CVE-2021-36742
- EPSS 1.48%
- Veröffentlicht 29.07.2021 20:15:07
- Zuletzt bearbeitet 31.10.2025 17:14:09
A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must ...
CVE-2021-32463
- EPSS 0.36%
- Veröffentlicht 20.07.2021 11:15:11
- Zuletzt bearbeitet 21.11.2024 06:07:05
An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to escalate privileges and delete fi...
CVE-2021-25250
- EPSS 0.51%
- Veröffentlicht 13.04.2021 13:15:13
- Zuletzt bearbeitet 21.11.2024 05:54:37
An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must...
CVE-2021-25253
- EPSS 1.91%
- Veröffentlicht 13.04.2021 13:15:13
- Zuletzt bearbeitet 21.11.2024 05:54:38
An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an...
CVE-2021-28645
- EPSS 0.51%
- Veröffentlicht 13.04.2021 13:15:13
- Zuletzt bearbeitet 21.11.2024 06:00:00
An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the abilit...
CVE-2021-28646
- EPSS 0.42%
- Veröffentlicht 13.04.2021 13:15:13
- Zuletzt bearbeitet 21.11.2024 06:00:00
An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations.
CVE-2021-25252
- EPSS 0.56%
- Veröffentlicht 03.03.2021 16:15:13
- Zuletzt bearbeitet 21.11.2024 05:54:38
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
CVE-2021-25241
- EPSS 1.87%
- Veröffentlicht 04.02.2021 20:15:14
- Zuletzt bearbeitet 21.11.2024 05:54:36
A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a sweep.
CVE-2021-25242
- EPSS 2.15%
- Veröffentlicht 04.02.2021 20:15:14
- Zuletzt bearbeitet 21.11.2024 05:54:36
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain version and build information.
CVE-2021-25243
- EPSS 2.15%
- Veröffentlicht 04.02.2021 20:15:14
- Zuletzt bearbeitet 21.11.2024 05:54:37
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain patch level information.