Vulnerabilities > Trendmicro > High

DATE CVE VULNERABILITY TITLE RISK
2018-08-30 CVE-2018-10513 Deserialization of Untrusted Data vulnerability in Trendmicro products
A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations.
local
low complexity
trendmicro CWE-502
7.8
2018-08-15 CVE-2018-10512 Unspecified vulnerability in Trendmicro Control Manager 6.0/7.0
A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, which may lead to a denial of server (DoS).
network
low complexity
trendmicro
7.5
2018-06-12 CVE-2018-10509 Unspecified vulnerability in Trendmicro Officescan 11.0/Xg
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to exploit it via a Browser Refresh attack on vulnerable installations.
network
low complexity
trendmicro
8.8
2018-06-12 CVE-2018-10508 Unspecified vulnerability in Trendmicro Officescan 11.0/Xg
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to use a specially crafted URL to elevate account permissions on vulnerable installations.
network
low complexity
trendmicro
8.8
2018-05-25 CVE-2018-6237 Resource Exhaustion vulnerability in Trendmicro Smart Protection Server
A vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow an unauthenticated remote attacker to manipulate the product to send a large number of specially crafted HTTP requests to potentially cause the file system to fill up, eventually causing a denial of service (DoS) situation.
network
low complexity
trendmicro CWE-400
7.5
2018-05-25 CVE-2018-6236 Race Condition vulnerability in Trendmicro products
A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver.
local
high complexity
trendmicro CWE-362
7.0
2018-05-25 CVE-2018-6235 Out-of-bounds Write vulnerability in Trendmicro products
An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver.
local
low complexity
trendmicro CWE-787
7.8
2018-05-25 CVE-2018-6233 Classic Buffer Overflow vulnerability in Trendmicro products
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver.
local
low complexity
trendmicro CWE-120
7.8
2018-05-25 CVE-2018-6232 Classic Buffer Overflow vulnerability in Trendmicro products
A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver.
local
low complexity
trendmicro CWE-120
7.8
2018-05-25 CVE-2018-10350 SQL Injection vulnerability in Trendmicro Smart Protection Server
A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\_bwlists\_handler.php.
network
low complexity
trendmicro CWE-89
8.8