cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-52331,https://securityvulnerability.io/vulnerability/CVE-2023-52331,Server-Side Request Forgery Vulnerability in Trend Micro Apex Central,"A post-authenticated server-side request forgery (SSRF) vulnerability exists in Trend Micro Apex Central, raising concerns about the potential for malicious actors to interact with internal or local services. To exploit this vulnerability, an attacker must possess the capability to execute low-privileged code on the affected system, which may enable them to gain unauthorized access to sensitive internal resources.",Trend Micro,Trend Micro Apex Central,7.1,HIGH,0.0007399999885819852,false,,false,false,false,,,false,false,,2024-01-23T20:42:46.349Z,0
CVE-2023-52330,https://securityvulnerability.io/vulnerability/CVE-2023-52330,Cross-Site Scripting Vulnerability in Trend Micro Apex Central,"A cross-site scripting vulnerability in Trend Micro Apex Central allows attackers to craft malicious pages that, if visited by users, can lead to arbitrary code execution on affected systems. This vulnerability requires user interaction, making it crucial for organizations to educate users about the risks of opening untrusted links or files.",Trend Micro,Trend Micro Apex Central,6.1,MEDIUM,0.014410000294446945,false,,false,false,false,,,false,false,,2024-01-23T20:42:34.678Z,0
CVE-2023-52329,https://securityvulnerability.io/vulnerability/CVE-2023-52329,Cross-Site Scripting Vulnerability in Trend Micro Apex Central On-Premise,"Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks. This vulnerability could potentially allow attackers to execute malicious scripts on affected servers, leading to unauthorized access and exploitation of sensitive data.",Trend Micro,Trend Micro Apex Central,6.1,MEDIUM,0.015709999948740005,false,,false,false,false,,,false,false,,2024-01-23T20:42:13.269Z,0
CVE-2023-52328,https://securityvulnerability.io/vulnerability/CVE-2023-52328,Cross-Site Scripting Vulnerability in Trend Micro Apex Central Dashboards,"Certain dashboard widgets within Trend Micro Apex Central are susceptible to cross-site scripting (XSS) attacks. This vulnerability could enable an attacker to execute remote code on compromised servers, posing a significant risk to the integrity and security of the affected system. Proper mitigations and updates are recommended to protect against potential exploitation.",Trend Micro,Trend Micro Apex Central,6.1,MEDIUM,0.015709999948740005,false,,false,false,false,,,false,false,,2024-01-23T20:42:01.780Z,0
CVE-2023-52327,https://securityvulnerability.io/vulnerability/CVE-2023-52327,Cross-Site Scripting Vulnerability in Trend Micro Apex Central,"Certain dashboard widgets in Trend Micro Apex Central (on-premise) are susceptible to cross-site scripting vulnerabilities. An attacker exploiting this flaw could execute arbitrary scripts in the context of the victim's session. This could potentially lead to unauthorized access and actions being performed on the affected servers, emphasizing the need for immediate attention to security protocols to mitigate associated risks.",Trend Micro,Trend Micro Apex Central,6.1,MEDIUM,0.015709999948740005,false,,false,false,false,,,false,false,,2024-01-23T20:41:50.167Z,0
CVE-2023-52326,https://securityvulnerability.io/vulnerability/CVE-2023-52326,Cross-Site Scripting Vulnerability in Trend Micro Apex Central,"Trend Micro Apex Central, specifically its dashboard widgets, is susceptible to cross-site scripting (XSS) attacks. Exploiting this vulnerability enables attackers to execute arbitrary code remotely on the server, jeopardizing sensitive information and overall system integrity. This vulnerability poses a significant risk to the security posture of organizations using the affected versions of Apex Central.",Trend Micro,Trend Micro Apex Central,6.1,MEDIUM,0.015709999948740005,false,,false,false,false,,,false,false,,2024-01-23T20:41:39.424Z,0
CVE-2023-52325,https://securityvulnerability.io/vulnerability/CVE-2023-52325,Local File Inclusion Vulnerability in Trend Micro Apex Central,A local file inclusion vulnerability has been identified in a widget of Trend Micro Apex Central. This vulnerability permits remote attackers to execute arbitrary code on installations of the application. It requires the attacker to have valid credentials to the target system and must be combined with another vulnerability for effective exploitation. Proper security measures and patches should be implemented immediately to mitigate risks associated with this vulnerability.,Trend Micro,Trend Micro Apex Central,7.5,HIGH,0.01448999997228384,false,,false,false,false,,,false,false,,2024-01-23T20:41:25.754Z,0
CVE-2023-52324,https://securityvulnerability.io/vulnerability/CVE-2023-52324,Unrestricted File Upload Vulnerability in Trend Micro Apex Central,"An unrestricted file upload vulnerability exists in Trend Micro Apex Central that enables a remote attacker to create arbitrary files on vulnerable installations. While the presence of valid credentials is necessary for exploitation, this vulnerability poses a significant risk as it can be leveraged to upload malicious files. Furthermore, it may be utilized in conjunction with other vulnerabilities to facilitate the execution of arbitrary code, thus compromising the integrity and security of the affected systems.",Trend Micro,Trend Micro Apex Central,8.8,HIGH,0.005319999996572733,false,,false,false,false,,,false,false,,2024-01-23T20:41:10.369Z,0
