Vulnerabilities > Trendmicro > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-17 | CVE-2019-15626 | Cleartext Transmission of Sensitive Information vulnerability in Trendmicro Deep Security 10.0/11.0/12.0 The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. | 4.3 |
| 2019-09-11 | CVE-2019-9488 | XXE vulnerability in Trendmicro Deep Security Manager and vulnerability Protection Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. | 4.0 |
| 2019-08-21 | CVE-2019-14686 | Untrusted Search Path vulnerability in Trendmicro products A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if exploited, would allow an attacker to load a malicious DLL, leading to elevated privileges. | 6.8 |
| 2019-07-26 | CVE-2019-9492 | Untrusted Search Path vulnerability in Trendmicro Officescan 11.0/Xg A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. | 4.6 |
| 2019-04-05 | CVE-2019-9490 | Unspecified vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. | 4.0 |
| 2019-04-05 | CVE-2019-9489 | Path Traversal vulnerability in Trendmicro products A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console. | 5.0 |
| 2019-02-05 | CVE-2018-18334 | Information Exposure vulnerability in Trendmicro DR. Safety A vulnerability in the Private Browser of Trend Micro Dr. | 5.0 |
| 2019-02-05 | CVE-2018-18333 | Untrusted Search Path vulnerability in Trendmicro products A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations. | 6.8 |
| 2018-12-21 | CVE-2018-18332 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Officescan XG A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations. | 5.0 |
| 2018-12-21 | CVE-2018-18331 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Officescan XG A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a particular group may allow an attacker to alter the files, which could lead to other exploits on vulnerable installations. | 5.0 |