Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-37348 | 2 Microsoft, Trendmicro | 2 Windows, Security | 2022-09-22 | N/A | 5.5 MEDIUM |
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the same as CVE-2022-37347. | |||||
CVE-2022-37347 | 2 Microsoft, Trendmicro | 2 Windows, Security | 2022-09-22 | N/A | 5.5 MEDIUM |
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. This vulnerability is similar to, but not the same as CVE-2022-35234. | |||||
CVE-2022-34893 | 2 Microsoft, Trendmicro | 2 Windows, Security | 2022-09-22 | N/A | 7.8 HIGH |
Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with lower privileges could manipulate a mountpoint which could lead to escalation of privilege on an affected machine. | |||||
CVE-2022-35234 | 2 Microsoft, Trendmicro | 2 Windows, Security | 2022-08-05 | N/A | 7.1 HIGH |
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine. | |||||
CVE-2022-30703 | 2 Microsoft, Trendmicro | 2 Windows, Security | 2022-06-16 | 4.6 MEDIUM | 7.8 HIGH |
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This vulnerability could also potentially be chained for privilege escalation. | |||||
CVE-2022-30702 | 2 Microsoft, Trendmicro | 2 Windows, Security | 2022-06-16 | 2.1 LOW | 5.5 MEDIUM |
Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to disclose sensitive information on an affected machine. | |||||
CVE-2018-6218 | 1 Trendmicro | 5 Deep Security, Endpoint Sensor, Officescan and 2 more | 2021-09-13 | 5.1 MEDIUM | 7.0 HIGH |
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system. | |||||
CVE-2019-14688 | 2 Microsoft, Trendmicro | 9 Windows, Control Manager, Endpoint Sensor and 6 more | 2020-03-04 | 5.1 MEDIUM | 7.0 HIGH |
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run. |