Vulnerabilities > Trendmicro > Apex Central

DATE CVE VULNERABILITY TITLE RISK
2023-06-26 CVE-2023-32604 Cross-site Scripting vulnerability in Trendmicro Apex Central 2019
Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues.
network
low complexity
trendmicro CWE-79
5.4
2023-06-26 CVE-2023-32605 Cross-site Scripting vulnerability in Trendmicro Apex Central 2019
Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues.
network
low complexity
trendmicro CWE-79
5.4
2022-03-29 CVE-2022-26871 Insufficient Verification of Data Authenticity vulnerability in Trendmicro Apex Central and Apex ONE
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
network
low complexity
trendmicro CWE-345
critical
9.8
2021-03-03 CVE-2021-25252 Resource Exhaustion vulnerability in Trendmicro products
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
local
low complexity
trendmicro CWE-400
5.5