Home/Product/trendmicro apex one
Product

trendmicro apex one

164 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-54987
all versions
A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload
9.4CRITICAL
 CVE-2025-54948
all versions
A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload
9.4CRITICAL
 CVE-2025-49158
>= 14.0.0.12994 and < 14.0.0.14002
An uncontrolled search path vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalation pr
6.7MEDIUM
 CVE-2025-49157
>= 14.0.0.12994 and < 14.0.0.14002
A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privil
7.8HIGH
 CVE-2025-49156
>= 14.0.0.12994 and < 14.0.0.14002
A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalation privileges on af
7.0HIGH
 CVE-2025-49155
>= 14.0.0.12994 and < 14.0.0.14002
An uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module could allow an attacker to injec
8.8HIGH
 CVE-2025-49154
>= 14.0.0.12994 and < 14.0.0.14002
An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local
8.7HIGH
 CVE-2024-58105
< 2019.13140
A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass
7.3HIGH
 CVE-2024-58104
< 2019.13140
A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass
7.3HIGH
 CVE-2024-55917
< 2019.13140
An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected i
7.8HIGH
 CVE-2024-55632
< 2019.13140
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affec
7.8HIGH
 CVE-2024-55631
< 2019.13140
An engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected ins
7.8HIGH
 CVE-2024-52050
< 2019.13140
A LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on a
7.8HIGH
 CVE-2024-52049
< 2019.13140
A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected i
7.8HIGH
 CVE-2024-52048
< 2019.13140
A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected i
7.8HIGH
 CVE-2024-52047
< 14.0.13139
A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on aff
7.5HIGH
 CVE-2024-39753
< 14.0.13139
An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected
7.5HIGH
 CVE-2024-37289
>= 14.0 and < 14.0.0.12980
An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected i
7.8HIGH
 CVE-2024-36307
<= 14.0.13139
A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to di
4.7MEDIUM
 CVE-2024-36306
>= 14.0 and < 14.0.0.12980
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local att
6.1MEDIUM
 CVE-2024-36305
>= 14.0 and < 14.0.0.12980
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affec
7.8HIGH
 CVE-2024-36304
< 14.0.13139
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker
7.8HIGH
 CVE-2024-36303
>= 14.0 and < 14.0.13139
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges
7.8HIGH
 CVE-2024-36302
< 14.0.13139
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges
7.8HIGH
 CVE-2023-52330
< 14.0.12849
A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to execute arbitrary code on affect
6.1MEDIUM
 CVE-2023-52094
< 14.0.12849
An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to del
7.8HIGH
 CVE-2023-52093
< 14.0.12849
An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges
7.8HIGH
 CVE-2023-52092
< 14.0.12849
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affec
7.8HIGH
 CVE-2023-52091
< 14.0.12849
An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on
7.8HIGH
 CVE-2023-52090
< 14.0.12849
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affec
7.8HIGH
 CVE-2023-47202
< 14.0.12737
A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local attacker to escalate privil
7.8HIGH
 CVE-2023-47201
< 14.0.12737
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escal
7.8HIGH
 CVE-2023-47200
< 14.0.12737
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escal
7.8HIGH
 CVE-2023-47199
< 14.0.12737
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges
7.8HIGH
 CVE-2023-47198
< 14.0.12737
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges
7.8HIGH
 CVE-2023-47197
< 14.0.12737
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges
7.8HIGH
 CVE-2023-47196
< 14.0.12737
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges
7.8HIGH
 CVE-2023-47195
< 14.0.12737
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges
7.8HIGH
 CVE-2023-47194
< 14.0.12737
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges
7.8HIGH
 CVE-2023-47193
< 14.0.12737
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges
7.8HIGH
 CVE-2023-47192
< 14.0.12737
An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affe
7.8HIGH
 CVE-2023-41179
all versions
A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business S
7.2HIGH
 CVE-2023-34148
< 14.0.12518
An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a loc
7.8HIGH
 CVE-2023-34147
< 14.0.12518
An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a loc
7.8HIGH
 CVE-2023-34146
< 14.0.12518
An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a loc
7.8HIGH
 CVE-2023-34145
< 14.0.12518
An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local at
7.8HIGH
 CVE-2023-34144
< 14.0.12518
An untrusted search path vulnerability in the Trend Micro Apex One and Apex One as a Service security agent could allow a local at
7.8HIGH
 CVE-2023-32557
< 14.0.12105
A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to up
9.8CRITICAL
 CVE-2023-32556
< 14.0.12105
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclos
5.5MEDIUM
 CVE-2023-32555
< 14.0.12105
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker
7.0HIGH
 CVE-2023-32554
< 14.0.12105
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker
7.0HIGH
 CVE-2023-32553
< 14.0.12105
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user und
5.3MEDIUM
 CVE-2023-32552
< 14.0.12105
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user und
5.3MEDIUM
 CVE-2023-30902
< 14.0.12105
A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to u
5.5MEDIUM
 CVE-2023-25148
< 14.0.11960
