2428 matches found
CVE-2024-48903
An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
CVE-2024-46903
Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above are affected by a SQL injection-related information disclosure vulnerability (CVE-2024-46903). The issue resides in the web service that processes inputs and leads to unauthorized disclosure of sensitive installation data. Exploita...
CVE-2024-46903
A vulnerability in Trend Micro Deep Discovery Inspector DDI versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
CVE-2024-46902
A vulnerability in Trend Micro Deep Discovery Inspector DDI versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code admin user rights on the target system in ord...
CVE-2024-46902
A vulnerability in Trend Micro Deep Discovery Inspector DDI versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code admin user rights on the target system in ord...
CVE-2024-46902
Affected product: Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above. The issue is described as a SQL injection vulnerability in the web service that can lead to disclosure of sensitive information in affected installations. Exploitation details in the public docs indicate that aut...
Multiple SQL injection vulnerabilities in Trend Micro Deep Discovery Inspector
Overview Trend Micro Incorporated has released a security update for Trend Micro Deep Discovery Inspector. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Information disclosure due to multiple SQL injection vulnerabilities...
Trend Micro Deep Discovery Inspector 安全漏洞
Trend Micro Deep Discovery Inspector is a physical or virtual network appliance from Trend Micro that monitors networks in 360 degrees. A security vulnerability exists in Trend Micro Deep Discovery Inspector version 5.8 and earlier, which originated from a vulnerability that allows an attacker to...
Trend Micro Deep Security Agent 安全漏洞
Trend Micro Deep Security Agent is a security solution from Trend Micro, Inc. that is primarily used to protect data and applications in servers, virtual machines, and cloud environments. A security vulnerability exists in versions prior to Trend Micro Deep Security Agent 20.0.1-17380, which stem...
Trend Micro Deep Discovery Inspector SQL注入漏洞
Trend Micro Deep Discovery Inspector is a physical or virtual network appliance from Trend Micro that monitors networks in 360 degrees. A security vulnerability exists in Trend Micro Deep Discovery Inspector version 5.8 and earlier, which originated from a vulnerability that allows an attacker to...
PT-2024-33260 · Trend Micro · Trend Micro Deep Security Agent
Name of the Vulnerable Software and Affected Versions: Trend Micro Deep Security Agent version 20 Description: An improper access control vulnerability could allow a local attacker to escalate privileges on affected installations. To exploit this issue, an attacker must first obtain the ability t...
Microsoft DeepSpeed Remote Code Execution Vulnerability
Microsoft DeepSpeed is an easy-to-use deep learning optimization software suite from Microsoft that delivers unprecedented scale and speed for DL training and inference. A remote code execution vulnerability exists in Microsoft DeepSpeed, which can be exploited by an attacker to execute arbitrary...
Trend Micro Deep Security Improper Access Control Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
CVE-2024-8159
Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulnerability by triggering the 0x70014 IOCTL code of the FarDisk.sys driver...
CVE-2024-8159
The CVE-2024-8159 issue affects Deep Freeze 9.00.020.5760 and is caused by an out-of-bounds read in the FarDisk.sys driver triggered by IOCTL 0x70014. Documents state it is locally exploitable and can lead to system compromise; the known remediation is to patch to an updated Deep Freeze build whe...
CVE-2024-8159 Deep Freeze 9.00.020.5760 - Out-of-bounds read
Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulnerability by triggering the 0x70014 IOCTL code of the FarDisk.sys driver...
CVE-2024-8159 Deep Freeze 9.00.020.5760 - Out-of-bounds read
Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulnerability by triggering the 0x70014 IOCTL code of the FarDisk.sys driver...
Faronics Deep Freeze 缓冲区错误漏洞
Faronics Deep Freeze is a system recovery software developed by Faronics, Inc. A buffer error vulnerability exists in Faronics Deep Freeze version 9.00.020.5760, which stems from susceptibility to an out-of-bounds read vulnerability that can trigger the 0x70014 IOCTL code in the FarDisk.sys drive...
Malicious code in ember-deep-addon (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 763decfff27047bed7d5991b9c41ce3e64765e24eb5f2ee06017d2602c942e1f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9070 Malicious code in ember-deep-addon (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 763decfff27047bed7d5991b9c41ce3e64765e24eb5f2ee06017d2602c942e1f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...