Vulnerabilities > Trendmicro > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-24 | CVE-2019-19695 | Link Following vulnerability in Trendmicro Antivirus 9.0/9.0.1379 A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it. | 7.5 |
2019-12-20 | CVE-2019-19693 | Link Following vulnerability in Trendmicro products The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. | 7.1 |
2019-12-18 | CVE-2019-19689 | Uncontrolled Search Path Element vulnerability in Trendmicro Housecall for Home Networks Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses. | 7.8 |
2019-12-18 | CVE-2019-19688 | Unspecified vulnerability in Trendmicro Housecall for Home Networks A privilege escalation vulnerability in Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited allowing an attacker to place a malicious DLL file into the application directory and elevate privileges. | 7.8 |
2019-12-16 | CVE-2019-18191 | Incomplete Cleanup vulnerability in Trendmicro Deep Security AS a Service A privilege escalation vulnerability in the Trend Micro Deep Security as a Service Quick Setup cloud formation template could allow an authenticated entity with certain unrestricted AWS execution privileges to escalate to full privileges within the target AWS account. | 8.8 |
2019-12-02 | CVE-2019-15628 | Untrusted Search Path vulnerability in Trendmicro products Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism which could execute a malicious program each time the service is started. | 7.8 |
2019-11-25 | CVE-2019-15629 | Unspecified vulnerability in Trendmicro Password Manager Trend Micro Password Manager versions 3.x, 5.0, and 5.1 for Android is affected by a FLAG_MISUSE vulnerability that could be exploited to allow the application to share information to third-party applications on the device. | 7.5 |
2019-10-28 | CVE-2019-18188 | Command Injection vulnerability in Trendmicro Apex ONE 2019 Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitrary zip file to a specific folder on the Apex One server, which could potentially lead to remote code execution (RCE). | 7.5 |
2019-10-28 | CVE-2019-18187 | Path Traversal vulnerability in Trendmicro Officescan 11.0/Xg Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). | 7.5 |
2019-10-21 | CVE-2019-9491 | Uncontrolled Search Path Element vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218 Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | 7.8 |