CVSS: 4.4EPSS: 0%CPEs: 37EXPL: 0CVE-2022-40709 – Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-40709
23 Sep 2022 — An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708. Una vulnerabilidad de lectura fuera de límites en Trend Micro Deep Secu... • https://success.trendmicro.com/solution/000291590 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 37EXPL: 0CVE-2022-40710 – Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-40710
23 Sep 2022 — A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de seguimiento de enlaces en Trend Micro Deep Security 20 y Cloud One - Workload Security Agent para Windows podría permitir a un atacante local escalar... • https://success.trendmicro.com/solution/000291590 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-40980
https://notcve.org/view.php?id=CVE-2022-40980
19 Sep 2022 — A potential unathenticated file deletion vulnerabilty on Trend Micro Mobile Security for Enterprise 9.8 SP5 could allow an attacker with access to the Management Server to delete files. This issue was resolved in 9.8 SP5 Critical Patch 2. Una posible vulnerabilidad de eliminación de archivos sin autenticación en Trend Micro Mobile Security for Enterprise versión 9.8 SP5, podría permitir a un atacante con acceso al servidor de administración eliminar archivos. Este problema ha sido resuelto en versión 9.8 SP... • https://files.trendmicro.com/documentation/readme/tmms_sp5_cp2/tmms-ee_9.8_sp5_patch2_readme_server.txt •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-37347 – Trend Micro Maximum Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-37347
31 Aug 2022 — Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the same as CVE-2022-35234. Trend Micro Security versiones 2021 y 2022 (Consumer) es susceptible a una Vulnerabilidad de Divulgación de Información de Lectura Fuera de Límites que podría permitir a un atacante leer info... • https://helpcenter.trendmicro.com/en-us/article/tmka-11058 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-37348 – Trend Micro Maximum Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-37348
31 Aug 2022 — Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the same as CVE-2022-37347. Trend Micro Security versiones 2021 y 2022 (Consumer) es vulnerable a una Vulnerabilidad de Divulgación de Información de Lectura Fuera de Límites que podría permitir a un atacante leer infor... • https://helpcenter.trendmicro.com/en-us/article/tmka-11058 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34893 – Trend Micro Maximum Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-34893
31 Aug 2022 — Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which could lead to escalation of privilege on an affected machine. Trend Micro Security versión 2022 (consumer), presenta una vulnerabilidad de tipo link following en la que un atacante con bajos privilegios podría manipular un punto de montaje que podría conllevar a una escalada de privilegios en una máquina afectada This vulnerability allows local attackers to esca... • https://helpcenter.trendmicro.com/en-us/article/tmka-11053 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-36336 – Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-36336
28 Jul 2022 — A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate to customers in an updated Spyware pattern. Customers who are up-to-date on detection patterns are not required to take any additional steps to mitigate this issue. Una vulnerabilidad de seguimiento de enlaces en la función scanning d... • https://success.trendmicro.com/solution/000291267 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-35234 – Trend Micro Maximum Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-35234
11 Jul 2022 — Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. Trend Micro Security versiones 2021 y 2022 (Consumer), es susceptible a una vulnerabilidad de divulgación de información de lectura fuera de límites que podría permitir a un atacante leer información confidencial de otras ubicaciones de memoria y causar un bloq... • https://helpcenter.trendmicro.com/en-us/article/tmka-11058 • CWE-125: Out-of-bounds Read •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30702 – Trend Micro Internet Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-30702
27 May 2022 — Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to disclose sensitive information on an affected machine. Trend Micro Security versiones 2022 y 2021 (Consumer) es susceptible a una vulnerabilidad de divulgación de información de lectura fuera de límites que podría permitir a un atacante revelar información confidencial en un equipo afectado This vulnerability allows local attackers to disclose sensitive in... • https://helpcenter.trendmicro.com/en-us/article/tmka-11022 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-30703 – Trend Micro Internet Security Exposed Dangerous Method Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-30703
27 May 2022 — Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This vulnerability could also potentially be chained for privilege escalation. Trend Micro Security versiones 2021 y 2022 (Consumer) es susceptible a una vulnerabilidad de método peligroso expuesto que podría permitir a un atacante obtener acceso a direcciones del kernel filtradas y revelar inform... • https://helpcenter.trendmicro.com/en-us/article/tmka-11021 •