Vulnerabilities > Trendmicro > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-29 | CVE-2020-25772 | Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. | 5.5 |
| 2020-09-29 | CVE-2020-25771 | Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. | 5.5 |
| 2020-09-29 | CVE-2020-25770 | Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. | 5.5 |
| 2020-09-29 | CVE-2020-24565 | Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. | 5.5 |
| 2020-09-29 | CVE-2020-24564 | Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. | 5.5 |
| 2020-08-05 | CVE-2020-8607 | Improper Input Validation vulnerability in Trendmicro products An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. | 6.7 |
| 2020-05-27 | CVE-2020-8603 | Cross-site Scripting vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. | 6.1 |
| 2020-02-20 | CVE-2019-19694 | Unspecified vulnerability in Trendmicro products The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable to a denial of service (DoS) attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware protection functions or the entire product completely.. | 4.7 |
| 2020-01-18 | CVE-2019-19697 | Unspecified vulnerability in Trendmicro products An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. | 6.7 |
| 2020-01-18 | CVE-2019-19696 | Insufficiently Protected Credentials vulnerability in Trendmicro Password Manager A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishing sites. | 5.5 |