Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

50 matches found

Check Point Advisories
Check Point Advisoriesadded 2020/12/27 12:0 a.m.1 views

Trend Micro IMSVA External Entity Injection (CVE-2020-27017)

An XXE vulnerability exists in Trend Micro InterScan Messaging Virtual Appliance. The vulnerability is due to insufficient validation of XML data in the Java class PolicyWSAction...

4CVSS4.1AI score0.00998EPSS
Exploits2
OSV
OSVadded 2020/11/09 11:15 p.m.1 views

CVE-2020-27693

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 stores administrative passwords using a hash that is considered outdated...

4.4CVSS5.8AI score
Exploits0References2
NVD
NVDadded 2020/11/09 11:15 p.m.7 views

CVE-2020-27016

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to a cross-site request forgery CSRF vulnerability which could allow an attacker to modify policy rules by tricking an authenticated administrator into accessing an attacker-controlled web page. An attacker must...

8.8CVSS8.7AI score0.00286EPSS
Exploits2References2
NVD
NVDadded 2020/11/09 11:15 p.m.12 views

CVE-2020-27693

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 stores administrative passwords using a hash that is considered outdated...

4.4CVSS4.8AI score0.0008EPSS
Exploits2References2
NVD
NVDadded 2020/11/09 11:15 p.m.6 views

CVE-2020-27018

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's web server and grant access to web resources or parts of local files. An attacker must already have...

5.5CVSS5.4AI score0.00137EPSS
Exploits2References2
NVD
NVDadded 2020/11/09 11:15 p.m.8 views

CVE-2020-27694

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 has updated a specific critical library that may vulnerable to attack...

8.8CVSS8.6AI score0.01113EPSS
Exploits2References2
NVD
NVDadded 2020/11/09 11:15 p.m.10 views

CVE-2020-27017

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to an XML External Entity Processing XXE vulnerability which could allow an authenticated administrator to read arbitrary local files. An attacker must already have obtained product administrator/root privileges to...

4.9CVSS5AI score0.00998EPSS
Exploits2References2
NVD
NVDadded 2020/11/09 11:15 p.m.8 views

CVE-2020-27019

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key...

5.5CVSS5.3AI score0.00137EPSS
Exploits2References2
Prion
Prionadded 2020/11/09 11:15 p.m.8 views

Server side request forgery (ssrf)

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's web server and grant access to web resources or parts of local files. An attacker must already have...

2.1CVSS5.4AI score0.00137EPSS
Exploits2References2Affected Software1
Prion
Prionadded 2020/11/09 11:15 p.m.13 views

Design/Logic Flaw

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 has updated a specific critical library that may vulnerable to attack...

6.5CVSS8.5AI score0.01113EPSS
Exploits2References2Affected Software1
Prion
Prionadded 2020/11/09 11:15 p.m.11 views

Cross site request forgery (csrf)

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to a cross-site request forgery CSRF vulnerability which could allow an attacker to modify policy rules by tricking an authenticated administrator into accessing an attacker-controlled web page. An attacker must...

6.8CVSS8.6AI score0.00286EPSS
Exploits2References2Affected Software1
Prion
Prionadded 2020/11/09 11:15 p.m.15 views

Design/Logic Flaw

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 stores administrative passwords using a hash that is considered outdated...

2.1CVSS4.8AI score0.0008EPSS
Exploits2References2Affected Software1
Prion
Prionadded 2020/11/09 11:15 p.m.10 views

Information disclosure

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key...

2.1CVSS5.2AI score0.00137EPSS
Exploits2References2Affected Software1
Prion
Prionadded 2020/11/09 11:15 p.m.9 views

Xxe

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to an XML External Entity Processing XXE vulnerability which could allow an authenticated administrator to read arbitrary local files. An attacker must already have obtained product administrator/root privileges to...

4CVSS5AI score0.00998EPSS
Exploits2References2Affected Software1
CVE
CVEadded 2020/11/09 11:10 p.m.29 views

CVE-2020-27693

CVE-2020-27693 affects Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1. The vulnerability is that administrative passwords are stored using an outdated hash. Public details in connected sources include an SEC Consult advisory listing IMSVA vulnerability data with vulnerable...

4.4CVSS4.8AI score0.0008EPSS
Exploits2References2Affected Software1
Cvelist
Cvelistadded 2020/11/09 11:10 p.m.14 views

CVE-2020-27019

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key...

5.3AI score0.00137EPSS
Exploits2References2
Cvelist
Cvelistadded 2020/11/09 11:10 p.m.11 views

CVE-2020-27694

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA 9.1 has updated a specific critical library that may vulnerable to attack...

8.7AI score0.01113EPSS
Exploits2References2
CVE
CVEadded 2020/11/09 11:10 p.m.36 views

CVE-2020-27694

CVE-2020-27694 affects Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1. The issue arises from updating a specific critical library, creating a potential vulnerability. NVD data lists a high-severity impact (CVSS 3.1 base 8.8) with network access and low attack complexity, a...

8.8CVSS8.5AI score0.01113EPSS
Exploits2References2Affected Software1
CVE
CVEadded 2020/11/09 11:10 p.m.28 views

CVE-2020-27019

Summary of CVE-2020-27019 (IMSVA 9.1) : The Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) version 9.1 is affected by an information-disclosure vulnerability that could allow an attacker to access a specific database and key. The issue is documented across multiple sources in ...

5.5CVSS5.2AI score0.00137EPSS
Exploits2References2Affected Software1
CVE
CVEadded 2020/11/09 11:10 p.m.52 views

CVE-2020-27018

CVE-2020-27018 affects Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1. The issue is a server-side request forgery (SSRF) vulnerability in the product’s web server that, when abused by an authenticated attacker, could grant access to web resources or parts of local files. V...

5.5CVSS5.3AI score0.00137EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder