Vulnerabilities > Trendmicro > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-27 | CVE-2020-8605 | OS Command Injection vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. | 6.5 |
| 2020-05-27 | CVE-2020-8604 | Path Traversal vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations. | 5.0 |
| 2020-05-27 | CVE-2020-8603 | Cross-site Scripting vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. | 4.3 |
| 2020-03-18 | CVE-2020-8468 | Injection vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. | 6.5 |
| 2020-03-18 | CVE-2020-8467 | Unspecified vulnerability in Trendmicro Apex ONE and Officescan A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). | 6.5 |
| 2020-03-12 | CVE-2020-8469 | Uncontrolled Search Path Element vulnerability in Trendmicro Password Manager 5.0 Trend Micro Password Manager for Windows version 5.0 is affected by a DLL hijacking vulnerability would could potentially allow an attacker privleged escalation. | 6.9 |
| 2020-02-20 | CVE-2020-8601 | Uncontrolled Search Path Element vulnerability in Trendmicro vulnerability Protection 2.0 Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory. | 4.6 |
| 2020-02-20 | CVE-2019-14688 | Uncontrolled Search Path Element vulnerability in Trendmicro products Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. | 5.1 |
| 2020-01-30 | CVE-2019-20358 | Improper Input Validation vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218 Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | 5.1 |
| 2019-12-24 | CVE-2019-19695 | Link Following vulnerability in Trendmicro Antivirus 9.0.1379 A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it. | 5.0 |