CVE-2021-25252
- EPSS 0.06%
- Published 03.03.2021 16:15:13
- Last modified 21.11.2024 05:54:38
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
CVE-2020-27016
- EPSS 0.29%
- Published 09.11.2020 23:15:12
- Last modified 21.11.2024 05:20:40
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a cross-site request forgery (CSRF) vulnerability which could allow an attacker to modify policy rules by tricking an authenticated administrator into accessing a...
CVE-2020-27017
- EPSS 1%
- Published 09.11.2020 23:15:12
- Last modified 21.11.2024 05:20:41
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an XML External Entity Processing (XXE) vulnerability which could allow an authenticated administrator to read arbitrary local files. An attacker must already hav...
CVE-2020-27018
- EPSS 0.14%
- Published 09.11.2020 23:15:12
- Last modified 21.11.2024 05:20:41
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's web server and grant access to web resources or par...
CVE-2020-27019
- EPSS 0.14%
- Published 09.11.2020 23:15:12
- Last modified 21.11.2024 05:20:41
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key.
CVE-2020-27693
- EPSS 0.08%
- Published 09.11.2020 23:15:12
- Last modified 21.11.2024 05:21:39
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative passwords using a hash that is considered outdated.
CVE-2020-27694
- EPSS 1.11%
- Published 09.11.2020 23:15:12
- Last modified 21.11.2024 05:21:40
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 has updated a specific critical library that may vulnerable to attack.
CVE-2018-3609
- EPSS 25.3%
- Published 16.02.2018 22:29:00
- Last modified 21.11.2024 04:05:45
A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication o...
CVE-2017-11391
- EPSS 12.63%
- Published 03.08.2017 15:29:00
- Last modified 20.04.2025 01:37:25
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "t" parameter with...
CVE-2017-11392
- EPSS 6.77%
- Published 03.08.2017 15:29:00
- Last modified 20.04.2025 01:37:25
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "T" parameter with...