| CVE-2026-45208 |
high |
7.8 |
7.8 |
|
|
trendmicro |
14d ago |
A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the abil… |
| CVE-2026-45207 |
high |
7.8 |
7.8 |
|
|
trendmicro |
14d ago |
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different… |
| CVE-2026-45206 |
high |
7.8 |
7.8 |
|
|
trendmicro |
14d ago |
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45207 but exists in a different… |
| CVE-2026-34930 |
high |
7.8 |
7.8 |
|
|
trendmicro |
14d ago |
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different… |
| CVE-2026-34929 |
high |
7.8 |
7.8 |
|
|
trendmicro |
14d ago |
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different… |
| CVE-2026-34928 |
high |
7.8 |
7.8 |
|
|
trendmicro |
14d ago |
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different… |
| CVE-2026-34927 |
high |
7.8 |
7.8 |
|
|
trendmicro |
14d ago |
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to … |
| CVE-2025-71213 |
high |
7.8 |
7.8 |
|
|
trendmicro |
14d ago |
An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the abili… |
| CVE-2025-71212 |
high |
7.8 |
7.8 |
|
|
trendmicro |
14d ago |
A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the… |
| CVE-2025-71211 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
14d ago |
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in … |
| CVE-2025-71210 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
14d ago |
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations.
Please note: although this vul… |
| CVE-2017-14092 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-c… |
| CVE-2017-14091 |
high |
7.5 |
7.5 |
|
|
trendmicro |
9y ago |
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific installations that utilize a uncommon feature - Other Update Sources - could be exploited to overwrite sensi… |
| CVE-2017-14090 |
critical |
9.1 |
9.1 |
|
|
trendmicro |
9y ago |
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to the update servers are not encrypted. |
| CVE-2017-11397 |
high |
7.8 |
7.8 |
|
|
trendmicro |
9y ago |
A service DLL preloading vulnerability in Trend Micro Encryption for Email versions 5.6 and below could allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system. |
| CVE-2017-14089 |
critical |
9.8 |
10.0 |
EXP |
|
trendmicro |
9y ago |
An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and ca… |
| CVE-2017-14088 |
high |
7.0 |
7.0 |
|
|
trendmicro |
9y ago |
Memory Corruption Privilege Escalation vulnerabilities in Trend Micro OfficeScan 11.0 and XG allows local attackers to execute arbitrary code and escalate privileges to resources normally reserved fo… |
| CVE-2017-14087 |
high |
7.5 |
8.5 |
EXP |
|
trendmicro |
9y ago |
A Host Header Injection vulnerability in Trend Micro OfficeScan XG (12.0) may allow an attacker to spoof a particular Host header, allowing the attacker to render arbitrary links that point to a mali… |
| CVE-2017-14086 |
high |
7.5 |
8.5 |
EXP |
|
trendmicro |
9y ago |
Pre-authorization Start Remote Process vulnerabilities in Trend Micro OfficeScan 11.0 and XG may allow unauthenticated users who can access the OfficeScan server to start the fcgiOfcDDA.exe executabl… |
| CVE-2017-14084 |
high |
8.1 |
9.1 |
EXP |
|
trendmicro |
9y ago |
A potential Man-in-the-Middle (MitM) attack vulnerability in Trend Micro OfficeScan 11.0 and XG may allow attackers to execute arbitrary code on vulnerable installations. |
| CVE-2017-14083 |
high |
7.5 |
8.5 |
EXP |
|
trendmicro |
9y ago |
A vulnerability in Trend Micro OfficeScan 11.0 and XG allows remote unauthenticated users who can access the system to download the OfficeScan encryption file. |
| CVE-2017-14081 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. |
| CVE-2017-14080 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
Authentication bypass vulnerability in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allows attackers to access a specific part of the console using a blank password. |
| CVE-2017-14079 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. |
| CVE-2017-14078 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
SQL Injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. |
| CVE-2017-11396 |
high |
7.2 |
7.2 |
|
|
trendmicro |
9y ago |
Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the … |
| CVE-2017-11395 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
Command injection vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 server administration UI allows attackers with authenticated access to execute arbitrary code on vulner… |
| CVE-2016-6220 |
high |
7.5 |
7.5 |
|
|
trendmicro |
9y ago |
Information Disclosure vulnerability in the Dashboard and Error Pages in Trend Micro Control Manager SP3 6.0. |
| CVE-2017-11394 |
critical |
9.8 |
10.0 |
EXP |
|
trendmicro |
9y ago |
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by par… |
| CVE-2017-11393 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by par… |
| CVE-2017-11392 |
high |
8.8 |
9.8 |
EXP |
|
trendmicro |
9y ago |
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw… |
| CVE-2017-11391 |
high |
8.8 |
9.8 |
EXP |
|
trendmicro |
9y ago |
Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw… |
| CVE-2017-11382 |
high |
7.5 |
7.5 |
|
|
trendmicro |
9y ago |
Denial of Service vulnerability in Trend Micro Deep Discovery Email Inspector 2.5.1 allows remote attackers to delete arbitrary files on vulnerable installations, thus disabling the service. Formerly… |
| CVE-2017-11390 |
high |
7.5 |
7.5 |
|
|
trendmicro |
9y ago |
XML external entity (XXE) processing vulnerability in Trend Micro Control Manager 6.0, if exploited, could lead to information disclosure. Formerly ZDI-CAN-4706. |
| CVE-2017-11389 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution by attackers able to drop arbitrary files in a web-facing directory. Formerly ZDI-CAN-4684. |
| CVE-2017-11388 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. Forme… |
| CVE-2017-11387 |
high |
7.5 |
7.5 |
|
|
trendmicro |
9y ago |
Authentication Bypass in Trend Micro Control Manager 6.0 causes Information Disclosure when authentication validation is not done for functionality that can change debug logging level. Formerly ZDI-C… |
| CVE-2017-11386 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZD… |
