Security Security Vulnerabilities and Issues — Security CVE List

TrendmicroSecurity

8 matches found

CVE•added 2020/02/20 10:50 p.m.•91 views

CVE-2019-14688

This CVE affects Trend Micro installer packages. A DLL hijack vulnerability was present in an installer version used by multiple Trend Micro products and could be exploited only during the initial product installation by an authorized user. The attacker must cause the target to place a malicious ...

7CVSS6.9AI score0.01827EPSS

CVE•added 2022/06/09 8:15 p.m.•69 views

CVE-2022-30703

CVE-2022-30703 affects Trend Micro Security (Consumer) 2021 and 2022. The issue is an exposed dangerous method in the NCIE Scanner/module that can allow a local attacker to disclose sensitive information, including leaked kernel addresses, and could potentially be chained to achieve privilege esc...

7.8CVSS7.4AI score0.00335EPSS

CVE•added 2022/09/19 6:0 p.m.•67 views

CVE-2022-37348

Trend Micro Security 2021–2022 (Consumer) is affected by an Out-Of-Bounds Read Information Disclosure vulnerability (CVE-2022-37348) that can read sensitive data from memory and may crash the system. Related entries (CVE-2022-37347) describe similar behavior. Affected product/component: Trend Mic...

5.5CVSS5AI score0.00242EPSS

CVE•added 2022/09/19 6:0 p.m.•66 views

CVE-2022-34893

CVE-2022-34893 – Trend Micro Security 2022 (consumer) is a local privilege-escalation flaw described as a “link following vulnerability” in multiple sources. The root cause involves manipulation of a mountpoint via a symbolic link, enabling a low-privileged attacker with local access to escalate ...

7.8CVSS7.8AI score0.00268EPSS

CVE•added 2018/02/16 10:0 p.m.•65 views

CVE-2018-6218

CVE-2018-6218 describes a DLL hijacking issue in Trend Micro’s User-Mode Hooking Module (UMH). The root cause is insecure DLL loading (DLL search order) in Trend Micro products, enabling arbitrary code execution if a malicious DLL is located where the installer/UMH loader loads it. Public documen...

7CVSS6.9AI score0.01624EPSS

CVE•added 2022/06/09 8:15 p.m.•63 views

CVE-2022-30702

CVE-2022-30702 affects Trend Micro Security (Consumer) 2021/2022. The confirmed issue is an Out-of-Bounds Read Information Disclosure in the NCIE Scanner module, caused by improper validation that can enable a local attacker to disclose sensitive data on an affected machine. Exploitation context ...

5.5CVSS5AI score0.00333EPSS

CVE•added 2022/09/19 6:0 p.m.•61 views

CVE-2022-37347

CVE-2022-37347 affects Trend Micro Security 2021/2022 (Consumer). It is an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash. Public sources in the connected docs confirm the issue and r...

5.5CVSS5.1AI score0.00242EPSS

CVE•added 2022/07/29 11:15 p.m.•59 views

CVE-2022-35234

CVE-2022-35234 affects Trend Micro Security 2021 and 2022 (Consumer). The vulnerability is an Out-Of-Bounds Read Information Disclosure that could allow reading sensitive data from other memory locations and may cause a crash on affected machines. The available connected documents indicate a simi...

7.1CVSS5.5AI score0.00282EPSS