cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-25331,https://securityvulnerability.io/vulnerability/CVE-2022-25331,,Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.,Trend Micro,"Trend Micro Serverprotect For Storage,Trend Micro Serverprotect For Microsoft Windows / Novell Netware,Trend Micro Serverprotect For Emc Celerra,Trend Micro Serverprotect For Network Appliance Filers",7.5,HIGH,0.0018100000452250242,false,false,false,false,,false,false,2022-02-24T02:45:24.000Z,0
CVE-2022-25330,https://securityvulnerability.io/vulnerability/CVE-2022-25330,,Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.,Trend Micro,"Trend Micro Serverprotect For Storage,Trend Micro Serverprotect For Microsoft Windows / Novell Netware,Trend Micro Serverprotect For Emc Celerra,Trend Micro Serverprotect For Network Appliance Filers",9.8,CRITICAL,0.006490000057965517,false,false,false,false,,false,false,2022-02-24T02:45:22.000Z,0
CVE-2022-25329,https://securityvulnerability.io/vulnerability/CVE-2022-25329,,Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.,Trend Micro,"Trend Micro Serverprotect For Storage,Trend Micro Serverprotect For Microsoft Windows / Novell Netware,Trend Micro Serverprotect For Emc Celerra,Trend Micro Serverprotect For Network Appliance Filers",9.8,CRITICAL,0.00343000004068017,false,false,false,false,,false,false,2022-02-24T02:45:21.000Z,0
CVE-2021-36745,https://securityvulnerability.io/vulnerability/CVE-2021-36745,,"A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Netware 5.8 could allow a remote attacker to bypass authentication on affected installations.",Trend Micro,"Trend Micro Serverprotect For Storage,Trend Micro Serverprotect For Emc Celerra,Trend Micro Serverprotect For Network Appliance Filers,Trend Micro Serverprotect For Microsoft Windows / Novell Netware",9.8,CRITICAL,0.01858000084757805,false,false,false,false,,false,false,2021-09-29T10:21:30.000Z,0
CVE-2021-25226,https://securityvulnerability.io/vulnerability/CVE-2021-25226,,A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scan engine component. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Serverprotect For Linux,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2021-01-27T19:10:25.000Z,0
CVE-2021-25225,https://securityvulnerability.io/vulnerability/CVE-2021-25225,,A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scheduled scan component. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Serverprotect For Linux,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2021-01-27T19:10:24.000Z,0
CVE-2021-25224,https://securityvulnerability.io/vulnerability/CVE-2021-25224,,A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a manual scan component. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Serverprotect For Linux,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2021-01-27T19:10:24.000Z,0
CVE-2020-28575,https://securityvulnerability.io/vulnerability/CVE-2020-28575,,A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute high-privileged code on the target in order to exploit this vulnerability.,Trend Micro,Trend Micro Serverprotect For Linux,6.7,MEDIUM,0.0009899999713525176,false,false,false,false,,false,false,2020-12-01T18:40:38.000Z,0
CVE-2020-24561,https://securityvulnerability.io/vulnerability/CVE-2020-24561,,A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privileges on the SPLX console to exploit this vulnerability.,Trend Micro,Trend Micro Serverprotect For Linux,9.1,CRITICAL,0.0013000000035390258,false,false,false,false,,false,false,2020-09-15T20:00:16.000Z,0
CVE-2020-8607,https://securityvulnerability.io/vulnerability/CVE-2020-8607,,An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.,Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Deep Security,Trend Micro Worry-free Business Security,Trend Micro Security (consumer Family),Trend Micro Safe Lock,Trend Micro Serverprotect,Trend Micro Portable Security,Trend Micro Housecall,Trend Micro Anti-threat Toolkit (attk),Trend Micro Rootkit Buster",6.7,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2020-08-05T14:05:23.000Z,0
CVE-2019-14688,https://securityvulnerability.io/vulnerability/CVE-2019-14688,,Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run.,Trend Micro,"Trend Micro Im Security (ims), Trend Micro Control Manager (tmcm), Trend Micro Officescan (osce), Trend Micro Endpoint Sensor (tmes), Trend Micro Security (consumer), Trend Micro Scanmail For Microsoft Exchange (smex), Trend Micro Serverprotect (sp), Trend Micro Mobile Security Enterprise (tmms Enterprise)",7,HIGH,0.0006300000241026282,false,false,false,false,,false,false,2020-02-20T22:50:22.000Z,0
