Vulnerabilities > Trendmicro > Apex ONE > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2022-24678 | Resource Exhaustion vulnerability in Trendmicro products An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow an attacker to flood a temporary log location and consume all disk space on affected installations. | 5.0 |
| 2022-01-10 | CVE-2021-44024 | Link Following vulnerability in Trendmicro products A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. | 6.6 |
| 2022-01-10 | CVE-2021-45442 | Link Following vulnerability in Trendmicro products A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. | 6.6 |
| 2021-10-21 | CVE-2021-23139 | NULL Pointer Dereference vulnerability in Trendmicro products A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations. | 5.0 |
| 2021-10-21 | CVE-2021-42011 | Incorrect Default Permissions vulnerability in Trendmicro Apex ONE 2019 An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. | 4.6 |
| 2021-10-21 | CVE-2021-42012 | Out-of-bounds Write vulnerability in Trendmicro products A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. | 4.6 |
| 2021-10-21 | CVE-2021-42101 | Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 2019 An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. | 4.6 |
| 2021-10-21 | CVE-2021-42102 | Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 2019 An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. | 4.6 |
| 2021-10-21 | CVE-2021-42103 | Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 2019 An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. | 4.6 |
| 2021-10-21 | CVE-2021-42104 | Improper Privilege Management vulnerability in Trendmicro products Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. | 4.6 |