cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-25331,https://securityvulnerability.io/vulnerability/CVE-2022-25331,Uncaught Exception Vulnerability in Trend Micro ServerProtection,"An uncaught exceptions vulnerability exists in Trend Micro ServerProtection 6.0 and 5.8 Information Server, which could allow a remote attacker to exploit the flaw. This exploitation has the potential to crash the server process, disrupting services and compromising system availability. Proper security measures and updates are essential to mitigate this risk and ensure system stability.",Trend Micro,"Trend Micro Serverprotect For Storage,Trend Micro Serverprotect For Microsoft Windows / Novell Netware,Trend Micro Serverprotect For Emc Celerra,Trend Micro Serverprotect For Network Appliance Filers",7.5,HIGH,0.0018100000452250242,false,,false,false,false,,,false,false,,2022-02-24T02:45:24.000Z,0
CVE-2022-25330,https://securityvulnerability.io/vulnerability/CVE-2022-25330,Integer Overflow Vulnerability in Trend Micro ServerProtect,"An integer overflow vulnerability exists in Trend Micro ServerProtect versions 6.0 and 5.8 Information Server. This flaw can be exploited by remote attackers to crash the affected process or execute arbitrary code. The exploitation could lead to serious security breaches, emphasizing the importance of immediate patching to mitigate potential risks.",Trend Micro,"Trend Micro Serverprotect For Storage,Trend Micro Serverprotect For Microsoft Windows / Novell Netware,Trend Micro Serverprotect For Emc Celerra,Trend Micro Serverprotect For Network Appliance Filers",9.8,CRITICAL,0.006850000005215406,false,,false,false,false,,,false,false,,2022-02-24T02:45:22.000Z,0
CVE-2022-25329,https://securityvulnerability.io/vulnerability/CVE-2022-25329,Authentication Bypass in Trend Micro ServerProtect Information Server,"Trend Micro ServerProtect versions 6.0 and 5.8 contain a vulnerability that allows unauthenticated remote attackers to exploit the Information Server. By using a specific command in the console, an attacker could register on the server and execute actions as an authenticated user. This flaw stems from the use of static credentials during the authentication process, posing a significant security risk for organizations relying on these versions.",Trend Micro,"Trend Micro Serverprotect For Storage,Trend Micro Serverprotect For Microsoft Windows / Novell Netware,Trend Micro Serverprotect For Emc Celerra,Trend Micro Serverprotect For Network Appliance Filers",9.8,CRITICAL,0.00343000004068017,false,,false,false,false,,,false,false,,2022-02-24T02:45:21.000Z,0
CVE-2021-36745,https://securityvulnerability.io/vulnerability/CVE-2021-36745,Authentication Bypass Vulnerability in Trend Micro ServerProtect Products,"A vulnerability exists in multiple versions of Trend Micro ServerProtect products, enabling remote attackers to bypass authentication mechanisms on affected installations. This flaw could lead directly to unauthorized access, posing significant security risks to systems relying on these products. Proper security measures should be evaluated to mitigate potential exploitation.",Trend Micro,"Trend Micro Serverprotect For Storage,Trend Micro Serverprotect For Emc Celerra,Trend Micro Serverprotect For Network Appliance Filers,Trend Micro Serverprotect For Microsoft Windows / Novell Netware",9.8,CRITICAL,0.01858000084757805,false,,false,false,false,,,false,false,,2021-09-29T10:21:30.000Z,0
CVE-2021-25226,https://securityvulnerability.io/vulnerability/CVE-2021-25226,Memory Exhaustion Vulnerability in Trend Micro ServerProtect for Linux,"A memory exhaustion vulnerability exists in Trend Micro ServerProtect for Linux 3.0, allowing a local attacker to create specially crafted files that can result in a denial of service. This issue resides within the scan engine component, and exploitation requires the attacker to execute low-privileged code on the compromised system. Successful exploitation could lead to system instability and disruption of service.",Trend Micro,Trend Micro Serverprotect For Linux,5.5,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2021-01-27T19:10:25.000Z,0
