Vulnerabilities > Trendmicro > Premium Security > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-29 | CVE-2024-23940 | Uncontrolled Search Path Element vulnerability in Trendmicro products Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system. | 7.8 |
| 2018-08-30 | CVE-2018-15363 | Out-of-bounds Read vulnerability in Trendmicro products An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. | 7.2 |
| 2018-08-30 | CVE-2018-10514 | Improper Privilege Management vulnerability in Trendmicro products A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. | 7.2 |
| 2018-08-30 | CVE-2018-10513 | Deserialization of Untrusted Data vulnerability in Trendmicro products A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. | 7.2 |
| 2018-05-25 | CVE-2018-6235 | Out-of-bounds Write vulnerability in Trendmicro products An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. | 7.2 |
| 2018-05-25 | CVE-2018-6233 | Classic Buffer Overflow vulnerability in Trendmicro products A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver. | 7.2 |
| 2018-05-25 | CVE-2018-6232 | Classic Buffer Overflow vulnerability in Trendmicro products A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. | 7.2 |
| 2017-03-21 | CVE-2017-5565 | Uncontrolled Search Path Element vulnerability in Trendmicro products Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a "DoubleAgent" attack. | 7.2 |