CVE-2021-25252
- EPSS 0.06%
- Published 03.03.2021 16:15:13
- Last modified 21.11.2024 05:54:38
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
- EPSS 0.41%
- Published 20.02.2020 23:15:20
- Last modified 21.11.2024 04:27:08
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was fou...
CVE-2017-14090
- EPSS 0.29%
- Published 16.12.2017 02:29:09
- Last modified 20.04.2025 01:37:25
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted.
CVE-2017-14091
- EPSS 0.25%
- Published 16.12.2017 02:29:09
- Last modified 20.04.2025 01:37:25
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensitive files in the ScanMail for Exchange directory.
CVE-2017-14092
- EPSS 0.27%
- Published 16.12.2017 02:29:09
- Last modified 20.04.2025 01:37:25
The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain.
CVE-2017-14093
- EPSS 0.36%
- Published 16.12.2017 02:29:09
- Last modified 20.04.2025 01:37:25
The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting (XSS) attacks.