60 matches found
EUVD-2016-10126
Malware in sbrugna...
EUVD-2014-8347
Malware in sbrugna...
Multiple vulnerabilities in multiple Trend Micro products
Overview Trend Micro Incorporated has released security updates for multiple Trend Micro products. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Apex One 2019 On-prem, Apex One as a Service Local privilege escalation due ...
CVE-2024-36359
A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance IWSVA 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order ...
CVE-2024-36359
A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance IWSVA 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order ...
CVE-2024-36359
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 is affected by a cross‑site scripting (XSS) vulnerability in the HTTP Inspection module that can enable privilege escalation when an attacker can run low‑privileged code on the target and entice user interaction. Details across sour...
CVE-2024-36359
A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance IWSVA 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order ...
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) DecryptPasswd Stack-based Buffer Overflow
Binary data trendmicroiwsvacve-2020-28578.nbin...
Trend Micro IWSVA Remote Code Execution (CVE-2020-8466)
A remote code execution vulnerability exists in Trend Micro IWSVA. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Trend Micro IWSVA 6.5 < 6.5 Build 1919 Multiple Vulnerabilities
The version of Trend Micro InterScan Web Security Virtual Appliance IWSVA installed on the remote host is 6.5 prior to 6.5 Build 1919. It is, therefore, affected by multiple vulnerabilities: - Multiple cross-site scripting XSS vulnerabilities exist in the web interface of IWSVA due to improper...
Trend Micro IWSVA CSRF / XSS / Bypass / SSRF / Code Execution
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: Trend Micro InterScan Web Security Virtual Appliance IWSVA vulnerable version: IWSVA 6.5 SP2 EN Patch 4 Build 1919 fixed versio...
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) Multiple Vulnerabilities (000253095)
The Trend Micro InterScan Web Security Virtual Appliance is affected by multiple vulnerabilities : - A path traversal vulnerability exists in the Apache Solr application due to improper validation of a user-supplied path prior to using it in file operations when parsing the file parameter in an...
Trend Micro InterScan Web Security Virtual Appliance Information Disclosure Vulnerability (CNVD-2020-31245)
Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A security vulnerability exists in Trend Micro IWSVA version 6.5. A remote attacker could...
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) Information Disclosure Vulnerability (1122250)
According to its self-reported version, the instance of Trend Micro InterScan Web Security Virtual Appliance is affected by an information disclosure vulnerability in its web console component. An authenticated, remote attacker can exploit this, to disclose credentials of the web console...
Trend Micro IWSVA Parameter Command Injection - Ver2
A vulnerability exists in Trend Micro. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Trend Micro IWSVA Domain List Bdn Paremeter Command Injection - Ver2
A command injection vulnerability exists in Trend Micro. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Trend Micro IWSVA Deploywizard Haport Parameter Command Injection - Ver2
A command injection vulnerability exists in Trend Micro. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Trend Micro IWSVA 6.5 < 6.5 Build 1737 Multiple Vulnerabilities
The version of Trend Micro InterScan Web Security Virtual Appliance IWSVA installed on the remote host is 6.5 prior to 6.5 Build 1737. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists due to insecure access controls in the ManagePatches Servl...
Trend Micro IWSVA DeploymentWizardAction GetClusterInfo Command Injection
A command injection vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance IWSVA. The vulnerability is due to improper validation of the HTTP request parameters in the GetClusterInfo method of the DeploymentWizardAction class. A remote, authenticated attacker can exploit thi...
Trend Micro IWSVA ManageSRouteSettings HttpServlet Command Injection
A command injection vulnerability exists in Trend Micro IWSVA. This vulnerability is due to incorrect validation of the netid, netmask, router, and interfacevlanidsel HTTP parameters by the ManageSRouteSettings Servlet. A remote authenticated attacker could exploit this vulnerability by sending a...