cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2021-32465,https://securityvulnerability.io/vulnerability/CVE-2021-32465,,"An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan",8.8,HIGH,0.008779999800026417,false,false,false,false,,false,false,2021-08-04T18:29:37.000Z,0 CVE-2021-36742,https://securityvulnerability.io/vulnerability/CVE-2021-36742,,"A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",7.8,HIGH,0.0013699999544769526,true,false,false,true,,false,false,2021-07-29T19:23:14.000Z,0 CVE-2021-36741,https://securityvulnerability.io/vulnerability/CVE-2021-36741,,"An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product�s management console in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",8.8,HIGH,0.14893999695777893,true,false,false,true,,false,false,2021-07-29T19:23:13.000Z,0 CVE-2021-28646,https://securityvulnerability.io/vulnerability/CVE-2021-28646,,"An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan",5.5,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2021-04-13T12:54:59.000Z,0 CVE-2021-28645,https://securityvulnerability.io/vulnerability/CVE-2021-28645,,"An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-04-13T12:54:38.000Z,0 CVE-2021-25253,https://securityvulnerability.io/vulnerability/CVE-2021-25253,,"An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan",7.8,HIGH,0.00044999999227002263,false,false,false,true,true,false,false,2021-04-13T12:53:59.000Z,0 CVE-2021-25250,https://securityvulnerability.io/vulnerability/CVE-2021-25250,,"An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-04-13T12:35:04.000Z,0 CVE-2021-25249,https://securityvulnerability.io/vulnerability/CVE-2021-25249,,"An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-02-04T19:36:52.000Z,0 CVE-2021-25248,https://securityvulnerability.io/vulnerability/CVE-2021-25248,,"An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow an attacker to disclose sensitive information about a named pipe. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2021-02-04T19:36:51.000Z,0 CVE-2021-25246,https://securityvulnerability.io/vulnerability/CVE-2021-25246,,"An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that could be used then make valid configuration queries.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",6.5,MEDIUM,0.012629999779164791,false,false,false,false,,false,false,2021-02-04T19:36:50.000Z,0 CVE-2021-25243,https://securityvulnerability.io/vulnerability/CVE-2021-25243,,"An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain patch level information.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",5.3,MEDIUM,0.009669999592006207,false,false,false,false,,false,false,2021-02-04T19:36:48.000Z,0 CVE-2021-25242,https://securityvulnerability.io/vulnerability/CVE-2021-25242,,"An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain version and build information.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",5.3,MEDIUM,0.009669999592006207,false,false,false,false,,false,false,2021-02-04T19:36:47.000Z,0 CVE-2021-25240,https://securityvulnerability.io/vulnerability/CVE-2021-25240,,"An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain x64 agent hofitx information.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",5.3,MEDIUM,0.009669999592006207,false,false,false,false,,false,false,2021-02-04T19:36:46.000Z,0 CVE-2021-25239,https://securityvulnerability.io/vulnerability/CVE-2021-25239,,"An improper access control vulnerability in Trend Micro Apex One (on-prem), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about x86 agent hotfixes.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",5.3,MEDIUM,0.009669999592006207,false,false,false,false,,false,false,2021-02-04T19:36:45.000Z,0 CVE-2021-25238,https://securityvulnerability.io/vulnerability/CVE-2021-25238,,An improper access control information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about an agent's managing port.,Trend Micro,"Trend Micro Officescan,Trend Micro Worry-free Business Security",5.3,MEDIUM,0.00786999985575676,false,false,false,false,,false,false,2021-02-04T19:36:45.000Z,0 CVE-2021-25235,https://securityvulnerability.io/vulnerability/CVE-2021-25235,,An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about a content inspection configuration file.,Trend Micro,"Trend Micro Apex One,Trend Micro Officescan",5.3,MEDIUM,0.006750000175088644,false,false,false,false,,false,false,2021-02-04T19:36:43.000Z,0 CVE-2021-25236,https://securityvulnerability.io/vulnerability/CVE-2021-25236,,A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a specific sweep.,Trend Micro,"Trend Micro Officescan,Trend Micro Worry-free Business Security",5.3,MEDIUM,0.0083600003272295,false,false,false,false,,false,false,2021-02-04T19:36:43.000Z,0 CVE-2021-25234,https://securityvulnerability.io/vulnerability/CVE-2021-25234,,"An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific notification configuration file.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",5.3,MEDIUM,0.017330000177025795,false,false,false,false,,false,false,2021-02-04T19:36:42.000Z,0 CVE-2021-25233,https://securityvulnerability.io/vulnerability/CVE-2021-25233,,"An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific configuration download file.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",5.3,MEDIUM,0.017330000177025795,false,false,false,false,,false,false,2021-02-04T19:36:41.000Z,0 CVE-2021-25232,https://securityvulnerability.io/vulnerability/CVE-2021-25232,,An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database.,Trend Micro,"Trend Micro Apex One,Trend Micro Officescan",5.3,MEDIUM,0.00675999978557229,false,false,false,false,,false,false,2021-02-04T19:36:41.000Z,0 CVE-2021-25231,https://securityvulnerability.io/vulnerability/CVE-2021-25231,,"An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific hotfix history file.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",5.3,MEDIUM,0.009669999592006207,false,false,false,false,,false,false,2021-02-04T19:36:40.000Z,0 CVE-2021-25230,https://securityvulnerability.io/vulnerability/CVE-2021-25230,,An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the contents of a scan connection exception file.,Trend Micro,"Trend Micro Apex One,Trend Micro Officescan",5.3,MEDIUM,0.00675999978557229,false,false,false,false,,false,false,2021-02-04T19:36:39.000Z,0 CVE-2021-25229,https://securityvulnerability.io/vulnerability/CVE-2021-25229,,An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the database server.,Trend Micro,"Trend Micro Apex One,Trend Micro Officescan",5.3,MEDIUM,0.00675999978557229,false,false,false,false,,false,false,2021-02-04T19:36:38.000Z,0 CVE-2021-25228,https://securityvulnerability.io/vulnerability/CVE-2021-25228,,"An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about hotfix history.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",5.3,MEDIUM,0.009669999592006207,false,false,false,false,,false,false,2021-02-04T19:36:38.000Z,0 CVE-2020-28583,https://securityvulnerability.io/vulnerability/CVE-2020-28583,,"An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan",5.3,MEDIUM,0.00953999999910593,false,false,false,false,,false,false,2020-12-01T18:40:39.000Z,0