6 matches found
CVE-2024-46902
Affected product: Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above. The issue is described as a SQL injection vulnerability in the web service that can lead to disclosure of sensitive information in affected installations. Exploitation details in the public docs indicate that aut...
CVE-2024-46903
Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above are affected by a SQL injection-related information disclosure vulnerability (CVE-2024-46903). The issue resides in the web service that processes inputs and leads to unauthorized disclosure of sensitive installation data. Exploita...
CVE-2021-25252
CVE-2021-25252 concerns Trend Micro’s Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) experiencing a memory exhaustion vulnerability that can cause denial-of-service or a system freeze when processing specially crafted files. Affected components: VSAPI and ATSE in Trend Micro produc...
CVE-2015-2872
Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances is affected by CVE-2015-2872 through input handling flaws in the web interface: crafted input to index.php and the widget feature can trigger cross-site scripting. Documented impact: unauthenticated remote injection of...
CVE-2015-2873
CVE-2015-2873 affects Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances. The root cause is improper authorization checks on direct access to critical management URLs (system log, whitelist, blacklist). An unauthenticated, non-admin user could view or modify sensitive ...
CVE-2018-15365
Affected product: Trend Micro Deep Discovery Inspector (DDI)