Filtered by vendor Trendmicro
Subscribe
Filtered by product Interscan Web Security Virtual Appliance
Subscribe
Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-8463 | 1 Trendmicro | 1 Interscan Web Security Virtual Appliance | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous users by manipulating request paths. | |||||
| CVE-2020-8462 | 1 Trendmicro | 1 Interscan Web Security Virtual Appliance | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product. | |||||
| CVE-2020-8461 | 1 Trendmicro | 1 Interscan Web Security Virtual Appliance | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to get a victim's browser to send a specifically encoded request without requiring a valid CSRF token. | |||||
| CVE-2020-28581 | 1 Trendmicro | 1 Interscan Web Security Virtual Appliance | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges. | |||||
| CVE-2020-28580 | 1 Trendmicro | 1 Interscan Web Security Virtual Appliance | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges. | |||||
| CVE-2020-28579 | 1 Trendmicro | 1 Interscan Web Security Virtual Appliance | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges. | |||||
| CVE-2020-28578 | 1 Trendmicro | 1 Interscan Web Security Virtual Appliance | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges. | |||||
| CVE-2020-27010 | 1 Trendmicro | 1 Interscan Web Security Virtual Appliance | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate from the similar CVE-2020-8462. | |||||
| CVE-2019-9490 | 1 Trendmicro | 1 Interscan Web Security Virtual Appliance | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. An attacker must be an authenticated user in order to exploit the vulnerability. | |||||