Vulnerabilities > Trendmicro
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-06 | CVE-2018-3608 | Code Injection vulnerability in Trendmicro products A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes. | 10.0 |
2018-06-12 | CVE-2018-10509 | Unspecified vulnerability in Trendmicro Officescan 11.0/Xg A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to exploit it via a Browser Refresh attack on vulnerable installations. | 4.0 |
2018-06-12 | CVE-2018-10508 | Unspecified vulnerability in Trendmicro Officescan 11.0/Xg A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to use a specially crafted URL to elevate account permissions on vulnerable installations. | 6.5 |
2018-06-12 | CVE-2018-10507 | Unspecified vulnerability in Trendmicro Officescan 11.0/Xg A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to take a series of steps to bypass or render the OfficeScan Unauthorized Change Prevention inoperable on vulnerable installations. | 2.1 |
2018-06-08 | CVE-2018-10506 | Out-of-bounds Read vulnerability in Trendmicro Officescan 11.0/Xg A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by the TMWFP driver. | 1.9 |
2018-06-08 | CVE-2018-10505 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendmicro Officescan 11.0/Xg A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220008 in the TMWFP driver. | 5.4 |
2018-06-08 | CVE-2018-10359 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendmicro Officescan 11.0/Xg A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. | 5.4 |
2018-06-08 | CVE-2018-10358 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendmicro Officescan 11.0/Xg A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x2200B4 in the TMWFP driver. | 5.4 |
2018-05-25 | CVE-2018-6237 | Resource Exhaustion vulnerability in Trendmicro Smart Protection Server A vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow an unauthenticated remote attacker to manipulate the product to send a large number of specially crafted HTTP requests to potentially cause the file system to fill up, eventually causing a denial of service (DoS) situation. | 7.8 |
2018-05-25 | CVE-2018-6236 | Race Condition vulnerability in Trendmicro products A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver. | 6.9 |