Product:

Apex_one

(Trendmicro)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 136
Date Id Summary Products Score Patch Annotated
2021-04-13 CVE-2021-28646 An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations. Apex_one, Officescan 5.5
2021-04-13 CVE-2021-28645 An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan 7.8
2021-04-13 CVE-2021-25253 An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan 7.8
2021-04-13 CVE-2021-25250 An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan 7.8
2021-02-04 CVE-2021-25229 An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the database server. Apex_one, Officescan 5.3
2021-02-04 CVE-2021-25228 An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about hotfix history. Apex_one, Officescan, Worry\-Free_business_security 5.3
2021-02-04 CVE-2021-25249 An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan, Worry\-Free_business_security 7.8
2021-02-04 CVE-2021-25248 An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow an attacker to disclose sensitive information about a named pipe. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Apex_one, Officescan, Worry\-Free_business_security 5.5
2021-02-04 CVE-2021-25246 An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that could be used then make valid configuration queries. Apex_one, Officescan, Worry\-Free_business_security 6.5
2021-02-04 CVE-2021-25234 An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific notification configuration file. Apex_one, Officescan, Worry\-Free_business_security 5.3