cbcvebase.

Trendmicro Antivirus + Security vulnerabilities

7 known vulnerabilities affecting trendmicro/antivirus_+_security.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2018-3608P3CRITICALCVSS 9.8≤ 12.0.11912018-07-06
CVE-2018-3608 [CRITICAL] CWE-94 CVE-2018-3608: A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) Use A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes.
nvd
CVE-2024-23940P3HIGHCVSS 7.8fixed in 6.0.21032024-01-29
CVE-2024-23940 [HIGH] CWE-427 CVE-2024-23940: Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, ver Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited could allow an attacker to impersonate and modify a library to execute code on the system and ultimately escalate privileges on an affected system.
nvd
CVE-2018-18333P3HIGHCVSS 7.8fixed in 15.0.0.11632019-02-05
CVE-2018-18333 [HIGH] CWE-426 CVE-2018-18333: A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations.
nvd
CVE-2018-10513P3HIGHCVSS 7.8≤ 12.02018-08-30
CVE-2018-10513 [HIGH] CWE-502 CVE-2018-10513: A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.
nvd
CVE-2018-10514P3HIGHCVSS 7.8≤ 12.02018-08-30
CVE-2018-10514 [HIGH] CWE-269 CVE-2018-10514: A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) p A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.
nvd
CVE-2018-15363P3HIGHCVSS 7.8≤ 12.02018-08-30
CVE-2018-15363 [HIGH] CWE-125 CVE-2018-15363: An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) pro An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.
nvd
CVE-2021-43772P4MEDIUMCVSS 5.5≤ 20212021-12-03
CVE-2021-43772 [MEDIUM] CWE-552 CVE-2021-43772: Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the pro Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection.
nvd
Trendmicro Antivirus + Security vulnerabilities | cvebase