CVE-2025-30642

A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service DoS situation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

CVE-2025-49158

An uncontrolled search path vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2025-42993

Due to a missing authorization check vulnerability in SAP S/4HANA Enterprise Event Enablement, an attacker with access to the Inbound Binding Configuration could create an RFC destination and assign an arbitrary high-privilege user. This allows the attacker to consume events via the RFC...

CVE-2023-34144

An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target syst...

CVE-2023-32524

Affected versions of Trend Micro Mobile Security Enterprise 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

PT-2025-3726 · Avira · Avira Prime

Name of the Vulnerable Software and Affected Versions: Avira Prime affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target...

CVE-2024-55955

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...

CVE-2024-52049

A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52048. Please note: an attacker must first obtain the ability to execute low-privileged...

PT-2024-36566 · Trend Micro · Trend Micro Apex One

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Description: A local attacker could exploit an engine link following issue to escalate privileges on affected installations. The attacker must first obtain the ability to execute...

CVE-2024-46903

A vulnerability in Trend Micro Deep Discovery Inspector DDI versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2024-48903

An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

PT-2024-10306 · Fortinet · Forticlient

Name of the Vulnerable Software and Affected Versions: Fortinet FortiClientWindows versions 6.4.0 through 6.4.10 Fortinet FortiClientWindows versions 7.0.0 through 7.0.12 Fortinet FortiClientWindows versions 7.2.0 through 7.2.4 Fortinet FortiClientWindows version 7.4.0 Description: The issue is...

CVE-2024-8404

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege...

CVE-2024-8404 Arbitrary File Deletion in PaperCut NG/MF Web Print Hot folder

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege...

CVE-2024-8404

CVE-2024-8404 describes an arbitrary file deletion vulnerability in PaperCut NG/MF on Windows servers with Web Print enabled. An attacker must have local login access and be able to run low-privilege code via the web-print-hot-folder to delete targeted files. The issue is tied to a split from CVE...

CVE-2024-8404 Arbitrary File Deletion in PaperCut NG/MF Web Print Hot folder

An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local login access to the Windows Server hosting PaperCut NG/MF and be capable of executing low-privilege...

PT-2024-32274 · Trend Micro · Trend Micro Deep Discovery Inspector

Name of the Vulnerable Software and Affected Versions: Trend Micro Deep Discovery Inspector versions 5.8 and above Description: A vulnerability in Trend Micro Deep Discovery Inspector could allow an attacker to disclose sensitive information from affected installations. To exploit this issue, an...

PT-2024-5740 · Microsoft · Windows 10 +1

Name of the Vulnerable Software and Affected Versions: Windows 10 affected versions not specified Description: The issue is related to a lack of access control in the Windows Update Stack component, which can be exploited to elevate privileges. An attacker must first obtain the ability to execute...

PT-2024-38212 · Comodo · Comodo Internet Security

Name of the Vulnerable Software and Affected Versions: Comodo Internet Security Pro affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the targ...

CVE-2024-37289

An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...