Vulnerabilities > Trendmicro
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-06 | CVE-2017-14084 | Unspecified vulnerability in Trendmicro Officescan 11.0/12.0 A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations. | 8.1 |
| 2017-10-06 | CVE-2017-14083 | Unspecified vulnerability in Trendmicro Officescan 11.0/12.0 A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote unauthenticated users who can access the system to download the OfficeScan encryption file. | 7.5 |
| 2017-09-22 | CVE-2017-14081 | Command Injection vulnerability in Trendmicro Mobile Security 9.7 Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | 8.8 |
| 2017-09-22 | CVE-2017-14080 | Improper Authentication vulnerability in Trendmicro Mobile Security 9.7 Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password. | 9.8 |
| 2017-09-22 | CVE-2017-14079 | Unrestricted Upload of File with Dangerous Type vulnerability in Trendmicro Mobile Security 9.7 Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | 8.8 |
| 2017-09-22 | CVE-2017-14078 | SQL Injection vulnerability in Trendmicro Mobile Security 9.7 SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | 9.8 |
| 2017-09-22 | CVE-2017-11396 | Unspecified vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections. | 7.2 |
| 2017-09-22 | CVE-2017-11395 | OS Command Injection vulnerability in Trendmicro Smart Protection Server 3.1/3.2 Command injection vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 server administration UI allows attackers with authenticated access to execute arbitrary code on vulnerable installations. | 8.8 |
| 2017-08-07 | CVE-2016-6220 | Information Exposure vulnerability in Trendmicro Control Manager 6.0 Information Disclosure vulnerability in the Dashboard and Error Pages in Trend Micro Control Manager SP3 6.0. | 7.5 |
| 2017-08-03 | CVE-2017-11394 | Improper Input Validation vulnerability in Trendmicro Officescan 11.0/12.0 Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. | 9.8 |