Vulnerabilities > Trendmicro > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-17 | CVE-2019-15627 | Link Following vulnerability in Trendmicro Deep Security 10.0/11.0/12.0 Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. | 7.1 |
2019-10-17 | CVE-2019-15626 | Cleartext Transmission of Sensitive Information vulnerability in Trendmicro Deep Security 10.0/11.0/12.0 The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. | 7.5 |
2019-08-21 | CVE-2019-14686 | Uncontrolled Search Path Element vulnerability in Trendmicro products A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if exploited, would allow an attacker to load a malicious DLL, leading to elevated privileges. | 7.8 |
2019-08-21 | CVE-2019-14685 | Unquoted Search Path or Element vulnerability in Trendmicro products A local privilege escalation vulnerability exists in Trend Micro Security 2019 (v15.0) in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service. | 7.8 |
2019-08-20 | CVE-2019-14687 | Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager 5.0 A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. | 7.8 |
2019-08-20 | CVE-2019-14684 | Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager 5.0 A DLL hijacking vulnerability exists in Trend Micro Password Manager 5.0 in which, if exploited, would allow an attacker to load an arbitrary unsigned DLL into the signed service's process. | 7.8 |
2019-07-26 | CVE-2019-9492 | Untrusted Search Path vulnerability in Trendmicro Officescan 11.0/Xg A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. | 7.8 |
2019-04-05 | CVE-2019-9490 | Unspecified vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. | 8.8 |
2019-04-05 | CVE-2019-9489 | Path Traversal vulnerability in Trendmicro products A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console. | 7.5 |
2019-02-05 | CVE-2018-18334 | Information Exposure vulnerability in Trendmicro DR. Safety A vulnerability in the Private Browser of Trend Micro Dr. | 7.5 |