CVE-2020-24557

A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first...

CVE-2022-42488

OpenHarmony CVE-2022-42488 affects OpenHarmony versions 3.1.2 and earlier. The root cause is missing permission validation in the param service of the startup subsystem, which could let a malicious app elevate privileges to root, disable security features, or cause denial of service by stopping s...

Design/Logic Flaw

A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first...

Reliable Controls MACH-ProWebCom/Sys CVE-2019-18249 Cross Site Scripting Vulnerability

Description Reliable Controls MACH-ProWebCom/Sys are prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

Microsoft Internet Explorer Event Handlers Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to access local files or content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information that m...