Vulnerabilities > Trendmicro
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-23 | CVE-2018-15366 | Use After Free vulnerability in Trendmicro products A UrlfWTPPagePtr KERedirect Use-After-Free Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. | 7.8 |
| 2018-09-28 | CVE-2018-15365 | Cross-site Scripting vulnerability in Trendmicro Deep Discovery Inspector A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. | 5.4 |
| 2018-08-30 | CVE-2018-15364 | Information Exposure vulnerability in Trendmicro Officescan XG 12.0 A Named Pipe Request Processing Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro OfficeScan XG (12.0) could allow a local attacker to disclose sensitive information on vulnerable installations. | 4.7 |
| 2018-08-30 | CVE-2018-15363 | Out-of-bounds Read vulnerability in Trendmicro products An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. | 7.8 |
| 2018-08-30 | CVE-2018-10514 | Improper Privilege Management vulnerability in Trendmicro products A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. | 7.8 |
| 2018-08-30 | CVE-2018-10513 | Deserialization of Untrusted Data vulnerability in Trendmicro products A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. | 7.8 |
| 2018-08-15 | CVE-2018-10512 | Unspecified vulnerability in Trendmicro Control Manager 6.0/7.0 A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, which may lead to a denial of server (DoS). | 7.5 |
| 2018-08-15 | CVE-2018-10511 | Server-Side Request Forgery (SSRF) vulnerability in Trendmicro Control Manager 6.0/7.0 A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnerable installations. | 10.0 |
| 2018-08-15 | CVE-2018-10510 | Path Traversal vulnerability in Trendmicro Control Manager 6.0/7.0 A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to execute arbitrary code on vulnerable installations. | 9.8 |
| 2018-07-06 | CVE-2018-3608 | Code Injection vulnerability in Trendmicro products A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes. | 9.8 |