CVE-2021-25225,https://securityvulnerability.io/vulnerability/CVE-2021-25225,Memory Exhaustion Vulnerability in Trend Micro ServerProtect for Linux,"A memory exhaustion vulnerability exists in Trend Micro ServerProtect for Linux 3.0, which could be exploited by a local attacker through the creation of specific files. This flaw resides within a scheduled scan component of the software, which, when manipulated, can lead to a denial-of-service scenario. To exploit this vulnerability, the attacker must gain the ability to execute low-privileged code on the compromised system.",Trend Micro,Trend Micro Serverprotect For Linux,5.5,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2021-01-27T19:10:24.000Z,0
CVE-2021-25224,https://securityvulnerability.io/vulnerability/CVE-2021-25224,Memory Exhaustion Vulnerability in Trend Micro ServerProtect for Linux,"A memory exhaustion issue exists within Trend Micro ServerProtect for Linux 3.0, originating from its manual scan component. This vulnerability allows a local attacker to create specific files aimed at exhausting system memory, potentially resulting in a denial-of-service scenario. To successfully exploit this flaw, an attacker must first execute low-privileged code on the target machine. Effective mitigation strategies should be employed to safeguard the affected systems.",Trend Micro,Trend Micro Serverprotect For Linux,5.5,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2021-01-27T19:10:24.000Z,0
CVE-2020-28575,https://securityvulnerability.io/vulnerability/CVE-2020-28575,Heap-Based Buffer Overflow in Trend Micro ServerProtect for Linux,"A heap-based buffer overflow vulnerability in Trend Micro ServerProtect for Linux 3.0 allows attackers to escalate privileges on vulnerable systems. To exploit this vulnerability, an attacker must first execute code with elevated privileges on the affected installation. This could lead to unauthorized access and control over the system, making it essential for users to address this security concern promptly.",Trend Micro,Trend Micro Serverprotect For Linux,6.7,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2020-12-01T18:40:38.000Z,0
CVE-2020-24561,https://securityvulnerability.io/vulnerability/CVE-2020-24561,Command Injection Vulnerability in Trend Micro ServerProtect for Linux,"A command injection vulnerability has been identified in Trend Micro ServerProtect for Linux version 3.0. This flaw allows an attacker to exploit the system by executing arbitrary commands. To successfully exploit this vulnerability, the attacker must first gain admin or root privileges on the SPLX console, thereby increasing the risk and potential impact on the affected systems.",Trend Micro,Trend Micro Serverprotect For Linux,9.1,CRITICAL,0.0013000000035390258,false,,false,false,false,,,false,false,,2020-09-15T20:00:16.000Z,0
CVE-2020-8607,https://securityvulnerability.io/vulnerability/CVE-2020-8607,Input Validation Vulnerability in Trend Micro Rootkit Protection Driver,"An input validation issue present in various Trend Micro products utilizing a specific version of the rootkit protection driver can potentially be exploited by an attacker with administrative privileges. This flaw allows unauthorized modification of kernel addresses, which may lead to system instability, crashes, or even execution of arbitrary code at the kernel level. The attacker must have already gained administrator access to the affected machine prior to exploitation, emphasizing the need for robust security measures to prevent initial unauthorized access.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Deep Security,Trend Micro Worry-free Business Security,Trend Micro Security (consumer Family),Trend Micro Safe Lock,Trend Micro Serverprotect,Trend Micro Portable Security,Trend Micro Housecall,Trend Micro Anti-threat Toolkit (attk),Trend Micro Rootkit Buster",6.7,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2020-08-05T14:05:23.000Z,0
CVE-2019-14688,https://securityvulnerability.io/vulnerability/CVE-2019-14688,DLL Hijack Vulnerability in Trend Micro Installation Packages,"Trend Micro installation packages have been found to contain a DLL hijack vulnerability that is exploitable during the initial installation phase of various products. This issue occurs when an authorized user unknowingly runs the installer, allowing an attacker to require the download of a malicious DLL file on the user's local system. As a result, the compromised DLL could be executed, leading to potential unauthorized actions on the system. The vulnerability raises concerns about the security of software installations and the need for users to be vigilant during the setup process.",Trend Micro,"Trend Micro Im Security (ims), Trend Micro Control Manager (tmcm), Trend Micro Officescan (osce), Trend Micro Endpoint Sensor (tmes), Trend Micro Security (consumer), Trend Micro Scanmail For Microsoft Exchange (smex), Trend Micro Serverprotect (sp), Trend Micro Mobile Security Enterprise (tmms Enterprise)",7,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2020-02-20T22:50:22.000Z,0
