Vulnerabilities > Trendmicro > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-01 | CVE-2020-24558 | Out-of-bounds Read vulnerability in Trendmicro products A vulnerability in an Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services dll may allow an attacker to manipulate it to cause an out-of-bounds read that crashes multiple processes in the product. | 3.6 |
| 2020-02-20 | CVE-2019-19694 | Improper Input Validation vulnerability in Trendmicro products The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable to a denial of service (DoS) attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware protection functions or the entire product completely.. | 1.9 |
| 2020-01-18 | CVE-2019-15625 | Information Exposure vulnerability in Trendmicro Password Manager 3.8/3.8.0.1052/3.8.0.1103 A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information. | 2.1 |
| 2020-01-18 | CVE-2019-19696 | Information Exposure vulnerability in Trendmicro Password Manager A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishing sites. | 2.1 |
| 2019-12-20 | CVE-2019-19693 | Information Exposure vulnerability in Trendmicro products The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. | 3.6 |
| 2018-09-28 | CVE-2018-15365 | Cross-site Scripting vulnerability in Trendmicro Deep Discovery Inspector 3.85 A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. | 3.5 |
| 2018-08-30 | CVE-2018-15364 | Information Exposure vulnerability in Trendmicro Officescan XG 12.0 A Named Pipe Request Processing Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro OfficeScan XG (12.0) could allow a local attacker to disclose sensitive information on vulnerable installations. | 1.9 |
| 2018-06-12 | CVE-2018-10507 | Unspecified vulnerability in Trendmicro Officescan 11.0/Xg A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to take a series of steps to bypass or render the OfficeScan Unauthorized Change Prevention inoperable on vulnerable installations. | 2.1 |
| 2018-06-08 | CVE-2018-10506 | Out-of-bounds Read vulnerability in Trendmicro Officescan 11.0/Xg A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by the TMWFP driver. | 1.9 |
| 2018-05-25 | CVE-2018-6234 | Information Exposure vulnerability in Trendmicro products An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. | 2.1 |