Lucene search
K

51 matches found

Zero Day Initiative
Zero Day Initiative
added 2026/04/15 12:0 a.m.9 views

TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apex One console, which listens on TCP ports 8080 and 4343 by default. The issu...

9.8CVSS7.7AI score0.20253EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7991

Malware in sbrugna...

7.5CVSS7.5AI score0.04661EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2025/08/05 12:0 a.m.4 views

Trend Micro Apex One Console Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apex One console, which listens on TCP ports 8080 and 4343 by default. The issu...

9.8CVSS6.9AI score0.1691EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.4 views

PT-2025-31532 · Undefined · Undefined

An unrestricted file upload vulnerability exists in Kaseya KServer versions prior to 6.3.0.2. The uploadImage.asp endpoint allows unauthenticated users to upload files to arbitrary paths via a crafted filename parameter in a multipart/form-data POST request. Due to the lack of authentication and...

9.3CVSS8.3AI score0.01838EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2024/01/10 12:0 a.m.22 views

Trend Micro Apex Central widget WFProxy Local File Inclusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the getObjWGFServiceApiByApiName function. The issue results from the lack of prope...

7.5CVSS7.5AI score0.04536EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/11/14 12:0 a.m.15 views

Trend Micro Apex One Local File Inclusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Apex One we...

7.8CVSS7.7AI score0.00481EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/17 12:0 a.m.15 views

Trend Micro Apex Central modTMMS SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of deletecertvec requests to the modTMMS endpoint. When parsing the ...

7.2CVSS7.9AI score0.01721EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/17 12:0 a.m.14 views

Trend Micro Apex Central modTMMS SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of setcertificatesconfig requests to the modTMMS endpoint. When...

7.2CVSS7.9AI score0.02425EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/12 12:0 a.m.18 views

Trend Micro Mobile Security for Enterprises widgetforsecurity getWidgetPoolManager Local File Inclusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Mobile Security for Enterprises. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

7.5CVSS7.2AI score0.02992EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/12 12:0 a.m.20 views

Trend Micro Mobile Security for Enterprises widgetforsecurity set_certificates_config Unrestricted File Upload Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Trend Micro Mobile Security for Enterprises. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

6.5CVSS7.3AI score0.02038EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/12 12:0 a.m.21 views

Trend Micro Mobile Security for Enterprises widget set_certificates_config Unrestricted File Upload Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Trend Micro Mobile Security for Enterprises. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

6.5CVSS7.3AI score0.02038EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/05/12 12:0 a.m.17 views

Trend Micro Mobile Security for Enterprises widget getWidgetPoolManager Local File Inclusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Mobile Security for Enterprises. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

7.5CVSS7.2AI score0.02923EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/04/11 12:0 a.m.37 views

Microsoft SharePoint WSSXmlUrlResolver Server-Side Request Forgery Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the WSSXmlUrlResolver class. The issue results from the lack of proper validati...

7.1CVSS6.2AI score0.06233EPSS
Exploits3References1
Prion
Prion
added 2019/10/28 8:15 p.m.10 views

Command injection

Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution RCE. The remote process execution is bound to the IUSR...

5CVSS8.1AI score0.04661EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2018/05/18 12:0 a.m.35 views

Advantech WebAccess Node Product Installation File Access Control Modification Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privilege on vulnerable installations of Advantech WebAccess Node. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the access...

7.2CVSS5AI score0.00362EPSS
Exploits0References1
Prion
Prion
added 2018/03/08 8:29 p.m.18 views

Design/Logic Flaw

A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacke...

7.2CVSS8AI score0.00599EPSS
Exploits3References2Affected Software1
OSV
OSV
added 2018/03/08 8:29 p.m.3 views

CVE-2018-5313

A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacke...

7.8CVSS6.1AI score0.00599EPSS
Exploits3References2
Cvelist
Cvelist
added 2018/03/08 8:0 p.m.20 views

CVE-2018-5313

A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacke...

7.9AI score0.00599EPSS
Exploits3References2
0day.today
0day.today
added 2018/03/07 12:0 a.m.78 views

Rapid Scada 5.5.0 Insecure Permissions Vulnerability

Exploit for windows platform in category local exploits Rapid Scada - 5.5.0 - Insecure Permissions ------------------------------------------------------- Author: - Filipe Xavier Oliveira: icacls SCADA SCADA BUILTIN\Administrators:IF BUILTIN\Administrators:IOICIIOF NT AUTHORITY\SYSTEM:IF NT...

7.2CVSS7.4AI score0.00599EPSS
Exploits3
Zero Day Initiative
Zero Day Initiative
added 2017/09/15 12:0 a.m.23 views

Trend Micro Mobile Security for Enterprise upload_wallpaper_file Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the uploadwallpaperfile action. The issue...

6.5CVSS3.2AI score0.10931EPSS
Exploits0References1
Rows per page
Query Builder