Vulnerabilities > Trendmicro > Mobile Security > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-23 CVE-2023-41176 Cross-site Scripting vulnerability in Trendmicro Mobile Security 9.8
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41177.
network
low complexity
trendmicro CWE-79
6.1
2024-01-23 CVE-2023-41177 Cross-site Scripting vulnerability in Trendmicro Mobile Security 9.8
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41178.
network
low complexity
trendmicro CWE-79
6.1
2024-01-23 CVE-2023-41178 Cross-site Scripting vulnerability in Trendmicro Mobile Security 9.8
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41176.
network
low complexity
trendmicro CWE-79
6.1
2023-06-26 CVE-2023-32525 Unspecified vulnerability in Trendmicro Mobile Security 9.8
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations.
network
low complexity
trendmicro
6.5
2023-06-26 CVE-2023-32526 Unspecified vulnerability in Trendmicro Mobile Security 9.8
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations.
network
low complexity
trendmicro
6.5
2020-02-20 CVE-2019-14688 Uncontrolled Search Path Element vulnerability in Trendmicro products
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation.
network
high complexity
trendmicro microsoft CWE-427
5.1
2018-01-19 CVE-2017-14082 Information Exposure vulnerability in Trendmicro Mobile Security
An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system.
network
low complexity
trendmicro CWE-200
5.0
2017-09-22 CVE-2017-14081 Command Injection vulnerability in Trendmicro Mobile Security
Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
network
low complexity
trendmicro CWE-77
6.5
2017-09-22 CVE-2017-14079 Unrestricted Upload of File with Dangerous Type vulnerability in Trendmicro Mobile Security 9.7
Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations.
network
low complexity
trendmicro CWE-434
6.5
2017-03-31 CVE-2016-9319 Improper Certificate Validation vulnerability in Trendmicro Mobile Security
There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android Application before 9.7.1193, aka VRTS-398.
4.3