Search

Found 8 results in 326ms · Match type: Filtered list

CVE	Severity	CVSS	Risk	Flags	Vendor	Published	Description
CVE-2017-14085	medium	5.3	6.3	EXP	trendmicro	9y ago	Information disclosure vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to query the network's NT domain or the PHP version a…
CVE-2017-7896	medium	6.1	7.1	EXP	trendmicro	9y ago	Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 before CP 1644 has XSS.
CVE-2017-6340	medium	5.4	6.4	EXP	trendmicro	9y ago	Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 does not sanitize a rest/commonlog/report/template name field, which allows a 'Reports Only' user to inject malicious J…
CVE-2017-6339	medium	6.5	7.5	EXP	trendmicro	9y ago	Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 mismanages certain key and certificate data. Per IWSVA documentation, by default, IWSVA acts as a private Certificate A…
CVE-2017-6338	medium	6.5	7.5	EXP	trendmicro	9y ago	Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 allow an authenticated, remote user with low privileges like 'Reports Only' or 'Audit…
CVE-2016-9316	medium	5.4	6.4	EXP	trendmicro	9y ago	Multiple stored Cross-Site-Scripting (XSS) vulnerabilities in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Bu…
CVE-2012-2996	medium	—	7.8	EXP	trendmicro	14y ago	Cross-site request forgery (CSRF) vulnerability in saveAccountSubTab.imss in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allows remote attackers to hijack the authentication o…
CVE-2012-2995	medium	—	5.3	EXP	trendmicro	14y ago	Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro InterScan Messaging Security Suite 7.1-Build_Win32_1394 allow remote attackers to inject arbitrary web script or HTML via (1) the wr…