Vulnerabilities > Trendmicro > Serverprotect
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2022-25329 | Use of Hard-coded Credentials vulnerability in Trendmicro products Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. | 7.5 |
| 2022-02-24 | CVE-2022-25330 | Integer Overflow or Wraparound vulnerability in Trendmicro products Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution. | 7.5 |
| 2022-02-24 | CVE-2022-25331 | Unspecified vulnerability in Trendmicro products Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process. | 5.0 |
| 2021-09-29 | CVE-2021-36745 | Forced Browsing vulnerability in Trendmicro Serverprotect 5.8/6.0 A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations. | 10.0 |
| 2021-03-03 | CVE-2021-25252 | Resource Exhaustion vulnerability in Trendmicro products Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file. | 4.9 |
| 2021-01-27 | CVE-2021-25226 | Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. | 2.1 |
| 2021-01-27 | CVE-2021-25225 | Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. | 2.1 |
| 2021-01-27 | CVE-2021-25224 | Resource Exhaustion vulnerability in Trendmicro Serverprotect 3.0 A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. | 2.1 |
| 2020-12-01 | CVE-2020-28575 | Out-of-bounds Write vulnerability in Trendmicro Serverprotect 3.0 A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations. | 4.6 |
| 2020-09-15 | CVE-2020-24561 | Command Injection vulnerability in Trendmicro Serverprotect 3.0 A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. | 9.0 |