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to exploit the vulnerability by
7.8HIGH
 CVE-2023-25147
< 14.0.11960
An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other mea
6.7MEDIUM
 CVE-2023-25146
< 14.0.11960
A security agent link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to quarantine a file,
7.8HIGH
 CVE-2023-25145
< 14.0.11960
A link following vulnerability in the scanning function of Trend Micro Apex One agent could allow a local attacker to escalate pri
7.8HIGH
 CVE-2023-25144
< 14.0.11960
An improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privilege
7.8HIGH
 CVE-2023-25143
< 14.0.11960
An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve
9.8CRITICAL
 CVE-2023-0587
all versions
A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HT
9.1CRITICAL
 CVE-2022-45798
all versions
A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Servic
7.8HIGH
 CVE-2022-44654
< 14.0.11789
Affected builds of Trend Micro Apex One and Apex One as a Service contain a monitor engine component that is complied without the
7.5HIGH
 CVE-2022-44653
< 14.0.11789
A security agent directory traversal vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker
7.8HIGH
 CVE-2022-44652
< 14.0.11789
An improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local
7.8HIGH
 CVE-2022-44651
< 14.0.11789
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker
7.0HIGH
 CVE-2022-44650
< 14.0.11789
A memory corruption vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service
7.8HIGH
 CVE-2022-44649
< 14.0.11789
An out-of-bounds access vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Serv
7.8HIGH
 CVE-2022-44648
< 14.0.11789
An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sen
5.5MEDIUM
 CVE-2022-44647
< 14.0.11789
An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sen
5.5MEDIUM
 CVE-2022-45797
all versions
An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One a
7.1HIGH
 CVE-2022-41749
all versions
An origin validation error vulnerability in Trend Micro Apex One agents could allow a local attacker to escalate privileges on aff
7.8HIGH
 CVE-2022-41748
all versions
A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP) module could allow a local attacker wi
6.7MEDIUM
 CVE-2022-41747
all versions
An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file
7.8HIGH
 CVE-2022-41746
all versions
A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to the Apex One console on affected in
9.1CRITICAL
 CVE-2022-41745
all versions
An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message t
7.0HIGH
 CVE-2022-41744
all versions
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection integrated component could allow a
7.0HIGH
 CVE-2022-40144
all versions
A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service could allow an attacker to bypass the product's logi
9.8CRITICAL
 CVE-2022-40143
all versions
A link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service servers co
7.3HIGH
 CVE-2022-40142
all versions
A security link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service a
7.8HIGH
 CVE-2022-40141
all versions
A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to intercept and decode certain communic
7.5HIGH
 CVE-2022-40140
all versions
An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to cause a
5.5MEDIUM
 CVE-2022-40139
all versions
Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Servic
7.2HIGH
 CVE-2022-36336
all versions
A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allo
7.8HIGH
 CVE-2022-30701
< 14.0.10349
An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker t
7.8HIGH
 CVE-2022-30700
< 14.0.10349
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to
7.8HIGH
 CVE-2022-26871
all versions
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arb
9.8CRITICAL
 CVE-2022-24680
all versions
A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Tre
7.8HIGH
 CVE-2022-24679
all versions
A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Tre
7.8HIGH
 CVE-2022-24678
all versions
An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service,
7.5HIGH
 CVE-2021-45442
all versions
A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local at
7.1HIGH
 CVE-2021-45441
all versions
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulat
7.8HIGH
 CVE-2021-45440
all versions
A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versi
7.8HIGH
 CVE-2021-45231
all versions
A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business
7.8HIGH
 CVE-2021-44024
all versions
A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Se
7.1HIGH
 CVE-2021-44022
all versions
A reachable assertion vulnerability in Trend Micro Apex One could allow an attacker to crash the program on affected installations
5.5MEDIUM
 CVE-2021-42108
all versions
Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Se
7.8HIGH
 CVE-2021-42107
all versions
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Wo
7.8HIGH
 CVE-2021-42106
all versions
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Wo
7.8HIGH
 CVE-2021-42105
all versions
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Wo
7.8HIGH
 CVE-2021-42104
all versions
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Wo
7.8HIGH
 CVE-2021-42103
all versions
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker
7.8HIGH
 CVE-2021-42102
all versions
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local a
7.8HIGH
 CVE-2021-42101
all versions
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker
7.8HIGH
 CVE-2021-42012
all versions
A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 S
7.8HIGH
 CVE-2021-42011
all versions
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to
7.8HIGH
 CVE-2021-23139
all versions
A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash th
7.5HIGH
 CVE-2021-3848
all versions
