cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-27883,https://securityvulnerability.io/vulnerability/CVE-2022-27883,,A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an attacker must at least have low-level privileges on the system to attempt to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac,7.3,HIGH,0.0005600000149570405,false,false,false,false,,false,false,2022-04-09T00:05:11.000Z,0
CVE-2022-24671,https://securityvulnerability.io/vulnerability/CVE-2022-24671,,A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150 and below could allow a local attacker to modify a file during the update process and escalate their privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac,7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2022-02-24T02:45:48.000Z,0
CVE-2021-43771,https://securityvulnerability.io/vulnerability/CVE-2021-43771,,Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac 2021,7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-11-30T11:18:43.000Z,0
CVE-2021-28648,https://securityvulnerability.io/vulnerability/CVE-2021-28648,,Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac,7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-04-22T21:21:21.000Z,0
CVE-2021-25227,https://securityvulnerability.io/vulnerability/CVE-2021-25227,,Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability - i.e. the attacker must already have access to the target system (either legitimately or via another exploit).,Trend Micro,Trend Micro Antivirus For Mac,3.3,LOW,0.0008200000156648457,false,false,false,false,,false,false,2021-02-04T19:36:37.000Z,0
CVE-2020-27014,https://securityvulnerability.io/vulnerability/CVE-2020-27014,,"Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash.\n\n\r\nAn attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,Trend Micro Antivirus For Mac (consumer),6.4,MEDIUM,0.0006500000017695129,false,false,false,false,,false,false,2020-10-30T00:15:00.000Z,0
CVE-2020-27015,https://securityvulnerability.io/vulnerability/CVE-2020-27015,,"Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,Trend Micro Antivirus For Mac (consumer),4.4,MEDIUM,0.0006500000017695129,false,false,false,false,,false,false,2020-10-30T00:15:00.000Z,0
CVE-2020-27013,https://securityvulnerability.io/vulnerability/CVE-2020-27013,,Trend Micro Antivirus for Mac 2020 (Consumer) contains a vulnerability in the product that occurs when a webserver is started that implements an API with several properties that can be read and written to allowing the attacker to gather and modify sensitive product and user data. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac (consumer),4.4,MEDIUM,0.0013000000035390258,false,false,false,false,,false,false,2020-10-14T15:10:23.000Z,0
CVE-2020-25778,https://securityvulnerability.io/vulnerability/CVE-2020-25778,,Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in a specific kernel extension where an attacker could supply a kernel pointer and leak several bytes of memory. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac (consumer),6,MEDIUM,0.0006500000017695129,false,false,false,false,,false,false,2020-10-14T15:10:23.000Z,0
CVE-2020-25777,https://securityvulnerability.io/vulnerability/CVE-2020-25777,,Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a specific kernel extension request attack where an attacker could bypass the Web Threat Protection feature of the product. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.,Trend Micro,Trend Micro Antivirus For Mac (consumer),5.4,MEDIUM,0.001069999998435378,false,false,false,false,,false,false,2020-10-14T15:10:22.000Z,0
CVE-2020-25779,https://securityvulnerability.io/vulnerability/CVE-2020-25779,,Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websites list of Trend Micro Antivirus for Mac to bypass the web threat protection feature.,Trend Micro,Trend Micro Antivirus For Mac (consumer),3.3,LOW,0.0004400000034365803,false,false,false,false,,false,false,2020-10-13T15:45:15.000Z,0
CVE-2020-25776,https://securityvulnerability.io/vulnerability/CVE-2020-25776,,Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac (consumer),7.8,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2020-10-02T22:00:17.000Z,0
CVE-2019-19695,https://securityvulnerability.io/vulnerability/CVE-2019-19695,,A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it.,Trend Micro,Trend Micro Antivirus For Mac,7.5,HIGH,0.0008399999933317304,false,false,false,false,,false,false,2019-12-24T08:25:11.000Z,0
CVE-2018-18327,https://securityvulnerability.io/vulnerability/CVE-2018-18327,,A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation function on 0x6eDC offset user-supplied buffer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac (consumer),7.8,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2018-10-23T14:00:00.000Z,0
CVE-2018-15367,https://securityvulnerability.io/vulnerability/CVE-2018-15367,,A ctl_set KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac (consumer),7.8,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2018-10-23T14:00:00.000Z,0
CVE-2018-18329,https://securityvulnerability.io/vulnerability/CVE-2018-18329,,A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation function on 0x6F4E offset user-supplied buffer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac (consumer),7.8,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2018-10-23T14:00:00.000Z,0
CVE-2018-18328,https://securityvulnerability.io/vulnerability/CVE-2018-18328,,A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation function on 0x6F6A offset user-supplied buffer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac (consumer),7.8,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2018-10-23T14:00:00.000Z,0
CVE-2018-15366,https://securityvulnerability.io/vulnerability/CVE-2018-15366,,A UrlfWTPPagePtr KERedirect Use-After-Free Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Antivirus For Mac (consumer),7.8,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2018-10-23T14:00:00.000Z,0
CVE-2008-5545,https://securityvulnerability.io/vulnerability/CVE-2008-5545,,"Trend Micro VSAPI 8.700.0.1004 in Trend Micro AntiVirus, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka ""EXE info"") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.",Trend Micro,Trend Micro Antivirus,,,0.006940000224858522,false,false,false,false,,false,false,2008-12-12T18:13:00.000Z,0
CVE-2007-6386,https://securityvulnerability.io/vulnerability/CVE-2007-6386,,"Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attackers to cause a denial of service (SfCtlCom.exe crash), and allows local users to gain privileges, via a malformed .zip archive with a long name, as demonstrated by a .zip file created via format string specifiers in a crafted .uue file.",Trend Micro,"Trend Micro Antivirus Plus Antispyware,Trend Micro Internet Security Pro,Trend Micro Internet Security  Virus Bust",,,0.0049600000493228436,false,false,false,false,,false,false,2007-12-15T02:00:00.000Z,0
CVE-2007-1591,https://securityvulnerability.io/vulnerability/CVE-2007-1591,,"VsapiNT.sys in the Scan Engine 8.0 for Trend Micro AntiVirus 14.10.1041, and other products, allows remote attackers to cause a denial of service (kernel fault and system crash) via a crafted UPX file with a certain field that triggers a divide-by-zero error.",Trend Micro,Trend Micro Antivirus,,,0.017659999430179596,false,false,false,false,,false,false,2007-03-22T19:00:00.000Z,0
CVE-2007-0856,https://securityvulnerability.io/vulnerability/CVE-2007-0856,,"TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context.",Trend Micro,"Trend Micro Antispyware,Damage Cleanup Services,Tmcomm.sys,Trend Micro Antirootkit Common Module,Pc-cillin Internet Security,Client-server-messaging Security,VSAPini.sys,Trend Micro Antivirus",,,0.0004199999966658652,false,false,false,false,,false,false,2007-02-08T18:00:00.000Z,0