Trendmicro

Control Manager

22 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2021-25252

  • EPSS 0.06%
  • Published 03.03.2021 16:15:13
  • Last modified 21.11.2024 05:54:38

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.

7

CVE-2019-14688

  • EPSS 0.41%
  • Published 20.02.2020 23:15:20
  • Last modified 21.11.2024 04:27:08

Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was fou...

7.5

CVE-2018-10512

  • EPSS 0.7%
  • Published 15.08.2018 19:29:00
  • Last modified 21.11.2024 03:41:28

A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, which may lead to a denial of server (DoS).

10

CVE-2018-10511

  • EPSS 0.37%
  • Published 15.08.2018 19:29:00
  • Last modified 21.11.2024 03:41:28

A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnerable installations.

9.8

CVE-2018-10510

  • EPSS 3.8%
  • Published 15.08.2018 19:29:00
  • Last modified 21.11.2024 03:41:28

A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to execute arbitrary code on vulnerable installations.

8.8

CVE-2018-3607

  • EPSS 9.92%
  • Published 09.02.2018 22:29:01
  • Last modified 21.11.2024 04:05:45

XXXTreeNode method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.

8.8

CVE-2018-3606

  • EPSS 21.84%
  • Published 09.02.2018 22:29:01
  • Last modified 21.11.2024 04:05:45

XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.

8.8

CVE-2018-3602

  • EPSS 4.55%
  • Published 09.02.2018 22:29:00
  • Last modified 21.11.2024 04:05:45

An AdHocQuery_Processor SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.

8.8

CVE-2018-3605

  • EPSS 9.08%
  • Published 09.02.2018 22:29:00
  • Last modified 21.11.2024 04:05:45

TopXXX, ViolationXXX, and IncidentXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.

8.8

CVE-2018-3604

  • EPSS 22.32%
  • Published 09.02.2018 22:29:00
  • Last modified 21.11.2024 04:05:45

GetXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.