Lucene search
K

11119 matches found

Cvelist
Cvelist
added 2026/05/21 1:2 p.m.37 views

CVE-2025-71215

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent iCore service signature verification could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

0.00301EPSS
Exploits0References2
CVE
CVE
added 2026/05/21 1:2 p.m.17 views

CVE-2025-71215

The vulnerability CVE-2025-71215 is a TOCTOU race condition in the Trend Micro Apex One (mac) agent iCore service signature verification that can allow a local attacker with low-privilege code execution to escalate privileges. Affected software is the Apex One mac agent; the flaw arises during si...

7CVSS7.3AI score0.00301EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/21 1:2 p.m.12 views

CVE-2025-71215

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent iCore service signature verification could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

7.3AI score0.00301EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/21 1:2 p.m.7 views

CVE-2025-71215

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent iCore service signature verification could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

7CVSS7.3AI score0.00301EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 1:2 p.m.9 views

EUVD-2025-209917

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent iCore service signature verification could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

7CVSS7.3AI score0.00301EPSS
Exploits0References2
CVE
CVE
added 2026/05/21 1:2 p.m.22 views

CVE-2025-71214

Trend Micro Apex One (mac) agent iCore service contains an origin validation error that allows local privilege escalation when an attacker can execute low-privileged code. The root cause is lack of proper validation of the origin of IPC messages within the iCore service. Reported impact is local ...

7.8CVSS7.3AI score0.00357EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/21 1:2 p.m.50 views

CVE-2025-71214

An origin validation error vulnerability in the Trend Micro Apex One mac agent iCore service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

0.00357EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/21 1:2 p.m.19 views

EUVD-2025-209912

An origin validation error vulnerability in the Trend Micro Apex One mac agent iCore service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

7.8CVSS7.3AI score0.00357EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/21 1:2 p.m.6 views

CVE-2025-71213

An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS7.3AI score0.00337EPSS
Exploits0References3
CVE
CVE
added 2026/05/21 1:2 p.m.20 views

CVE-2025-71213

CVE-2025-71213 is a local privilege escalation in Trend Micro Apex One caused by an origin validation error. The public notices describe a flaw in the Apex One components (notably the NT Listener service per ZDI) where insufficient validation of the origin of commands allows a local attacker who ...

7.8CVSS7.3AI score0.00337EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/21 1:2 p.m.15 views

CVE-2025-71213

An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS7.3AI score0.00337EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/21 1:2 p.m.13 views

EUVD-2025-209913

An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS7.3AI score0.00337EPSS
Exploits0References2
CVE
CVE
added 2026/05/21 1:2 p.m.27 views

CVE-2025-71212

CVE-2025-71212 affects Trend Micro Apex One Virus Scan Engine. A local attacker who can run low-privileged code can exploit a link-following weakness to escalate privileges via the VSApiNt.sys driver, as described by ZDI and mirrored in NVD. The vulnerability exists in the scan engine and can lea...

7.8CVSS7.3AI score0.00544EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/21 1:2 p.m.12 views

CVE-2025-71212

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS7.3AI score0.00544EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/21 1:2 p.m.43 views

CVE-2025-71212

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS0.00544EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/21 1:2 p.m.7 views

CVE-2025-71212

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS7.3AI score0.00544EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 1:2 p.m.18 views

EUVD-2025-209914

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS7.3AI score0.00544EPSS
Exploits0References2
CVE
CVE
added 2026/05/21 1:2 p.m.22 views

CVE-2025-71211

CVE-2025-71211 concerns Trend Micro Apex One Console; a directory traversal vulnerability enables remote code execution on affected installations. The ZDI advisory notes that the Apex One Console, listening on ports 8080 and 4343, allows remote attackers to execute arbitrary code without authenti...

9.8CVSS7.6AI score0.03754EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/21 1:2 p.m.11 views

CVE-2025-71211

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerabili...

9.8CVSS7.6AI score0.03754EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/21 1:2 p.m.42 views

CVE-2025-71211

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerabili...

9.8CVSS0.03754EPSS
Exploits0References2
Rows per page
Query Builder