Vulnerabilities > Trendmicro > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-01-18 CVE-2019-15625 Unspecified vulnerability in Trendmicro Password Manager 3.8/3.8.0.1052/3.8.0.1103
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
local
low complexity
trendmicro
5.5
2019-12-20 CVE-2019-19692 Cross-site Scripting vulnerability in Trendmicro Apex ONE 2019
Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console.
network
low complexity
trendmicro CWE-79
6.1
2019-12-20 CVE-2019-19691 Unspecified vulnerability in Trendmicro Apex ONE and Officescan
A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools.
network
low complexity
trendmicro
4.9
2019-09-11 CVE-2019-9488 XXE vulnerability in Trendmicro Deep Security Manager and vulnerability Protection
Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack.
network
low complexity
trendmicro CWE-611
4.9
2018-12-21 CVE-2018-18330 Unspecified vulnerability in Trendmicro DR. Safety
An Address Bar Spoofing vulnerability in Trend Micro Dr.
network
low complexity
trendmicro
6.5
2018-09-28 CVE-2018-15365 Cross-site Scripting vulnerability in Trendmicro Deep Discovery Inspector
A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations.
network
low complexity
trendmicro CWE-79
5.4
2018-08-30 CVE-2018-15364 Information Exposure vulnerability in Trendmicro Officescan XG 12.0
A Named Pipe Request Processing Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro OfficeScan XG (12.0) could allow a local attacker to disclose sensitive information on vulnerable installations.
local
high complexity
trendmicro CWE-200
4.7
2018-06-12 CVE-2018-10507 Unspecified vulnerability in Trendmicro Officescan 11.0/Xg
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to take a series of steps to bypass or render the OfficeScan Unauthorized Change Prevention inoperable on vulnerable installations.
local
low complexity
trendmicro
4.4
2018-06-08 CVE-2018-10506 Out-of-bounds Read vulnerability in Trendmicro Officescan 11.0/Xg
A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by the TMWFP driver.
local
high complexity
trendmicro CWE-125
4.7
2018-06-08 CVE-2018-10505 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendmicro Officescan 11.0/Xg
A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220008 in the TMWFP driver.
local
high complexity
trendmicro CWE-119
6.3