Vulnerabilities > Trendmicro
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-26 | CVE-2023-30902 | Unspecified vulnerability in Trendmicro Apex ONE 14.0.10349/2019 A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected installations. | 5.5 |
2023-06-26 | CVE-2023-32521 | Path Traversal vulnerability in Trendmicro Mobile Security 9.8 A path traversal exists in a specific service dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an unauthenticated remote attacker to delete arbitrary files. | 9.1 |
2023-06-26 | CVE-2023-32522 | Path Traversal vulnerability in Trendmicro Mobile Security 9.8 A path traversal exists in a specific dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an authenticated remote attacker to delete arbitrary files. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 8.1 |
2023-06-26 | CVE-2023-32523 | Improper Authentication vulnerability in Trendmicro Mobile Security 9.8 Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524. | 8.8 |
2023-06-26 | CVE-2023-32524 | Improper Authentication vulnerability in Trendmicro Mobile Security 9.8 Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32523. | 8.8 |
2023-06-26 | CVE-2023-32525 | Unspecified vulnerability in Trendmicro Mobile Security 9.8 Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. | 6.5 |
2023-06-26 | CVE-2023-32526 | Unspecified vulnerability in Trendmicro Mobile Security 9.8 Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. | 6.5 |
2023-06-26 | CVE-2023-32527 | Unspecified vulnerability in Trendmicro Mobile Security 9.8 Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32528. | 8.8 |
2023-06-26 | CVE-2023-32528 | Unspecified vulnerability in Trendmicro Mobile Security 9.8 Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32527. | 8.8 |
2023-06-26 | CVE-2023-32529 | SQL Injection vulnerability in Trendmicro Apex Central 2019 Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution. Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32530. | 8.8 |