38 matches found
EUVD-2018-17995
Malware in sbrugna...
EUVD-2018-15462
Malware in sbrugna...
EUVD-2022-50902
Malicious code in bioql PyPI...
CVE-2022-30687
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary files...
Trend Micro Maximum Security coreServiceShell Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Trend Micro Maximum Security vulnerable to improper link resolution (CVE-2024-32849)
Overview Trend Micro Incorporated has released a security update for Trend Micro Maximum Security, fixing an improper link resolution vulnerabilityCWE-59, CVE-2024-32849. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN. Impact Trend...
CVE-2022-48191
A vulnerability exists in Trend Micro Maximum Security 2022 17.7 wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowin...
CVE-2022-48191
A vulnerability exists in Trend Micro Maximum Security 2022 17.7 wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowin...
Trend Micro Maximum Security Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Tre...
CVE-2021-32460
The Trend Micro Maximum Security 2021 v17 consumer product is vulnerable to an improper access control vulnerability in the installer which could allow a local attacker to escalate privileges on a target machine. Please note than an attacker must already have local user privileges and access on t...
Trend Micro Maximum Security Race Condition Arbitrary File Deletion Vulnerability
This vulnerability allows local attackers to delete arbitrary files on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Use Safety and Precaution When Using USBs
Removable USB devices are basic instruments for storing and transferring files from one device to another. Although they’re convenient to use, they can also pose a potential threat to your devices—especially when used without prior caution. There are reported instances, where researchers weren’t...
Trend Micro Maximum Security ID_AMSP_MASTER Out-Of-Bounds Read Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Trend Micro Maximum Security ID_AMSP_MASTER Missing Impersonation Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
CVE-2018-3608
A vulnerability in Trend Micro Maximum Security's Consumer 2018 versions 12.0.1191 and below User-Mode Hooking UMH driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes...
CVE-2018-3608
A vulnerability in Trend Micro Maximum Security's Consumer 2018 versions 12.0.1191 and below User-Mode Hooking UMH driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes...
CVE-2018-6235
An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first obtain the...
Information disclosure
An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first...
CVE-2018-6234
An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. An attacker must first...
CVE-2018-6236
A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security Consumer 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver. An attacker must first obtain the...