CVE-2008-0012,https://securityvulnerability.io/vulnerability/CVE-2008-0012,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0013 and CVE-2008-0014.",Trend Micro,Serverprotect,,,0.33708998560905457,false,false,false,false,,false,false,2008-11-17T23:00:00.000Z,0
CVE-2008-0013,https://securityvulnerability.io/vulnerability/CVE-2008-0013,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0014.",Trend Micro,Serverprotect,,,0.33708998560905457,false,false,false,false,,false,false,2008-11-17T23:00:00.000Z,0
CVE-2006-5268,https://securityvulnerability.io/vulnerability/CVE-2006-5268,,"Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via vectors related to obtaining ""administrative access to the RPC interface.""",Trend Micro,Serverprotect,,,0.14646999537944794,false,false,false,false,,false,false,2008-11-17T23:00:00.000Z,0
CVE-2006-5269,https://securityvulnerability.io/vulnerability/CVE-2006-5269,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface.",Trend Micro,Serverprotect,,,0.33708998560905457,false,false,false,false,,false,false,2008-11-17T23:00:00.000Z,0
CVE-2007-0072,https://securityvulnerability.io/vulnerability/CVE-2007-0072,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC.",Trend Micro,Serverprotect,,,0.33708998560905457,false,false,false,false,,false,false,2008-11-17T23:00:00.000Z,0
CVE-2007-0073,https://securityvulnerability.io/vulnerability/CVE-2007-0073,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a file read operation over RPC.",Trend Micro,Serverprotect,,,0.33708998560905457,false,false,false,false,,false,false,2008-11-17T23:00:00.000Z,0
CVE-2007-0074,https://securityvulnerability.io/vulnerability/CVE-2007-0074,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC.",Trend Micro,Serverprotect,,,0.33708998560905457,false,false,false,false,,false,false,2008-11-17T23:00:00.000Z,0
CVE-2008-0014,https://securityvulnerability.io/vulnerability/CVE-2008-0014,,"Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to the product's configuration, a different vulnerability than CVE-2008-0012 and CVE-2008-0013.",Trend Micro,Serverprotect,,,0.33708998560905457,false,false,false,false,,false,false,2008-11-17T23:00:00.000Z,0
CVE-2007-6507,https://securityvulnerability.io/vulnerability/CVE-2007-6507,,"SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes unspecified dangerous sub-functions from StRpcSrv.dll in the DCE/RPC interface, which allows remote attackers to obtain ""full file system access"" and execute arbitrary code.",Trend Micro,Serverprotect,,,0.9598000049591064,false,false,false,false,,false,false,2007-12-20T23:00:00.000Z,0
CVE-2007-4731,https://securityvulnerability.io/vulnerability/CVE-2007-4731,,Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005.,Trend Micro,Serverprotect,,,0.9434700012207031,false,false,false,false,,false,false,2007-09-12T01:00:00.000Z,0
CVE-2007-4219,https://securityvulnerability.io/vulnerability/CVE-2007-4219,,"Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5168, which triggers a heap-based buffer overflow.",Trend Micro,Serverprotect,,,0.8746799826622009,false,false,false,false,,false,false,2007-08-22T23:17:00.000Z,0
CVE-2007-4218,https://securityvulnerability.io/vulnerability/CVE-2007-4218,,"Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in (c) Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service.",Trend Micro,Serverprotect,,,0.9243800044059753,false,false,false,false,,false,false,2007-08-22T23:17:00.000Z,0
CVE-2007-4490,https://securityvulnerability.io/vulnerability/CVE-2007-4490,,Multiple buffer overflows in EarthAgent.exe in Trend Micro ServerProtect 5.58 for Windows before Security Patch 4 allow remote attackers to have an unknown impact via certain RPC function calls to (1) RPCFN_EVENTBACK_DoHotFix or (2) CMD_CHANGE_AGENT_REGISTER_INFO.,Trend Micro,Serverprotect,,,0.011099999770522118,false,false,false,false,,false,false,2007-08-22T23:17:00.000Z,0
CVE-2007-2533,https://securityvulnerability.io/vulnerability/CVE-2007-2533,,"Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll.",Trend Micro,Serverprotect,,,0.17041000723838806,false,false,false,false,,false,false,2007-05-09T00:00:00.000Z,0