Vulnerabilities > Trendmicro > Password Manager > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-03-08 CVE-2022-26337 Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager
Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to an Uncontrolled Search Path Element vulnerability that could allow an attacker to use a specially crafted file to exploit the vulnerability and escalate local privileges on the affected machine.
network
trendmicro CWE-427
critical
9.3
2021-07-08 CVE-2021-32462 Unspecified vulnerability in Trendmicro Password Manager
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations.
network
low complexity
trendmicro
critical
9.0
2019-08-20 CVE-2019-14684 Untrusted Search Path vulnerability in Trendmicro Password Manager 5.0
A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process.
network
trendmicro CWE-426
critical
9.3
2016-04-12 CVE-2016-3987 Improper Access Control vulnerability in Trendmicro Password Manager
The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB.
network
low complexity
trendmicro CWE-284
critical
10.0