Trendmicro

Serverprotect

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-25331

Exploit
  • EPSS 1.09%
  • Veröffentlicht 24.02.2022 03:15:44
  • Zuletzt bearbeitet 21.11.2024 06:52:01

Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.

9.8

CVE-2022-25330

Exploit
  • EPSS 4.91%
  • Veröffentlicht 24.02.2022 03:15:44
  • Zuletzt bearbeitet 21.11.2024 06:52:00

Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.

9.8

CVE-2022-25329

  • EPSS 2.63%
  • Veröffentlicht 24.02.2022 03:15:43
  • Zuletzt bearbeitet 21.11.2024 06:52:00

Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to re...

10

CVE-2021-36745

  • EPSS 18.72%
  • Veröffentlicht 29.09.2021 11:15:07
  • Zuletzt bearbeitet 21.11.2024 06:14:00

A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass auth...

5.5

CVE-2021-25252

  • EPSS 0.06%
  • Veröffentlicht 03.03.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:54:38

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.

5.5

CVE-2021-25226

  • EPSS 0.07%
  • Veröffentlicht 27.01.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 05:54:35

A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scan engine component. An ...

5.5

CVE-2021-25225

  • EPSS 0.07%
  • Veröffentlicht 27.01.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 05:54:34

A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scheduled scan component. ...

5.5

CVE-2021-25224

  • EPSS 0.07%
  • Veröffentlicht 27.01.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 05:54:34

A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a manual scan component. An ...

6.7

CVE-2020-28575

  • EPSS 0.17%
  • Veröffentlicht 01.12.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:22:56

A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute high-privileged co...

9.1

CVE-2020-24561

  • EPSS 2.36%
  • Veröffentlicht 15.09.2020 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:14:59

A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileges on the SPLX console to exploit this vulnerabilit...