157 matches found
PT-2023-12332 · Unknown · Apm Java Agent
Name of the Vulnerable Software and Affected Versions: APM Java agent affected versions not specified Description: A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious plugin to an application running the APM Java agent. By usin...
PT-2023-30365 · Trend Micro · Trend Micro Apex One
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Description: A plug-in manager origin validation issue could allow a local attacker to escalate privileges on affected installations. The attacker must first obtain the ability to execute...
PT-2023-30357 · Trend Micro · Trend Micro Apex One
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Description: The issue is related to an origin validation vulnerability in the Trend Micro Apex One security agent, which could allow a local attacker to escalate privileges on affected...
PT-2023-30358 · Trend Micro · Trend Micro Apex One
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Description: The issue is related to an origin validation vulnerability in the Trend Micro Apex One security agent, which could allow a local attacker to escalate privileges on affected...
CVE-2023-34146
An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first...
CVE-2023-34144
An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target syst...
CVE-2023-32524
Affected versions of Trend Micro Mobile Security Enterprise 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2023-32526
Trend Micro Mobile Security Enterprise 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit thi...
PT-2023-23856 · Trend Micro · Trend Micro Mobile Security
Name of the Vulnerable Software and Affected Versions: Trend Micro Mobile Security Enterprise version 9.8 SP5 Description: The issue allows a remote attacker to create arbitrary files on affected installations. To exploit this, an attacker must first obtain the ability to execute low-privileged...
CVE-2023-25145
A link following vulnerability in the scanning function of Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...
SUSE CVE-2020-12951
Race condition in ASP firmware could allow less privileged x86 code to perform ASP SMM System Management Mode operations...
CVE-2022-44653
A security agent directory traversal vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order t...
CVE-2022-44651
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order ...
PT-2022-5944 · Trend Micro · Trend Micro Apex One +1
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Trend Micro Apex One as a Service affected versions not specified Description: The issue is related to an arbitrary file deletion vulnerability in the Damage Cleanup Engine component. This...
PT-2022-6621 · Trend Micro · Trend Micro Apex One +1
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Trend Micro Apex One as a Service affected versions not specified Description: A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could...
PT-2022-27280 · Trend Micro · Trend Micro Apex One +1
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Trend Micro Apex One as a Service affected versions not specified Description: A Time-of-Check Time-Of-Use issue allows a local attacker to escalate privileges on affected installations. Th...
CVE-2022-41747
An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in...
CVE-2022-41745
An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first...
PT-2022-26050 · Trend Micro · Trend Micro Apex One
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Description: A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection integrated component could allow a local attacker to escalate privileges and turn...
CVE-2022-40708
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code o...