Vulnerabilities > Trendmicro > Officescan > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-01 | CVE-2020-28577 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names. | 5.3 |
| 2020-12-01 | CVE-2020-28576 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information. | 5.3 |
| 2020-12-01 | CVE-2020-28573 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server. | 5.3 |
| 2020-08-05 | CVE-2020-8607 | Improper Input Validation vulnerability in Trendmicro products An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. | 6.7 |
| 2019-12-20 | CVE-2019-19691 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. | 4.9 |
| 2018-06-12 | CVE-2018-10507 | Unspecified vulnerability in Trendmicro Officescan 11.0/Xg A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to take a series of steps to bypass or render the OfficeScan Unauthorized Change Prevention inoperable on vulnerable installations. | 4.4 |
| 2018-06-08 | CVE-2018-10506 | Out-of-bounds Read vulnerability in Trendmicro Officescan 11.0/Xg A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by the TMWFP driver. | 4.7 |
| 2018-06-08 | CVE-2018-10505 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendmicro Officescan 11.0/Xg A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220008 in the TMWFP driver. | 6.3 |
| 2018-06-08 | CVE-2018-10359 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendmicro Officescan 11.0/Xg A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. | 6.3 |
| 2018-06-08 | CVE-2018-10358 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendmicro Officescan 11.0/Xg A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x2200B4 in the TMWFP driver. | 6.3 |