Lucene search
+L

431 matches found

CVE
CVE
added 2020/12/17 9:5 p.m.44 views

CVE-2020-8465

CVE-2020-8465 affects Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2. Connected sources describe it as part of multiple vulnerabilities in IWSVA (with CVEs 2020-8461/8464) that enable authentication bypass and remote code execution, potentially allowing code execution as root via sy...

10CVSS8.3AI score0.02574EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2020/12/17 9:5 p.m.22 views

CVE-2020-8465

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass CVE-2020-8461 and authentication bypass CVE-2020-8464 to execute code as user root...

8.4AI score0.02574EPSS
Exploits2References2
Cvelist
Cvelist
added 2020/12/17 9:5 p.m.25 views

CVE-2020-8463

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous users by manipulating request paths...

7.5AI score0.05908EPSS
Exploits2References2
Cvelist
Cvelist
added 2020/12/17 9:5 p.m.23 views

CVE-2020-8464

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to send requests that appear to come from the localhost which could expose the product's admin interface to users who would not normally have access...

7.9AI score0.06341EPSS
Exploits2References2
CVE
CVE
added 2020/12/17 9:5 p.m.68 views

CVE-2020-8463

CVE-2020-8463 affects Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2, where an attacker can bypass global authorization for anonymous users by manipulating request paths. The issue is described across multiple sources as an authentication bypass vulnerability caused by insuf...

7.5CVSS7.5AI score0.05908EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2020/12/17 9:5 p.m.47 views

CVE-2020-8464

CVE-2020-8464 affects Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2. A vulnerability allows an attacker to craft requests that appear to originate from localhost, potentially exposing the product’s admin interface to users who would not normally have access. The available d...

7.5CVSS8.4AI score0.06341EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2020/12/17 9:5 p.m.60 views

CVE-2020-8461

CVE-2020-8461 describes a CSRF protection bypass in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2. An attacker could induce a victim to make a specially encoded request without a valid CSRF token, effectively bypassing CSRF protections. This affects IWSVA 6.5 SP2; CVSS metrics indi...

8.8CVSS9AI score0.01136EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2020/12/17 9:5 p.m.28 views

CVE-2020-8462

A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product...

4.9AI score0.01134EPSS
Exploits2References2
CVE
CVE
added 2020/12/17 9:5 p.m.48 views

CVE-2020-8462

CVE-2020-8462 describes a cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2 that could allow an attacker to tamper with the product’s web interface. The connected Red Hat and CNVD entries corroborate the same issue class and target pr...

4.8CVSS4.8AI score0.01134EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2020/12/17 9:5 p.m.51 views

CVE-2020-27010

CVE-2020-27010 : A cross-site scripting (XSS) vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2, affecting the web interface. The issue is caused by improper validation of user-supplied input in the web interface, allowing an attacker to tamper with the ...

4.8CVSS4.8AI score0.00713EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/12/17 9:5 p.m.31 views

CVE-2020-27010

A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate from the similar CVE-2020-8462...

4.9AI score0.00713EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/16 12:0 a.m.7 views

Trend Micro InterScan Web Security Virtual Appliance 跨站请求伪造漏洞

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A security vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance 6....

8.8CVSS7.3AI score0.01136EPSS
Exploits2References5
CNNVD
CNNVD
added 2020/12/16 12:0 a.m.8 views

Trend Micro InterScan Web Security Virtual Appliance 跨站脚本漏洞

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A cross-site scripting vulnerability exists in Trend Micro InterScan Web Security Virtual...

4.8CVSS5.7AI score0.00713EPSS
Exploits0References3
CNNVD
CNNVD
added 2020/12/16 12:0 a.m.6 views

Trend Micro InterScan Web Security Virtual Appliance 授权问题漏洞

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A command execution vulnerability exists in Trend Micro InterScan Web Security Virtual...

10CVSS7.6AI score0.02574EPSS
Exploits2References5
CNNVD
CNNVD
added 2020/12/16 12:0 a.m.6 views

Trend Micro InterScan Web Security Virtual Appliance 安全漏洞

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. An authorization bypass vulnerability exists in Trend Micro InterScan Web Security Virtual...

7.5CVSS7.1AI score0.05908EPSS
Exploits2References5
CNNVD
CNNVD
added 2020/12/16 12:0 a.m.7 views

Trend Micro InterScan Web Security Virtual Appliance 跨站脚本漏洞

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A cross-site scripting vulnerability exists in Trend Micro InterScan Web Security Virtual...

4.8CVSS5.7AI score0.01134EPSS
Exploits2References5
CNNVD
CNNVD
added 2020/12/16 12:0 a.m.9 views

Trend Micro InterScan Web Security Virtual Appliance 代码问题漏洞

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. An authentication bypass vulnerability exists in Trend Micro InterScan Web Security Virtua...

7.5CVSS7.2AI score0.06341EPSS
Exploits2References5
CNNVD
CNNVD
added 2020/12/16 12:0 a.m.11 views

Trend Micro InterScan Web Security Virtual Appliance 命令注入漏洞

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A command injection vulnerability exists in Trend Micro InterScan Web Security Virtual...

9.8CVSS7.4AI score0.63711EPSS
Exploits2References5
Check Point Advisories
Check Point Advisories
added 2020/12/03 12:0 a.m.49 views

Trend Micro InterScan Web Security Virtual Appliance Command Injection (CVE-2020-28580; CVE-2020-28581)

A command injection vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS7.3AI score0.44549EPSS
Exploits2
Check Point Advisories
Check Point Advisories
added 2020/12/03 12:0 a.m.22 views

Trend Micro InterScan Web Security Virtual Appliance Stack Overflow (CVE-2020-28578; CVE-2020-28579)

A stack overflow vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.5CVSS6.8AI score0.7227EPSS
Exploits2
Rows per page
Query Builder