CVE-2025-69260

all versions

A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service

7.5HIGH

CVE-2025-69259

all versions

A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-o

7.5HIGH

CVE-2025-69258

all versions

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-contr

9.8CRITICAL

CVE-2025-30680

< 2025-03-01

A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) could allow an attacker to manipulate certai

7.1HIGH

CVE-2025-30679

all versions

A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modOSCE component could allow an attac

6.5MEDIUM

CVE-2025-30678

all versions

A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modTMSM component could allow an attac

6.5MEDIUM

CVE-2025-49220

all versions

An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote

9.8CRITICAL

CVE-2025-49219

all versions

An insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could lead to a pre-authentication remot

9.8CRITICAL

CVE-2025-47867

all versions

A Local File Inclusion vulnerability in a Trend Micro Apex Central widget in versions below 8.0.6955 could allow an attacker to in

7.5HIGH

CVE-2025-47866

all versions

An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to u

4.3MEDIUM

CVE-2025-47865

all versions

A Local File Inclusion vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to gain r

7.5HIGH

CVE-2023-52331

all versions

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to inter

7.1HIGH

CVE-2023-52329

all versions

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may a

6.1MEDIUM

CVE-2023-52328

all versions

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may a

6.1MEDIUM

CVE-2023-52327

all versions

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may a

6.1MEDIUM

CVE-2023-52326

all versions

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may a

6.1MEDIUM

CVE-2023-52325

all versions

A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitra

7.5HIGH

CVE-2023-52324

all versions

An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on a

8.8HIGH

CVE-2023-38627

all versions

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) cou

5.4MEDIUM

CVE-2023-38626

all versions

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) cou

5.4MEDIUM

CVE-2023-38625

all versions

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) cou

5.4MEDIUM

CVE-2023-38624

all versions

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) cou

5.4MEDIUM

CVE-2023-32605

all versions

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (

5.4MEDIUM

CVE-2023-32604

all versions

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (

5.4MEDIUM

CVE-2023-32537

all versions

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (

5.4MEDIUM

CVE-2023-32536

all versions

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (

5.4MEDIUM

CVE-2023-32535

all versions

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may a

6.1MEDIUM

CVE-2023-32534

all versions

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may a

6.1MEDIUM

CVE-2023-32533

all versions

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may a

6.1MEDIUM

CVE-2023-32532

all versions

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may a

6.1MEDIUM

CVE-2023-32531

all versions

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may a

6.1MEDIUM

CVE-2023-32530

all versions

Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perfo

8.8HIGH

CVE-2023-32529

all versions

Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perfo

8.8HIGH

CVE-2022-26871

all versions

An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arb

9.8CRITICAL

CVE-2021-25252

all versions

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability

5.5MEDIUM