Trendmicro

Apex One

159 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-28645

  • EPSS 0.07%
  • Veröffentlicht 13.04.2021 13:15:13
  • Zuletzt bearbeitet 21.11.2024 06:00:00

An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the abilit...

5.5

CVE-2021-28646

  • EPSS 0.06%
  • Veröffentlicht 13.04.2021 13:15:13
  • Zuletzt bearbeitet 21.11.2024 06:00:00

An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations.

5.5

CVE-2021-25252

  • EPSS 0.06%
  • Veröffentlicht 03.03.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:54:38

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.

5.3

CVE-2021-25241

  • EPSS 0.42%
  • Veröffentlicht 04.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:54:36

A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a sweep.

5.3

CVE-2021-25242

  • EPSS 0.34%
  • Veröffentlicht 04.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:54:36

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain version and build information.

5.3

CVE-2021-25243

  • EPSS 0.34%
  • Veröffentlicht 04.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:54:37

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain patch level information.

6.5

CVE-2021-25246

  • EPSS 0.36%
  • Veröffentlicht 04.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:54:37

An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that...

5.5

CVE-2021-25248

  • EPSS 0.15%
  • Veröffentlicht 04.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:54:37

An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow an attacker to disclose sensitive information about a named...

7.8

CVE-2021-25249

  • EPSS 0.08%
  • Veröffentlicht 04.02.2021 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:54:37

An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected instal...

5.3

CVE-2021-25228

  • EPSS 0.34%
  • Veröffentlicht 04.02.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:54:35

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about hotfix history.