Trendmicro Serverprotect
18 CVEs affecting Trendmicro Serverprotect. Latest disclosed: 2022-02-24. Critical: 5, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-25330 | Critical | 9.8 | 2022-02-24 | Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve re… |
CVE-2022-25329 | Critical | 9.8 | 2022-02-24 | Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An una… |
CVE-2021-36745 | Critical | 9.8 | 2021-09-29 | A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProt… |
CVE-2017-9034 | Critical | 9.8 | 2017-05-26 | Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code with root privilege… |
CVE-2020-24561 | Critical | 9.1 | 2020-09-15 | A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attack… |
CVE-2017-9033 | High | 8.8 | 2017-05-26 | Cross-site request forgery (CSRF) vulnerability in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows remote attackers to hijack the authentication… |
CVE-2017-9036 | High | 7.8 | 2017-05-26 | Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory. |
CVE-2022-25331 | High | 7.5 | 2022-02-24 | Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process. |
CVE-2017-9035 | High | 7.4 | 2017-05-26 | Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to eavesdrop and tamper with updates by leveraging unencrypted communications with upda… |
CVE-2019-14688 | High | 7.0 | 2020-02-20 | Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnera… |
CVE-2020-28575 | Medium | 6.7 | 2020-12-01 | A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affe… |
CVE-2020-8607 | Medium | 6.7 | 2020-08-05 | An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an… |
CVE-2017-9037 | Medium | 6.1 | 2017-05-26 | Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web sc… |
CVE-2017-9032 | Medium | 6.1 | 2017-05-26 | Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web sc… |
CVE-2021-25252 | Medium | 5.5 | 2021-03-03 | Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-se… |
CVE-2021-25226 | Medium | 5.5 | 2021-01-27 | A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-se… |
CVE-2021-25225 | Medium | 5.5 | 2021-01-27 | A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-se… |
CVE-2021-25224 | Medium | 5.5 | 2021-01-27 | A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-se… |