| CVE-2017-14087 |
high |
7.5 |
8.5 |
EXP |
|
trendmicro |
9y ago |
A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12.0) may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a mali… |
| CVE-2017-14086 |
high |
7.5 |
8.5 |
EXP |
|
trendmicro |
9y ago |
Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executabl… |
| CVE-2017-14084 |
high |
8.1 |
9.1 |
EXP |
|
trendmicro |
9y ago |
A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations. |
| CVE-2017-14083 |
high |
7.5 |
8.5 |
EXP |
|
trendmicro |
9y ago |
A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote unauthenticated users who can access the system to download the OfficeScan encryption file. |
| CVE-2017-11392 |
high |
8.8 |
9.8 |
EXP |
|
trendmicro |
9y ago |
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw… |
| CVE-2017-11391 |
high |
8.8 |
9.8 |
EXP |
|
trendmicro |
9y ago |
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw… |
| CVE-2017-6398 |
high |
8.8 |
9.8 |
EXP |
|
trendmicro |
9y ago |
An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is … |
| CVE-2016-9315 |
high |
8.8 |
9.8 |
EXP |
|
trendmicro |
9y ago |
Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earli… |
| CVE-2016-9314 |
high |
7.8 |
8.8 |
EXP |
|
trendmicro |
9y ago |
Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authent… |
| CVE-2016-6267 |
high |
8.8 |
9.8 |
EXP |
|
trendmicro |
10y ago |
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell meta… |
| CVE-2014-9641 |
high |
— |
8.2 |
EXP |
|
trendmicro |
12y ago |
The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privile… |
