Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-31730

Malicious code in bioql PyPI...

6.8CVSS6.7AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:38 a.m.7 views

CVE-2025-49218

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. This is similar to, but not identical to CVE-2025-49215. Please note: an attacker must first obtain the ability to execute...

8.8CVSS8.6AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:38 a.m.6 views

CVE-2025-49217

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49213 but is in a different method...

9.8CVSS8.1AI score0.07935EPSS
Exploits0References1
NVD
NVD
added 2025/06/17 9:15 p.m.6 views

CVE-2025-49213

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49212 but is in a different method...

9.8CVSS0.07935EPSS
Exploits0References2
NVD
NVD
added 2025/06/17 9:15 p.m.6 views

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS0.00755EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:28 p.m.3 views

CVE-2025-49218

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. This is similar to, but not identical to CVE-2025-49215. Please note: an attacker must first obtain the ability to execute...

7.7CVSS8.2AI score0.0011EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:28 p.m.2 views

CVE-2025-49217

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49213 but is in a different method...

9.8CVSS9.9AI score0.01024EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/17 8:28 p.m.9 views

CVE-2025-49215

A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS0.00339EPSS
Exploits0References2
CVE
CVE
added 2025/06/17 8:28 p.m.24 views

CVE-2025-49215

CVE-2025-49215 describes a post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer that can lead to privilege escalation on affected installations. The main affected component is PolicyServer; the underlying issue is an SQL injection flaw exploitable after the at...

8.8CVSS8.2AI score0.00339EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/06/17 8:27 p.m.8 views

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS0.00755EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:27 p.m.5 views

CVE-2025-49214

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this...

8.8CVSS9AI score0.00755EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:27 p.m.4 views

CVE-2025-49212

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method...

9.8CVSS9.7AI score0.07935EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/17 8:16 p.m.6 views

CVE-2025-49211

A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability...

7.7CVSS8.5AI score0.0011EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.3 views

Trend Micro Endpoint Encryption PolicyServer 安全漏洞

Trend Micro Endpoint Encryption PolicyServer is a centralized management server from Trend Micro. A security vulnerability exists in Trend Micro Endpoint Encryption PolicyServer that stems from a post-authentication SQL injection issue that could result in elevated privileges...

8.8CVSS7.6AI score0.00339EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.5 views

Trend Micro Endpoint Encryption BuildEnterpriseSearchString SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.8AI score0.0011EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.6 views

Trend Micro Endpoint Encryption DbAppDomain Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Endpoint Encryption. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DbAppDomain service. The issue results from an improper implementatio...

9.8CVSS7.3AI score0.00489EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.6 views

Trend Micro Endpoint Encryption DeserializeFromBase64String Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.9AI score0.07935EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.5 views

Trend Micro Endpoint Encryption ProcessWhereClause SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.8AI score0.0011EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.5 views

PT-2025-25265 · Trend Micro · Trend Micro Endpoint Encryption

Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption versions prior to 6.0.0.4013 Description: An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected...

9.8CVSS9.5AI score0.07935EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.10 views

PT-2025-25266 · Trend Micro · Trend Micro Endpoint Encryption

Name of the Vulnerable Software and Affected Versions: Trend Micro Endpoint Encryption TMEE affected versions not specified Description: The issue is related to insufficient input validation in the PolicyServerWindowsService class of the Trend Micro Endpoint Encryption TMEE PolicyServer data...

10CVSS9.4AI score0.07935EPSS
Exploits0References12
Rows per page
Query Builder