An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Busine
5.5MEDIUM
 CVE-2021-32465
all versions
An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allo
8.8HIGH
 CVE-2021-32464
all versions
An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Fre
7.8HIGH
 CVE-2021-36742
all versions
A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Se
7.8HIGH
 CVE-2021-36741
all versions
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business
8.8HIGH
 CVE-2021-32463
all versions
An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Fr
7.8HIGH
 CVE-2021-28646
all versions
An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a loca
5.5MEDIUM
 CVE-2021-28645
all versions
An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow
7.8HIGH
 CVE-2021-25253
all versions
An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a res
7.8HIGH
 CVE-2021-25250
all versions
An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sen
7.8HIGH
 CVE-2021-25252
all versions
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability
5.5MEDIUM
 CVE-2021-25249
all versions
An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Wor
7.8HIGH
 CVE-2021-25248
all versions
An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worr
5.5MEDIUM
 CVE-2021-25246
all versions
An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1,
6.5MEDIUM
 CVE-2021-25243
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Se
5.3MEDIUM
 CVE-2021-25242
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Se
5.3MEDIUM
 CVE-2021-25241
all versions
A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security
5.3MEDIUM
 CVE-2021-25240
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Se
5.3MEDIUM
 CVE-2021-25239
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem), OfficeScan XG SP1, and Worry-Free Business Security 10
5.3MEDIUM
 CVE-2021-25237
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an unauthenticated user to obtain informati
5.3MEDIUM
 CVE-2021-25235
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthent
5.3MEDIUM
 CVE-2021-25234
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Se
5.3MEDIUM
 CVE-2021-25233
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Se
5.3MEDIUM
 CVE-2021-25232
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthent
5.3MEDIUM
 CVE-2021-25231
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Se
5.3MEDIUM
 CVE-2021-25230
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthent
5.3MEDIUM
 CVE-2021-25229
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthent
5.3MEDIUM
 CVE-2021-25228
all versions
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Se
5.3MEDIUM
 CVE-2020-28583
all versions
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unaut
5.3MEDIUM
 CVE-2020-28582
all versions
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unaut
5.3MEDIUM
 CVE-2020-28577
all versions
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unaut
5.3MEDIUM
 CVE-2020-28576
all versions
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unaut
5.3MEDIUM
 CVE-2020-28573
all versions
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unaut
5.3MEDIUM
 CVE-2020-28572
all versions
A vulnerability in Trend Micro Apex One could allow an unprivileged user to abuse the product installer to reinstall the agent wit
7.8HIGH
 CVE-2020-25774
all versions
A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to trigger an out-of-bounds red
4.3MEDIUM
 CVE-2020-25773
all versions
A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on aff
7.8HIGH
 CVE-2020-25772
all versions
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensit
5.5MEDIUM
 CVE-2020-25771
all versions
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensit
5.5MEDIUM
 CVE-2020-25770
all versions
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensit
5.5MEDIUM
 CVE-2020-24565
all versions
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensit
5.5MEDIUM
 CVE-2020-24564
all versions
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensit
5.5MEDIUM
 CVE-2020-24563
all versions
A vulnerability in Trend Micro Apex One may allow a local attacker to manipulate the process of the security agent unload option (
7.8HIGH
 CVE-2020-24559
all versions
A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS
7.8HIGH
 CVE-2020-24558
all versions
A vulnerability in an Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services dll ma
7.1HIGH
 CVE-2020-24557
all versions
A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to ma
7.8HIGH
 CVE-2020-24556
all versions
A vulnerability in Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1 and Worry-Free Business Security S
7.8HIGH
 CVE-2020-8607
all versions
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit prot
6.7MEDIUM
 CVE-2020-8599
all versions
Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arb
9.8CRITICAL
 CVE-2020-8598
all versions
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service
9.8CRITICAL
 CVE-2020-8470
all versions
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service
7.5HIGH
 CVE-2020-8468
all versions
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content vali
8.8HIGH
 CVE-2020-8467
all versions
A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote atta
8.8HIGH
 CVE-2019-19692
all versions
Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japane
6.1MEDIUM
 CVE-2019-19691
all versions
A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulatin
4.9MEDIUM
 CVE-2019-18189
all versions
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) ma
9.8CRITICAL
 CVE-2019-18188
all versions
Trend Micro Apex One could be exploited by an attacker utilizing a command injection vulnerability to extract files from an arbitr
7.5HIGH
 CVE-2019-9489
<= b1066
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (
7.5HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin