Lucene search
+L

7200 matches found

redhatcve
redhatcve
added 2026/01/10 5:40 a.m.6 views

CVE-2025-69260

A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations. Please note: authentication is not required in order to exploit this vulnerability...

7.5CVSS7AI score0.01419EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 12:41 p.m.9 views

CVE-2023-25146

A security agent link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to quarantine a file, delete the original folder and replace with a junction to an arbitrary location, ultimately leading to an arbitrary file dropped to an arbitrary location. Please note...

7.8CVSS7.2AI score0.0039EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 12:41 p.m.16 views

CVE-2023-25147

An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other means to bypass the protection by using a specifically crafted DLL during a specific update process. Please note: an attacker must first obtain administrative access on t...

6.7CVSS6.8AI score0.00233EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:25 a.m.5 views

CVE-2021-28648

Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 Consumer is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. Please note that an...

7.8CVSS7.3AI score0.00527EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:25 a.m.12 views

CVE-2021-28645

An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

7.8CVSS7.2AI score0.00508EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:25 a.m.7 views

CVE-2021-28649

An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a...

7.3CVSS7.7AI score0.00261EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:23 a.m.11 views

CVE-2021-31521

Trend Micro InterScan Web Security Virtual Appliance version 6.5 was found to have a reflected cross-site scripting XSS vulnerability in the product's Captive Portal...

5.4CVSS5.8AI score0.01398EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:23 a.m.12 views

CVE-2021-31517

Trend Micro Home Network Security 6.5.599 and earlier is vulnerable to a file-parsing vulnerability which could allow an attacker to exploit the vulnerability and cause a denial-of-service to the device. This vulnerability is similar, but not identical to CVE-2021-31518...

7.8CVSS6.3AI score0.01097EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:56 a.m.12 views

CVE-2022-38764

A vulnerability on Trend Micro HouseCall version 1.62.1.1133 and below could allow a local attacker to escalate privlieges due to an overly permissive folder om the product installer...

7.8CVSS6.9AI score0.00211EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:54 a.m.10 views

CVE-2022-23120

A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root. Please note: an attacker must first obtain access to the target agent in...

7.8CVSS7.7AI score0.06378EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 10:54 a.m.10 views

CVE-2022-23119

A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security...

7.5CVSS7AI score0.2225EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 10:53 a.m.6 views

CVE-2022-33158

Trend Micro VPN Proxy Pro version 5.2.1026 and below contains a vulnerability involving some overly permissive folders in a key directory which could allow a local attacker to obtain privilege escalation on an affected system...

7.8CVSS6.9AI score0.00273EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:49 a.m.6 views

CVE-2022-37347

Trend Micro Security 2021 and 2022 Consumer is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the sa...

7.1CVSS6.2AI score0.00284EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:43 a.m.6 views

CVE-2022-26319

An installer search patch element vulnerability in Trend Micro Portable Security 3.0 Pro, 3.0 and 2.0 could allow a local attacker to place an arbitrarily generated DLL file in an installer folder to elevate local privileges. Please note: an attacker must first obtain the ability to execute...

6.9CVSS7AI score0.00279EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:43 a.m.11 views

CVE-2022-26337

Trend Micro Password Manager Consumer installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine...

9.3CVSS6.9AI score0.00672EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:42 a.m.11 views

CVE-2022-26871

An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution...

9.8CVSS7.7AI score0.19633EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:19 a.m.10 views

CVE-2019-18187

Trend Micro OfficeScan versions 11.0 and XG 12.0 could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution RCE. The remote process...

8.8CVSS7.7AI score0.25125EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:8 a.m.7 views

CVE-2019-20357

A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 v160 and 2019 v15 consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system...

7.8CVSS7.3AI score0.00732EPSS
Exploits5References1
redhatcve
redhatcve
added 2026/01/09 10:7 a.m.8 views

CVE-2019-20358

Trend Micro Anti-Threat Toolkit ATTK versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution RCE when executed. Another attack vector similar to CVE-2019-9491 was idenitfi...

7.8CVSS7.8AI score0.12939EPSS
Exploits6References1
thn
thn
added 2026/01/09 10:1 a.m.9 views

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-69258 , carries a CVSS score of 9.8 out ...

9.8CVSS8.3AI score0.0322EPSS
Exploits3
Rows per page
Query Builder