CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0CVE-2023-52337 – Trend Micro Deep Security Improper Access Control Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-52337
19 Jan 2024 — An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de control de acceso inadecuado en Trend Micro Deep Security 20.0 y Trend Micro Cloud One - Endpoint and Workload Security Agen... • https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US •
CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0CVE-2023-52338 – Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2023-52338
19 Jan 2024 — A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de link following en Trend Micro Deep Security 20.0 y Trend Micro Cloud One - Endpoint and Workload Security Agent podría permitir a ... • https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 4.4EPSS: 0%CPEs: 37EXPL: 0CVE-2022-40707 – Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-40707
23 Sep 2022 — An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40708. Una vulnerabilidad de lectura fuera de límites en Trend Micro Deep Security 20 y ... • https://success.trendmicro.com/solution/000291590 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 37EXPL: 0CVE-2022-40708 – Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-40708
23 Sep 2022 — An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707. Una vulnerabilidad de lectura fuera de límites en Trend Micro Deep Security 20 y ... • https://success.trendmicro.com/solution/000291590 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 37EXPL: 0CVE-2022-40709 – Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-40709
23 Sep 2022 — An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707 and 40708. Una vulnerabilidad de lectura fuera de límites en Trend Micro Deep Secu... • https://success.trendmicro.com/solution/000291590 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 37EXPL: 0CVE-2022-40710 – Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-40710
23 Sep 2022 — A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de seguimiento de enlaces en Trend Micro Deep Security 20 y Cloud One - Workload Security Agent para Windows podría permitir a un atacante local escalar... • https://success.trendmicro.com/solution/000291590 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 39EXPL: 0CVE-2021-25252
https://notcve.org/view.php?id=CVE-2021-25252
03 Mar 2021 — Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file. La API Virus Scan (VSAPI) y el Advanced Threat Scan Engine (ATSE) de Trend Micro, son susceptibles a una vulnerabilidad de agotamiento de la memoria que puede conllevar a una denegación de servicio o a un congelamiento del sistema si es explotada por un atacante usando ... • https://success.trendmicro.com/solution/000285675 • CWE-400: Uncontrolled Resource Consumption •