Trendmicro Serverprotect

18 CVEs affecting Trendmicro Serverprotect. Latest disclosed: 2022-02-24. Critical: 5, High: 5.

Top CVEs affecting Trendmicro Serverprotect
CVESeverityScorePublishedSummary
CVE-2022-25330Critical9.82022-02-24Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve re…
CVE-2022-25329Critical9.82022-02-24Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An una…
CVE-2021-36745Critical9.82021-09-29A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProt…
CVE-2017-9034Critical9.82017-05-26Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary files and consequently execute arbitrary code with root privilege…
CVE-2020-24561Critical9.12020-09-15A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attack…
CVE-2017-9033High8.82017-05-26Cross-site request forgery (CSRF) vulnerability in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows remote attackers to hijack the authentication…
CVE-2017-9036High7.82017-05-26Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory.
CVE-2022-25331High7.52022-02-24Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.
CVE-2017-9035High7.42017-05-26Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to eavesdrop and tamper with updates by leveraging unencrypted communications with upda…
CVE-2019-14688High7.02020-02-20Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnera…
CVE-2020-28575Medium6.72020-12-01A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affe…
CVE-2020-8607Medium6.72020-08-05An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an…
CVE-2017-9037Medium6.12017-05-26Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web sc…
CVE-2017-9032Medium6.12017-05-26Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web sc…
CVE-2021-25252Medium5.52021-03-03Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-se…
CVE-2021-25226Medium5.52021-01-27A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-se…
CVE-2021-25225Medium5.52021-01-27A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-se…
CVE-2021-25224Medium5.52021-01-27A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-se…