Filtered by vendor Trendmicro
Subscriptions
Total
537 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-10356 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | N/A |
| A SQL injection remote code execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRequestDomains class. Authentication is required to exploit this vulnerability. | ||||
| CVE-2018-10355 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | N/A |
| An authentication weakness vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to recover user passwords on vulnerable installations due to a flaw in the DBCrypto class. An attacker must first obtain access to the user database on the target system in order to exploit this vulnerability. | ||||
| CVE-2018-10354 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | N/A |
| A command injection remote command execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the LauncherServer. Authentication is required to exploit this vulnerability. | ||||
| CVE-2018-10353 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | N/A |
| A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to disclose sensitive information on vulnerable installations due to a flaw in the formChangePass class. Authentication is required to exploit this vulnerability. | ||||
| CVE-2018-10352 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | N/A |
| A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formConfiguration class. Authentication is required to exploit this vulnerability. | ||||
| CVE-2018-10351 | 1 Trendmicro | 1 Email Encryption Gateway | 2024-11-21 | N/A |
| A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRegistration2 class. Authentication is required to exploit this vulnerability. | ||||
| CVE-2018-10350 | 2 Linux, Trendmicro | 2 Linux Kernel, Smart Protection Server | 2024-11-21 | N/A |
| A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\_bwlists\_handler.php. Authentication is required in order to exploit this vulnerability. | ||||
| CVE-2017-14097 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | N/A |
| An improper access control vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to decrypt contents of a database with information that could be used to access a vulnerable system. | ||||
| CVE-2017-14096 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | N/A |
| A stored cross site scripting (XSS) vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to execute a malicious payload on vulnerable systems. | ||||
| CVE-2017-14095 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | N/A |
| A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a local file inclusion on a vulnerable system. | ||||
| CVE-2017-14094 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | N/A |
| A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a cron job injection on a vulnerable system. | ||||
| CVE-2017-14082 | 1 Trendmicro | 1 Mobile Security | 2024-11-21 | N/A |
| An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system. | ||||
| CVE-2017-11398 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | N/A |
| A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated attacker to hijack active user sessions to perform authenticated requests on a vulnerable system. | ||||
| CVE-2024-46903 | 1 Trendmicro | 1 Deep Discovery Inspector | 2024-11-01 | 6.5 Medium |
| A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2024-46902 | 1 Trendmicro | 1 Deep Discovery Inspector | 2024-10-25 | 4.9 Medium |
| A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability. | ||||
| CVE-2024-48904 | 1 Trendmicro | 1 Cloud Edge | 2024-10-23 | 9.8 Critical |
| An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to execute arbitrary code on affected appliances. Please note: authentication is not required in order to exploit this vulnerability. | ||||
| CVE-2024-39753 | 1 Trendmicro | 1 Apex One | 2024-10-23 | 7.5 High |
| An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||