Vulnerabilities in Trend Micro, Inc.
180 resultsCVE-2023-25145HIGHA link following vulnerability in the scanning function of Trend Micro Apex One agent could allow a local attacker to escalate privileges onEPSS 0.4%CVE-2023-25148HIGHA security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to exploit the vulnerability by changing EPSS 0.4%CVE-2025-31286MEDIUMAn HTML injection vulnerability previously discovered in Trend Vision One could have allowed a malicious user to execute arbitrary code.
EPSS 0.4%CVE-2024-36359MEDIUMA cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to esEPSS 0.4%CVE-2023-28929—Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a EPSS 0.4%CVE-2023-38624MEDIUMA post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow aEPSS 0.4%CVE-2025-71214HIGHAn origin validation error vulnerability in the Trend Micro Apex One (mac) agent iCore service could allow a local attacker to escalate privEPSS 0.4%CVE-2024-36303HIGHAn origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affecteEPSS 0.4%CVE-2023-38625MEDIUMA post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow aEPSS 0.4%CVE-2023-38627MEDIUMA post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow aEPSS 0.4%CVE-2023-38626MEDIUMA post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow aEPSS 0.4%CVE-2022-44652HIGHAn improper handling of exceptional conditions vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker EPSS 0.3%CVE-2022-44650HIGHA memory corruption vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could alloEPSS 0.3%CVE-2022-44649HIGHAn out-of-bounds access vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could EPSS 0.3%CVE-2025-49215HIGHA post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges oEPSS 0.3%CVE-2025-71213HIGHAn origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installatioEPSS 0.3%CVE-2023-32537—Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacEPSS 0.3%CVE-2023-32605—Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacEPSS 0.3%CVE-2023-32604—Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacEPSS 0.3%CVE-2023-32536—Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacEPSS 0.3%