Filtered by vendor Trendmicro Subscriptions
Total 498 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-28929 3 Microsoft, Trend Micro Inc, Trendmicro 14 Windows, Trend Micro Security, Antivirus\+ Security 2021 and 11 more 2024-12-05 7.8 High
Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started.
CVE-2023-35695 1 Trendmicro 1 Mobile Security 2024-12-05 7.5 High
A remote attacker could leverage a vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 to download a particular log file which may contain sensitive information regarding the product.
CVE-2023-32523 1 Trendmicro 1 Mobile Security 2024-12-05 8.8 High
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524.
CVE-2023-32524 1 Trendmicro 1 Mobile Security 2024-12-05 8.8 High
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32523.
CVE-2023-32525 1 Trendmicro 1 Mobile Security 2024-12-05 6.5 Medium
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32526.
CVE-2023-30902 2 Microsoft, Trendmicro 2 Windows, Apex One 2024-12-05 5.5 Medium
A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected installations.
CVE-2023-32521 1 Trendmicro 1 Mobile Security 2024-12-05 9.1 Critical
A path traversal exists in a specific service dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an unauthenticated remote attacker to delete arbitrary files.
CVE-2023-32605 1 Trendmicro 1 Apex Central 2024-12-05 5.4 Medium
Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32604.
CVE-2023-34144 3 Microsoft, Trend Micro Inc, Trendmicro 3 Windows, Trend Micro Apex One, Apex One 2024-12-05 7.8 High
An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34145.
CVE-2023-34145 3 Microsoft, Trend Micro Inc, Trendmicro 3 Windows, Trend Micro Apex One, Apex One 2024-12-05 7.8 High
An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate their privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34144.
CVE-2023-32554 3 Microsoft, Trend Micro Inc, Trendmicro 3 Windows, Trend Micro Apex One, Apex One 2024-12-05 7.0 High
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32555.
CVE-2023-32555 3 Microsoft, Trend Micro Inc, Trendmicro 3 Windows, Trend Micro Apex One, Apex One 2024-12-05 7.0 High
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32554.
CVE-2023-32556 2 Microsoft, Trendmicro 2 Windows, Apex One 2024-12-05 5.5 Medium
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2023-32557 3 Microsoft, Trend Micro Inc, Trendmicro 3 Windows, Trend Micro Apex One, Apex One 2024-12-05 9.8 Critical
A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arbitrary file to the Management Server which could lead to remote code execution with system privileges.
CVE-2023-34148 3 Microsoft, Trend Micro Inc, Trendmicro 3 Windows, Trend Micro Apex One, Apex One 2024-12-04 7.8 High
An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34147.
CVE-2023-34147 3 Microsoft, Trend Micro Inc, Trendmicro 3 Windows, Trend Micro Apex One, Apex One 2024-12-04 7.8 High
An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34146 and CVE-2023-34148.
CVE-2023-34146 3 Microsoft, Trend Micro Inc, Trendmicro 3 Windows, Trend Micro Apex One, Apex One 2024-12-04 7.8 High
An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local attacker to escalate privileges and write an arbitrary value to specific Trend Micro agent subkeys on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-34147 and CVE-2023-34148.
CVE-2023-32553 3 Microsoft, Trend Micro Inc, Trendmicro 3 Windows, Trend Micro Apex One, Apex One 2024-12-04 5.3 Medium
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32552.
CVE-2023-32552 3 Microsoft, Trend Micro Inc, Trendmicro 3 Windows, Trend Micro Apex One, Apex One 2024-12-04 5.3 Medium
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32553
CVE-2023-32528 1 Trendmicro 1 Mobile Security 2024-12-04 8.8 High
Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32527.