 but is in a different method...

9.8CVSS0.07935EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:27 p.m.4 views

CVE-2025-49212

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method...

9.8CVSS9.7AI score0.07935EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:16 p.m.5 views

CVE-2025-49211

A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability...

7.7CVSS8.5AI score0.0011EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.3 views

Trend Micro Endpoint Encryption PolicyServer 安全漏洞

Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from a post-authentication SQL injection issue that could result in elevated privileges...

8.8CVSS7.6AI score0.00339EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.4 views

Trend Micro Endpoint Encryption BuildEnterpriseSearchString SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.8AI score0.0011EPSS
Exploits0References1
Rows per page
Query Builder