CVE-2023-32556

A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2023-32556

A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2023-32555

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in...

CVE-2023-32554

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in...

CVE-2023-32528

Trend Micro Mobile Security Enterprise 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2023-32527

Trend Micro Mobile Security Enterprise 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2023-32527

Trend Micro Mobile Security Enterprise 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

CVE-2023-32526

Trend Micro Mobile Security Enterprise 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit thi...

CVE-2023-32526

Trend Micro Mobile Security Enterprise 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit thi...

CVE-2023-32525

Trend Micro Mobile Security Enterprise 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit thi...

CVE-2023-32525

Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system, with no user interaction. The iss...

CVE-2023-32525

Trend Micro Mobile Security Enterprise 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit thi...

CVE-2023-32524

Affected versions of Trend Micro Mobile Security Enterprise 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

CVE-2023-32523

Affected versions of Trend Micro Mobile Security Enterprise 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

CVE-2023-32523

Affected versions of Trend Micro Mobile Security Enterprise 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

CVE-2023-32522

A path traversal exists in a specific dll of Trend Micro Mobile Security Enterprise 9.8 SP5 which could allow an authenticated remote attacker to delete arbitrary files. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit...

(Pwn2Own) Microsoft Windows UMPDDrvEnablePDEV Improper Input Validation Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

PT-2023-24794 · Pulse Secure · Pulse Secure Client

Name of the Vulnerable Software and Affected Versions: Pulse Secure Client affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Pulse Secure Client. An attacker must first obtain the ability to execute low-privileged co...

EulerOS Virtualization 2.11.1 : libarchive (EulerOS-SA-2023-2045)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL...

CVE-2023-25731

Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...