CVE-2021-25252
- EPSS 0.56%
- Veröffentlicht 03.03.2021 16:15:13
- Zuletzt bearbeitet 21.11.2024 05:54:38
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
- EPSS 1.87%
- Veröffentlicht 20.02.2020 23:15:20
- Zuletzt bearbeitet 21.11.2024 04:27:08
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was fou...
CVE-2018-10512
- EPSS 1.1%
- Veröffentlicht 15.08.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:28
A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, which may lead to a denial of server (DoS).
- EPSS 2.67%
- Veröffentlicht 15.08.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:28
A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnerable installations.
CVE-2018-10510
- EPSS 6.46%
- Veröffentlicht 15.08.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:28
A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to execute arbitrary code on vulnerable installations.
CVE-2018-3607
- EPSS 14.66%
- Veröffentlicht 09.02.2018 22:29:01
- Zuletzt bearbeitet 21.11.2024 04:05:45
XXXTreeNode method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
CVE-2018-3606
- EPSS 49.41%
- Veröffentlicht 09.02.2018 22:29:01
- Zuletzt bearbeitet 21.11.2024 04:05:45
XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
CVE-2018-3602
- EPSS 8.27%
- Veröffentlicht 09.02.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 04:05:45
An AdHocQuery_Processor SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
CVE-2018-3605
- EPSS 20.22%
- Veröffentlicht 09.02.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 04:05:45
TopXXX, ViolationXXX, and IncidentXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
CVE-2018-3604
- EPSS 68.58%
- Veröffentlicht 09.02.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 04:05:45
GetXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.