Vulnerabilities > Trendmicro > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-15 | CVE-2020-15602 | Untrusted Search Path vulnerability in Trendmicro products An untrusted search path remote code execution (RCE) vulnerability in the Trend Micro Secuity 2020 (v16.0.0.1146 and below) consumer family of products could allow an attacker to run arbitrary code on a vulnerable system. | 7.8 |
| 2020-05-27 | CVE-2020-8605 | OS Command Injection vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. | 8.8 |
| 2020-05-27 | CVE-2020-8604 | Path Traversal vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations. | 7.5 |
| 2020-03-18 | CVE-2020-8470 | Unspecified vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. | 7.5 |
| 2020-03-18 | CVE-2020-8468 | Injection vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. | 8.8 |
| 2020-03-18 | CVE-2020-8467 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). | 8.8 |
| 2020-03-12 | CVE-2020-8469 | Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager 5.0 Trend Micro Password Manager for Windows version 5.0 is affected by a DLL hijacking vulnerability would could potentially allow an attacker privleged escalation. | 7.8 |
| 2020-02-20 | CVE-2020-8601 | Uncontrolled Search Path Element vulnerability in Trendmicro vulnerability Protection 2.0 Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory. | 7.8 |
| 2020-02-20 | CVE-2019-14688 | Uncontrolled Search Path Element vulnerability in Trendmicro products Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. | 7.0 |
| 2020-01-30 | CVE-2019-20358 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218 Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | 7.8 |