Lucene search
K

13 matches found

Cvelist
Cvelist
added 2026/05/21 1:3 p.m.42 views

CVE-2026-34928

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different named pipe communication mechanism. Please note: an attacker must first obtain the ability to...

7.8CVSS0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:16 a.m.13 views

CVE-2023-38626

A post-authenticated server-side request forgery SSRF vulnerability in Trend Micro Apex Central 2019 lower than build 6481 could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the...

5.4CVSS6.6AI score0.00351EPSS
Exploits0References1
OSV
OSV
added 2025/02/18 11:15 p.m.1 views

DEBIAN-CVE-2025-24928

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...

7.7CVSS6.7AI score0.00375EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/25 12:0 a.m.12 views

CVE-2024-41705

A stored XSS issue was discovered in Archer Platform 6.8 before 2024.06. A remote authenticated malicious Archer user could potentially exploit this to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the...

7.1CVSS5.7AI score0.00294EPSS
Exploits0References2
NVD
NVD
added 2024/01/23 9:15 p.m.26 views

CVE-2023-47193

An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS7.6AI score0.00141EPSS
Exploits0References2
NVD
NVD
added 2024/01/23 9:15 p.m.19 views

CVE-2023-41177

Reflected cross-site scripting XSS vulnerabilities in Trend Micro Mobile Security Enterprise could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41178...

6.1CVSS6AI score0.00507EPSS
Exploits0References2
NVD
NVD
added 2024/01/23 9:15 p.m.22 views

CVE-2023-41176

Reflected cross-site scripting XSS vulnerabilities in Trend Micro Mobile Security Enterprise could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41177...

6.1CVSS6AI score0.01798EPSS
Exploits0References2
Prion
Prion
added 2024/01/23 9:15 p.m.18 views

Input validation

An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

4.3CVSS7.7AI score0.00141EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/01/23 8:41 p.m.20 views

CVE-2023-52326

Certain dashboard widgets on Trend Micro Apex Central on-premise are vulnerable to cross-site scripting XSS attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-52327...

6.7AI score0.02454EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/23 8:36 p.m.42 views

CVE-2023-41178

Reflected cross-site scripting XSS vulnerabilities in Trend Micro Mobile Security Enterprise could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41176...

6.2AI score0.01798EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/26 9:54 p.m.15 views

CVE-2023-32532

Certain dashboard widgets on Trend Micro Apex Central on-premise are vulnerable to cross-site scripting XSS attacks that may allow an attacker to achieve remote code execution on affected servers. This is similar to, but not identical to CVE-2023-32531 through 32535...

6.6AI score0.01873EPSS
Exploits0References2
OSV
OSV
added 2023/06/14 2:54 p.m.47 views

GHSA-JQXR-VJVV-899M @keystone-6/auth Open Redirect vulnerability

Summary There is an open redirect in the @keystone-6/auth package, where the redirect leading / filter can be bypassed. Impact Users may be redirected to domains other than the relative host, thereby it might be used by attackers to re-direct users to an unexpected location. Mitigations - Don't u...

6.1CVSS5AI score0.00407EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/12 5:16 p.m.2 views

jackson-mapper-asl: XML external entity similar to CVE-2016-3720

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries such that an XML external entity XXE vulnerability affects codehaus's jackson-mapper-asl libraries. This vulnerability is similar to CVE-2016-3720. The primary threat from this flaw is data integrity...

7.5CVSS6.8AI score0.17044EPSS
Exploits0References4
Rows per page
Query Builder