Lucene search
K

153 matches found

Cvelist
Cvelist
added 2025/06/17 8:28 p.m.13 views

CVE-2025-49216

An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations...

9.8CVSS0.00489EPSS
Exploits0References2
CVE
CVE
added 2025/06/17 8:28 p.m.30 views

CVE-2025-49216

The CVE-2025-49216 entry relates to Trend Micro Endpoint Encryption PolicyServer. The connected ZDI advisory (ZDI-25-373) states an authentication bypass exists in the DbAppDomain service, enabling remote attackers to bypass authentication and act with admin-level access to modify product configu...

9.8CVSS9.7AI score0.00489EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/17 8:28 p.m.5 views

CVE-2025-49216

An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations...

9.8CVSS9.7AI score0.00489EPSS
Exploits0References2
CVE
CVE
added 2025/06/17 8:28 p.m.24 views

CVE-2025-49215

CVE-2025-49215 describes a post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer that can lead to privilege escalation on affected installations. The main affected component is PolicyServer; the underlying issue is an SQL injection flaw exploitable after the at...

8.8CVSS8.2AI score0.00347EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/06/17 8:28 p.m.11 views

CVE-2025-49215

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS0.00347EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/17 8:27 p.m.10 views

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS0.00772EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:27 p.m.5 views

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS9AI score0.00772EPSS
Exploits0References2
CVE
CVE
added 2025/06/17 8:27 p.m.40 views

CVE-2025-49213

CVE-2025-49213 describes an insecure deserialization flaw in the Trend Micro Endpoint Encryption PolicyServer that could allow pre-authentication remote code execution on affected installations. According to the available description, the vulnerability is in a different method than CVE-2025-49212...

9.8CVSS9.7AI score0.08324EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/06/17 8:27 p.m.16 views

CVE-2025-49212

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method...

9.8CVSS0.08324EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:27 p.m.4 views

CVE-2025-49212

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method...

9.8CVSS9.7AI score0.08324EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/17 8:16 p.m.9 views

CVE-2025-49211

A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability...

7.7CVSS0.00113EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:16 p.m.6 views

CVE-2025-49211

A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability...

7.7CVSS8.5AI score0.00113EPSS
Exploits0References2
CVE
CVE
added 2025/06/17 8:16 p.m.36 views

CVE-2025-49211

CVE-2025-49211 describes a SQL injection in Trend Micro Endpoint Encryption PolicyServer that can escalate privileges. Public details identify the flaw in the BuildEnterpriseSearchString SQL construction as the root cause and note that authentication is reportedly required but can be bypassed to ...

7.8CVSS8AI score0.00113EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.5 views

Trend Micro Endpoint Encryption PolicyServer 安全漏洞

Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from improper deserialization and could lead to pre-authenticated remote code execution...

9.8CVSS7.8AI score0.08324EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.4 views

Trend Micro Endpoint Encryption PolicyServer SQL注入漏洞

Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from a SQL injection issue that could result in elevated privileges...

7.8CVSS7.7AI score0.00113EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.6 views

Trend Micro Endpoint Encryption PolicyServer 安全漏洞

Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from an authentication bypass issue that could result in modification of the product configuration...

9.8CVSS7AI score0.00489EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.5 views

Trend Micro Endpoint Encryption PolicyServer 安全漏洞

Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from improper deserialization and could lead to pre-authenticated remote code execution...

9.8CVSS7.9AI score0.01024EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.5 views

PT-2025-25760 · Trend Micro · Trend Micro Endpoint Encryption Policyserver

Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption PolicyServer affected versions not specified Description: The issue is related to an insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer, which could lead to a...

8.8CVSS7.1AI score0.00772EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.6 views

Trend Micro Endpoint Encryption PolicyServer 安全漏洞

Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from improper deserialization and could lead to pre-authenticated remote code execution...

9.8CVSS7.8AI score0.08324EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.4 views

Trend Micro Endpoint Encryption PolicyServer SQL注入漏洞

Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from a post-authentication SQL injection issue that could result in elevated privileges...

7.8CVSS7.7AI score0.00113EPSS
Exploits0References3
Rows per page
Query Builder