CVE-2008-0012,https://securityvulnerability.io/vulnerability/CVE-2008-0012,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0013 and CVE-2008-0014.",Trend Micro,Serverprotect,,,0.33708998560905457,false,,false,false,false,,,false,false,,2008-11-17T23:00:00.000Z,0
CVE-2006-5268,https://securityvulnerability.io/vulnerability/CVE-2006-5268,,"Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining ""administrative access to the RPC interface.""",Trend Micro,Serverprotect,,,0.14646999537944794,false,,false,false,false,,,false,false,,2008-11-17T23:00:00.000Z,0
CVE-2006-5269,https://securityvulnerability.io/vulnerability/CVE-2006-5269,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface.",Trend Micro,Serverprotect,,,0.33708998560905457,false,,false,false,false,,,false,false,,2008-11-17T23:00:00.000Z,0
CVE-2007-0072,https://securityvulnerability.io/vulnerability/CVE-2007-0072,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC.",Trend Micro,Serverprotect,,,0.33708998560905457,false,,false,false,false,,,false,false,,2008-11-17T23:00:00.000Z,0
CVE-2007-0073,https://securityvulnerability.io/vulnerability/CVE-2007-0073,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a file read operation over RPC.",Trend Micro,Serverprotect,,,0.33708998560905457,false,,false,false,false,,,false,false,,2008-11-17T23:00:00.000Z,0
CVE-2007-0074,https://securityvulnerability.io/vulnerability/CVE-2007-0074,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC.",Trend Micro,Serverprotect,,,0.33708998560905457,false,,false,false,false,,,false,false,,2008-11-17T23:00:00.000Z,0
CVE-2008-0013,https://securityvulnerability.io/vulnerability/CVE-2008-0013,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0014.",Trend Micro,Serverprotect,,,0.33708998560905457,false,,false,false,false,,,false,false,,2008-11-17T23:00:00.000Z,0
CVE-2008-0014,https://securityvulnerability.io/vulnerability/CVE-2008-0014,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013.",Trend Micro,Serverprotect,,,0.33708998560905457,false,,false,false,false,,,false,false,,2008-11-17T23:00:00.000Z,0
CVE-2007-6507,https://securityvulnerability.io/vulnerability/CVE-2007-6507,,"SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain ""full file system access"" and execute arbitrary code.",Trend Micro,Serverprotect,,,0.9603800177574158,false,,false,false,false,,,false,false,,2007-12-20T23:00:00.000Z,0
CVE-2007-4731,https://securityvulnerability.io/vulnerability/CVE-2007-4731,,Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005.,Trend Micro,Serverprotect,,,0.9434700012207031,false,,false,false,false,,,false,false,,2007-09-12T01:00:00.000Z,0
CVE-2007-4219,https://securityvulnerability.io/vulnerability/CVE-2007-4219,,"Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5168, which triggers a heap-based buffer overflow.",Trend Micro,Serverprotect,,,0.8746799826622009,false,,false,false,false,,,false,false,,2007-08-22T23:17:00.000Z,0
CVE-2007-4218,https://securityvulnerability.io/vulnerability/CVE-2007-4218,,"Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in (c) Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service.",Trend Micro,Serverprotect,,,0.9243800044059753,false,,false,false,false,,,false,false,,2007-08-22T23:17:00.000Z,0
CVE-2007-4490,https://securityvulnerability.io/vulnerability/CVE-2007-4490,,Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Security Patch 4 allow remote attackers to have an unknown impact via certain RPC function calls to (1) RPCFN_EVENTBACK_DoHotFix or (2) CMD_CHANGE_AGENT_REGISTER_INFO.,Trend Micro,Serverprotect,,,0.011099999770522118,false,,false,false,false,,,false,false,,2007-08-22T23:17:00.000Z,0
CVE-2007-2533,https://securityvulnerability.io/vulnerability/CVE-2007-2533,,"Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll.",Trend Micro,Serverprotect,,,0.17041000723838806,false,,false,false,false,,,false,false,,2007-05-09T00:00:00.000Z,0