| CVE-2017-11385 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN… |
| CVE-2017-11384 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHandlerLicenseManager.dll. Formerly ZDI-CAN… |
| CVE-2017-11383 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHandlerTVCSCommander.dll. Formerly ZDI-CAN… |
| CVE-2017-11381 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows an attacker to restore accounts that can access the pre-configuration console. |
| CVE-2017-11380 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
Backup archives were found to be encrypted with a static password across different installations, which suggest the same password may be used in all virtual appliance instances of Trend Micro Deep Di… |
| CVE-2017-11379 |
high |
7.5 |
7.5 |
|
|
trendmicro |
9y ago |
Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1. |
| CVE-2017-9036 |
high |
7.8 |
7.8 |
|
|
trendmicro |
9y ago |
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory. |
| CVE-2017-9035 |
high |
7.4 |
7.4 |
|
|
trendmicro |
9y ago |
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to eavesdrop and tamper with updates by leveraging unencrypted communications with update servers. |
| CVE-2017-9034 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code with root privileges by leveraging failure to validate soft… |
| CVE-2017-9033 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
Cross-site request forgery (CSRF) vulnerability in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows remote attackers to hijack the authentication of users for requests to start an update… |
| CVE-2017-5481 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated users to gain privileges by leveraging a leak of an encrypted password during a web-console operation. |
| CVE-2016-8593 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
Directory traversal vulnerability in upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via a .. (dot dot) in the … |
| CVE-2016-8592 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
log_query_system.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cach… |
| CVE-2016-8591 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
log_query.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_id pa… |
| CVE-2016-8590 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
log_query_dlp.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_i… |
| CVE-2016-8589 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
log_query_dae.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the cache_i… |
| CVE-2016-8588 |
high |
7.3 |
7.3 |
|
|
trendmicro |
9y ago |
The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the file name of an uplo… |
| CVE-2016-8587 |
high |
7.3 |
7.3 |
|
|
trendmicro |
9y ago |
dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn… |
| CVE-2016-8586 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
detected_potential_files.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in … |
| CVE-2016-8585 |
high |
8.8 |
8.8 |
|
|
trendmicro |
9y ago |
admin_sys_time.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code as the root user via shell metacharacters in the timezo… |
| CVE-2016-8584 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
9y ago |
Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value. |
| CVE-2016-7552 |
critical |
9.8 |
10.0 |
EXP |
|
trendmicro |
9y ago |
On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root. This can… |
| CVE-2016-7547 |
critical |
9.8 |
10.0 |
EXP |
|
trendmicro |
9y ago |
A command execution flaw on the Trend Micro Threat Discovery Appliance 2.6.1062r1 exists with the timezone parameter in the admin_sys_time.cgi interface. |
| CVE-2017-6398 |
high |
8.8 |
9.8 |
EXP |
|
trendmicro |
9y ago |
An issue was discovered in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is … |
| CVE-2017-6798 |
high |
7.8 |
7.8 |
|
|
trendmicro |
9y ago |
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208. |
| CVE-2016-9315 |
high |
8.8 |
9.8 |
EXP |
|
trendmicro |
9y ago |
Privilege Escalation Vulnerability in com.trend.iwss.gui.servlet.updateaccountadministration in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earli… |
| CVE-2016-9314 |
high |
7.8 |
8.8 |
EXP |
|
trendmicro |
9y ago |
Sensitive Information Disclosure in com.trend.iwss.gui.servlet.ConfigBackup in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authent… |
| CVE-2016-9269 |
critical |
9.9 |
10.0 |
EXP |
|
trendmicro |
9y ago |
Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated,… |
| CVE-2016-6270 |
high |
8.8 |
8.8 |
|
|
trendmicro |
10y ago |
The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infrastructure before 5.1 allows remote authenticated users to execute arbitrar… |
| CVE-2016-6269 |
critical |
9.1 |
9.1 |
|
|
trendmicro |
10y ago |
Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allow remote attackers to read and delete a… |
| CVE-2016-6268 |
high |
7.8 |
7.8 |
|
|
trendmicro |
10y ago |
Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan hors… |
| CVE-2016-6267 |
high |
8.8 |
9.8 |
EXP |
|
trendmicro |
10y ago |
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell meta… |
| CVE-2016-6266 |
high |
8.8 |
8.8 |
|
|
trendmicro |
10y ago |
ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via… |
| CVE-2016-4351 |
critical |
9.8 |
9.8 |
|
|
trendmicro |
10y ago |
SQL injection vulnerability in the authentication functionality in Trend Micro Email Encryption Gateway (TMEEG) 5.5 before build 1107 allows remote attackers to execute arbitrary SQL commands via uns… |
| CVE-2016-3987 |
critical |
9.8 |
10.0 |
EXP |
|
trendmicro |
10y ago |
The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB. |
| CVE-2014-9641 |
high |
— |
8.2 |
EXP |
|
trendmicro |
12y ago |
The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privile… |
| CVE-2011-1327 |
low |
— |
2.1 |
|
|
trendmicro |
15y ago |
The Keystroke Encryption feature in Trend Micro Internet Security 2009 (aka Virus Buster 2009 and PC-cillin 2009) does not completely encrypt passwords, which allows local users to obtain sensitive i… |
| CVE-2010-3189 |
critical |
— |
10.0 |
EXP |
|
trendmicro |
16y ago |
The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address th… |
