Vulnerabilities > Trendmicro
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-21 | CVE-2019-9491 | Uncontrolled Search Path Element vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218 Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | 7.8 |
| 2019-10-17 | CVE-2019-15627 | Link Following vulnerability in Trendmicro Deep Security 10.0/11.0/12.0 Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. | 7.1 |
| 2019-10-17 | CVE-2019-15626 | Cleartext Transmission of Sensitive Information vulnerability in Trendmicro Deep Security 10.0/11.0/12.0 The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. | 7.5 |
| 2019-09-11 | CVE-2019-9488 | XXE vulnerability in Trendmicro Deep Security Manager and vulnerability Protection Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. | 4.9 |
| 2019-08-21 | CVE-2019-14686 | Uncontrolled Search Path Element vulnerability in Trendmicro products A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if exploited, would allow an attacker to load a malicious DLL, leading to elevated privileges. | 7.8 |
| 2019-08-21 | CVE-2019-14685 | Unquoted Search Path or Element vulnerability in Trendmicro products A local privilege escalation vulnerability exists in Trend Micro Security 2019 (v15.0) in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service. | 7.8 |
| 2019-08-20 | CVE-2019-14687 | Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager 5.0 A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. | 7.8 |
| 2019-08-20 | CVE-2019-14684 | Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager 5.0 A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. | 7.8 |
| 2019-07-26 | CVE-2019-9492 | Untrusted Search Path vulnerability in Trendmicro Officescan 11.0/Xg A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. | 7.8 |
| 2019-04-05 | CVE-2019-9490 | Unspecified vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. | 8.8 |