Filtered by vendor Trendmicro
Subscribe
Total
493 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10354 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| A command injection remote command execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the LauncherServer. Authentication is required to exploit this vulnerability. | |||||
| CVE-2018-10353 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to disclose sensitive information on vulnerable installations due to a flaw in the formChangePass class. Authentication is required to exploit this vulnerability. | |||||
| CVE-2018-10352 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formConfiguration class. Authentication is required to exploit this vulnerability. | |||||
| CVE-2018-10351 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRegistration2 class. Authentication is required to exploit this vulnerability. | |||||
| CVE-2018-10350 | 2 Linux, Trendmicro | 2 Linux Kernel, Smart Protection Server | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\_bwlists\_handler.php. Authentication is required in order to exploit this vulnerability. | |||||
| CVE-2017-14097 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An improper access control vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to decrypt contents of a database with information that could be used to access a vulnerable system. | |||||
| CVE-2017-14096 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A stored cross site scripting (XSS) vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to execute a malicious payload on vulnerable systems. | |||||
| CVE-2017-14095 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a local file inclusion on a vulnerable system. | |||||
| CVE-2017-14094 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a cron job injection on a vulnerable system. | |||||
| CVE-2017-14082 | 1 Trendmicro | 1 Mobile Security | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system. | |||||
| CVE-2017-11398 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated attacker to hijack active user sessions to perform authenticated requests on a vulnerable system. | |||||
| CVE-2024-46903 | 1 Trendmicro | 1 Deep Discovery Inspector | 2024-11-01 | N/A | 6.5 MEDIUM |
| A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2024-46902 | 1 Trendmicro | 1 Deep Discovery Inspector | 2024-10-25 | N/A | 8.4 HIGH |
| A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability. | |||||