Vulnerabilities > Trendmicro
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-20 | CVE-2019-14688 | Uncontrolled Search Path Element vulnerability in Trendmicro products Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. | 7.0 |
| 2020-01-30 | CVE-2019-20358 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218 Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | 7.8 |
| 2020-01-18 | CVE-2019-20357 | Unquoted Search Path or Element vulnerability in Trendmicro products A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system. | 7.8 |
| 2020-01-18 | CVE-2019-19697 | Unspecified vulnerability in Trendmicro products An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. | 6.7 |
| 2020-01-18 | CVE-2019-19696 | Insufficiently Protected Credentials vulnerability in Trendmicro Password Manager A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishing sites. | 5.5 |
| 2020-01-18 | CVE-2019-15625 | Unspecified vulnerability in Trendmicro Password Manager 3.8/3.8.0.1052/3.8.0.1103 A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information. | 5.5 |
| 2019-12-24 | CVE-2019-19695 | Link Following vulnerability in Trendmicro Antivirus 9.0/9.0.1379 A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it. | 7.5 |
| 2019-12-20 | CVE-2019-19693 | Link Following vulnerability in Trendmicro products The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. | 7.1 |
| 2019-12-20 | CVE-2019-19692 | Cross-site Scripting vulnerability in Trendmicro Apex ONE 2019 Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. | 6.1 |
| 2019-12-20 | CVE-2019-19691 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. | 4.9 |