CVSS: 10.0EPSS: 18%CPEs: 5EXPL: 0CVE-2021-36745 – Trend Micro ServerProtect Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-36745
26 Sep 2021 — A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations. Una vulnerabilidad en Trend Micro ServerProtect for Storage versión 6.0, ServerProtect for EMC Celerra versión 5.8, ServerProtect for Network Appliance Filers versión 5.8 y ServerProtect for Microsoft Windows / Novell Netwar... • https://success.trendmicro.com/jp/solution/000289030 • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 7.2EPSS: 0%CPEs: 25EXPL: 0CVE-2020-8607
https://notcve.org/view.php?id=CVE-2020-8607
05 Aug 2020 — An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.... • https://jvn.jp/en/vu/JVNVU99160193/index.html • CWE-20: Improper Input Validation •
CVSS: 7.0EPSS: 0%CPEs: 12EXPL: 0CVE-2019-14688
https://notcve.org/view.php?id=CVE-2019-14688
20 Feb 2020 — Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run. Trend Micro ha reempaquetado instaladores para varios... • https://success.trendmicro.com/solution/1123562 • CWE-427: Uncontrolled Search Path Element •
CVSS: 10.0EPSS: 15%CPEs: 2EXPL: 0CVE-2006-5268
https://notcve.org/view.php?id=CVE-2006-5268
17 Nov 2008 — Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining "administrative access to the RPC interface." Vulnerabilidad no especificada en Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar código de su elección a través de vectores relacionados para obtener "acceso administrativo a la interface RPC". • http://blogs.iss.net/archive/trend.html • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 21%CPEs: 2EXPL: 0CVE-2006-5269
https://notcve.org/view.php?id=CVE-2006-5269
17 Nov 2008 — Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface. Desbordamiento de búfer en la memoria libre para la reserva dinámica (heap) en un procedimiento no especificado de Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos, probablemente relacionados con una interfaz RPC. • http://blogs.iss.net/archive/trend.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 25%CPEs: 2EXPL: 0CVE-2007-0072
https://notcve.org/view.php?id=CVE-2007-0072
17 Nov 2008 — Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC. Desbordamiento de búfer basado en montículo en un procedimiento no especificado en Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar código de su elección mediante vectores desconocidos, posiblemente relacionados con una operación de lectura sobre RPC. • http://blogs.iss.net/archive/trend.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 25%CPEs: 2EXPL: 0CVE-2007-0073
https://notcve.org/view.php?id=CVE-2007-0073
17 Nov 2008 — Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a file read operation over RPC. Desbordamiento de búfer en memoria libre para la reserva dinámica (heap) en un procedimiento no especificado de Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos, posiblemente relacionados con una operación de lectur... • http://blogs.iss.net/archive/trend.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 25%CPEs: 2EXPL: 0CVE-2007-0074
https://notcve.org/view.php?id=CVE-2007-0074
17 Nov 2008 — Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC. Desbordamiento de búfer en un procedimiento no especificado en Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar código de su elección mediante vectores desconocidos, posiblemente relacionados con una operación de lectura de carpeta sobre RPC. • http://blogs.iss.net/archive/trend.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 12%CPEs: 2EXPL: 0CVE-2008-0012
https://notcve.org/view.php?id=CVE-2008-0012
17 Nov 2008 — Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0013 and CVE-2008-0014. Desbordamiento de búfer en la memoria libre para la reserva dinámica (heap) en un procedimiento desconocido de Trend Micro ServerProtect 5.7 y 5.58 permite a atacantes remotos ejecutar código arbitrario a través de vectores descono... • http://blogs.iss.net/archive/trend.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 12%CPEs: 2EXPL: 0CVE-2008-0013
https://notcve.org/view.php?id=CVE-2008-0013
17 Nov 2008 — Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0014. Desbordamiento del búfer basado en montículo en un procedimiento no especificado en Trend Micro ServerProtect v5.7 y v5.58 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos, posiblemente r... • http://blogs.iss.net/archive/trend.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •