15 matches found
CVE-2019-19696
The CVE-2019-19696 entry pertains to Trend Micro Password Manager for Windows and macOS. The root cause is an improper protection/access of the localhost.key within RootCA.crt, enabling an unauthorized party to access the private key. This information disclosure could allow a attacker to generate...
CVE-2019-15625
CVE-2019-15625 concerns a memory disclosure in Trend Micro Password Manager. The JVN/NVD details indicate an information disclosure vulnerability (CWE-200) where sensitive data such as IDs and passwords can reside in memory in plaintext under certain conditions, allowing memory scans to retrieve ...
CVE-2022-26337
The CVE-2022-26337 entry concerns Trend Micro Password Manager (Consumer) installer versions 5.0.0.1262 and earlier. The issue is an Uncontrolled Search Path Element vulnerability in the installer, enabling a local attacker to escalate privileges by using a specially crafted file on the affected ...
CVE-2022-28394
The CVE-2022-28394 entry concerns the Trend Micro Password Manager installer (Consumer) prior to version 3.7.0.1223. The root cause is an insecure DLL search path (CWE-427) in the installer, which may allow loading Arbitrary DLLs. Reported impacts indicate arbitrary code execution with the privil...
CVE-2022-30523
The CVE-2022-30523 case concerns Trend Micro Password Manager (Consumer) versions 5.0.0.1266 and earlier, impacted by a Link Following Privilege Escalation vulnerability. Technical details in connected documents show that a local low-privilege attacker could exploit a symbolic link via the Trend ...
CVE-2020-8469
Trend Micro Password Manager for Windows 5.0 is affected by a DLL hijacking vulnerability that could lead to local privilege escalation. This is documented across multiple sources; no exploitation status or remediation details are provided in the connected documents. Monitor for updates and rely ...
CVE-2019-14687
CVE-2019-14687 concerns Trend Micro Password Manager 5.0. The connected sources describe a DLL hijacking vulnerability that would allow an attacker to load an arbitrary unsigned DLL into the signed Password Manager service process. This entry is very similar to CVE-2019-14684 and shares the same ...
CVE-2019-15629
The CVE describes a FLAG_MISUSE issue in Trend Micro Password Manager for Android, affecting versions 3.x, 5.0, and 5.1. The vulnerability could allow the app to share information with third‑party applications on the device. Technical specifics beyond this (root cause analysis, affected component...
CVE-2016-3987
CVE-2016-3987 concerns the HTTP server in Trend Micro Password Manager, where the URL parameter to api/openUrlInDefaultBrowser or api/showSB can lead to remote command execution. The vulnerability implies a command-injection flaw in the server’s handling of specific URL queries, enabling an attac...
CVE-2021-32462
Summary: CVE-2021-32462 affects Trend Micro Password Manager (Consumer), ≤v5.0.0.1217, with an Exposed Hazardous Function Remote Code Execution flaw in the Central Control Service. An unprivileged user can cause registry manipulation and privilege escalation to SYSTEM, with authentication require...
CVE-2021-32461
Trend Micro Password Manager (Consumer) up to version 5.0.0.1217 is affected by an Integer Truncation Privilege Escalation vulnerability. The flaw allows a local attacker who can run low-privilege code to trigger a buffer overflow and escalate privileges (up to SYSTEM in affected scenarios), via ...
CVE-2019-14684
The CVE-2019-14684 entry describes a DLL hijacking vulnerability in Trend Micro Password Manager 5.0 that could allow loading an arbitrary unsigned DLL into the signed service’s process. The root cause is a DLL search/load issue (hijack) within the Password Manager’s service, enabling potential a...
CVE-2021-28647
CVE-2021-28647 affects Trend Micro Password Manager for Windows (Consumer) 5.x. The root cause is a DLL search path hijack during installer execution, allowing a malicious DLL to be loaded and potentially cause arbitrary execution of code each time a user installs a program. Public sources descri...
CVE-2025-48443
CVE-2025-48443 affects Trend Micro Password Manager (Consumer)
CVE-2025-52837
CVE-2025-52837 affects Trend Micro Password Manager (Consumer) on Windows, specifically versions 5.8.0.1327 and earlier. The root cause is a Link Following vulnerability (notably via symbolic links) that can be leveraged to delete arbitrary files/folders and escalate privileges. The vulnerability...