cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-28339,https://securityvulnerability.io/vulnerability/CVE-2022-28339,Uncontrolled Search Patch Element Vulnerability in Trend Micro HouseCall for Home Networks,"Trend Micro HouseCall for Home Networks versions 5.3.1302 and earlier are susceptible to an uncontrolled search patch element vulnerability. This flaw may allow an attacker with low user privileges to craft a malicious DLL, potentially resulting in escalated privileges. This situation poses a significant security risk as it could enable attackers to execute unauthorized actions within the system.",Trend Micro,Trend Micro Housecall For Home Networks,7.3,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-02-22T20:51:10.611Z,0
CVE-2022-38764,https://securityvulnerability.io/vulnerability/CVE-2022-38764,Local Privilege Escalation in Trend Micro HouseCall,"A vulnerability in Trend Micro HouseCall versions up to 1.62.1.1133 allows local attackers to escalate privileges. This is due to an overly permissive folder in the product installer, which can be exploited to gain unauthorized access and control over the system. Implementing proper permission settings is crucial to mitigate this risk.",Trend Micro,Trend Micro Housecall (consumer),7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-09-19T18:01:00.000Z,0
CVE-2021-32466,https://securityvulnerability.io/vulnerability/CVE-2021-32466,Privilege Escalation Vulnerability in Trend Micro HouseCall for Home Networks,"An uncontrolled search path element vulnerability in Trend Micro HouseCall for Home Networks allows attackers to escalate privileges. By placing a specially crafted file in a designated directory, a malicious library can be loaded, enabling unauthorized access or control. Attackers must have a foothold to execute low-privileged code on the system in order to exploit this vulnerability. Users of versions 5.3.1225 and earlier should apply patches to mitigate this risk.",Trend Micro,Trend Micro Housecall For Home Networks,7,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-09-29T10:21:29.000Z,0
CVE-2021-31519,https://securityvulnerability.io/vulnerability/CVE-2021-31519,Privilege Escalation Flaw in Trend Micro HouseCall for Home Networks,"A vulnerability exists within the installer folders of Trend Micro HouseCall for Home Networks that permits an attacker with initial low-privileged access to escalate their privileges. By placing arbitrary code in a designated folder, the attacker can have that code executed with elevated privileges by an Administrator scanning the target system. This highlights the significance of strict permission settings in software components to prevent unauthorized code execution.",Trend Micro,Trend Micro Housecall For Home Networks,7.3,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-05-12T14:57:42.000Z,0
CVE-2021-28649,https://securityvulnerability.io/vulnerability/CVE-2021-28649,Privilege Escalation Vulnerability in Trend Micro HouseCall for Home Networks,"The vulnerability arises from incorrect permissions in the product installer for Trend Micro HouseCall for Home Networks versions 5.3.1179 and earlier. An attacker with low privileges can exploit this flaw to place arbitrary code in a specified folder. If an Administrator initiates a scan, this code could be executed, effectively allowing the attacker to escalate their privileges. It's critical for users to ensure they are operating on the latest versions and to remain vigilant against such execution risks.",Trend Micro,Trend Micro Housecall For Home Networks,7.3,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-05-12T14:57:41.000Z,0
CVE-2021-25247,https://securityvulnerability.io/vulnerability/CVE-2021-25247,DLL Hijacking Vulnerability in Trend Micro HouseCall for Home Networks,"A vulnerability in Trend Micro HouseCall for Home Networks enables attackers with user privileges to utilize a malicious DLL to gain elevated permissions, allowing them to execute arbitrary code on the affected systems. This exploitation could lead to significant security risks, highlighting the need for timely remediation.",Trend Micro,Trend Micro Housecall For Home Networks,7.8,HIGH,0.0007200000109151006,false,,false,false,false,,,false,false,,2021-01-27T19:10:26.000Z,0
CVE-2020-8607,https://securityvulnerability.io/vulnerability/CVE-2020-8607,Input Validation Vulnerability in Trend Micro Rootkit Protection Driver,"An input validation issue present in various Trend Micro products utilizing a specific version of the rootkit protection driver can potentially be exploited by an attacker with administrative privileges. This flaw allows unauthorized modification of kernel addresses, which may lead to system instability, crashes, or even execution of arbitrary code at the kernel level. The attacker must have already gained administrator access to the affected machine prior to exploitation, emphasizing the need for robust security measures to prevent initial unauthorized access.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Deep Security,Trend Micro Worry-free Business Security,Trend Micro Security (consumer Family),Trend Micro Safe Lock,Trend Micro Serverprotect,Trend Micro Portable Security,Trend Micro Housecall,Trend Micro Anti-threat Toolkit (attk),Trend Micro Rootkit Buster",6.7,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2020-08-05T14:05:23.000Z,0
CVE-2019-19689,https://securityvulnerability.io/vulnerability/CVE-2019-19689,DLL Hijack Vulnerability in Trend Micro HouseCall for Home Networks,"The vulnerability allows attackers to exploit Trend Micro HouseCall for Home Networks prior to version 5.3.0.1063 through a DLL hijacking technique, leveraging a flaw in the packer utilized by the application. This exploitation can lead to unauthorized execution of malicious code, thereby compromising the security of the affected systems.",Trend Micro,Trend Micro Housecall For Home Networks,7.8,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2019-12-18T18:30:16.000Z,0
CVE-2019-19688,https://securityvulnerability.io/vulnerability/CVE-2019-19688,Privilege Escalation Vulnerability in Trend Micro HouseCall for Home Networks,"A privilege escalation vulnerability exists in Trend Micro HouseCall for Home Networks that could allow an attacker to insert a harmful DLL file into the application's directory. This exploitation could enable unauthorized elevation of privileges, granting the attacker access to sensitive functions or data. Users of versions prior to 5.3.0.1063 are particularly at risk and should consider updating their software to mitigate this vulnerability.",Trend Micro,Trend Micro Housecall For Home Networks,7.8,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2019-12-18T18:30:15.000Z,0
CVE-2008-2435,https://securityvulnerability.io/vulnerability/CVE-2008-2435,,Use-after-free vulnerability in the Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in Housecall_ActiveX.dll allows remote attackers to execute arbitrary code via a crafted notifyOnLoadNative callback function.,Trend Micro,Housecall,,,0.2638300061225891,false,,false,false,false,,,false,false,,2008-12-23T18:13:00.000Z,0
CVE-2008-2434,https://securityvulnerability.io/vulnerability/CVE-2008-2434,,"The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in Housecall_ActiveX.dll allows remote attackers to download an arbitrary library file onto a client system via a ""custom update server"" argument.  NOTE: this can be leveraged for code execution by writing to a Startup folder.",Trend Micro,Housecall,,,0.2638300061225891,false,,false,false,false,,,false,false,,2008-12-23T18:13:00.000Z,0
CVE-2003-0646,https://securityvulnerability.io/vulnerability/CVE-2003-0646,,"Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings.",Trend Micro,"Housecall,Damage Cleanup Server",,,0.024229999631643295,false,,false,false,false,,,false,false,,2003-08-27T04:00:00.000Z,0