CVE-2023-38627,https://securityvulnerability.io/vulnerability/CVE-2023-38627,Server-Side Request Forgery Issue in Trend Micro Apex Central,"A server-side request forgery (SSRF) vulnerability exists in Trend Micro Apex Central 2019 prior to build 6481, enabling an attacker with low-privileged code execution on the target system to directly interact with internal or local services. This vulnerability poses a significant risk to the confidentiality and integrity of internal network resources. Mitigating this threat requires immediate updates to the affected product versions to prevent unauthorized access and potential exploitation.",Trend Micro,Trend Micro Apex Central,5.4,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2024-01-23T20:34:54.008Z,0
CVE-2023-38626,https://securityvulnerability.io/vulnerability/CVE-2023-38626,Server-Side Request Forgery Vulnerability in Trend Micro Apex Central,"A post-authenticated server-side request forgery (SSRF) vulnerability exists in Trend Micro Apex Central 2019, versions below build 6481. This vulnerability allows attackers with low-privileged code execution to interact directly with internal or local services, potentially leading to unauthorized access or data exposure. Effective security measures should be implemented to mitigate this risk, as it poses a significant threat to the confidentiality and integrity of the affected systems.",Trend Micro,Trend Micro Apex Central,5.4,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2024-01-23T20:34:41.067Z,0
CVE-2023-38625,https://securityvulnerability.io/vulnerability/CVE-2023-38625,Server-Side Request Forgery Vulnerability in Trend Micro Apex Central,"A post-authenticated server-side request forgery (SSRF) vulnerability exists in Trend Micro Apex Central 2019, prior to build 6481. This vulnerability can allow a malicious actor, who has already gained low-privileged access to execute code on the server, to interact with internal or local services. The exploitation of this flaw could potentially lead to unauthorized access to sensitive data or internal network resources, posing a significant security threat for organizations relying on the product. It is crucial for users to ensure that their systems are updated to mitigate the risks associated with this vulnerability.",Trend Micro,Trend Micro Apex Central,5.4,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2024-01-23T20:34:25.108Z,0
CVE-2023-38624,https://securityvulnerability.io/vulnerability/CVE-2023-38624,Post-Authenticated SSRF Vulnerability in Trend Micro Apex Central,"A post-authenticated server-side request forgery (SSRF) vulnerability exists in Trend Micro Apex Central 2019, specifically in versions prior to build 6481. This vulnerability enables an attacker, who has previously gained access to execute low-privileged code, to send crafted requests and interact with internal or local services on the affected system. While the attacker requires initial access, the potential for exploiting local resources poses significant concerns for the security of organizational data and services. This flaw, while akin to other related vulnerabilities, warrants immediate attention from system administrators and security teams.",Trend Micro,Trend Micro Apex Central,5.4,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2024-01-23T20:34:05.300Z,0
CVE-2023-32605,https://securityvulnerability.io/vulnerability/CVE-2023-32605,Authenticated Reflected XSS Vulnerability in Trend Micro Apex Central,Trend Micro Apex Central (on-premise) is susceptible to authenticated reflected cross-site scripting (XSS) attacks due to insufficient user input validation and sanitization. An attacker who has successfully authenticated to Apex Central can exploit this vulnerability to execute malicious scripts in the context of the user's session. This could lead to unauthorized actions being performed on behalf of the user or the theft of sensitive information. Organizations using affected versions are advised to implement necessary updates and security measures to mitigate potential risks.,Trend Micro,Trend Micro Apex Central,5.4,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2023-06-26T22:15:00.000Z,0
CVE-2023-32529,https://securityvulnerability.io/vulnerability/CVE-2023-32529,SQL Injection Vulnerabilities in Trend Micro Apex Central,"The on-premise version of Trend Micro Apex Central has multiple vulnerabilities that enable authenticated users to execute SQL injection attacks. This can potentially lead to remote code execution, putting sensitive data and system integrity at risk. To exploit these vulnerabilities, an attacker must first gain authentication on the target system, creating a significant threat for environments deploying affected versions of this security solution. Organizations should assess their systems for exposure to ensure they are safeguarded against these risks.",Trend Micro,Trend Micro Apex Central,8.8,HIGH,0.010409999638795853,false,,false,false,false,,,false,false,,2023-06-26T22:15:00.000Z,0
CVE-2023-32530,https://securityvulnerability.io/vulnerability/CVE-2023-32530,Trend Micro Apex Central Vulnerabilities Could Lead to Remote Code Execution,"Certain modules in Trend Micro Apex Central (on-premise) are susceptible to SQL injection vulnerabilities, which enable authenticated users to execute arbitrary SQL commands. This could potentially lead to remote code execution on the affected system. It’s essential for users to ensure proper authentication measures are in place to mitigate the risks associated with these vulnerabilities.",Trend Micro,Trend Micro Apex Central,8.8,HIGH,0.010409999638795853,false,,false,false,false,,,false,false,,2023-06-26T22:15:00.000Z,0
CVE-2023-32531,https://securityvulnerability.io/vulnerability/CVE-2023-32531,Cross-Site Scripting Vulnerability in Trend Micro Apex Central,"Certain dashboard widgets within Trend Micro Apex Central (on-premise) are susceptible to cross-site scripting (XSS) attacks. This vulnerability allows an attacker to execute malicious scripts in the context of an affected user’s session, potentially leading to unauthorized remote code execution on the server. Organizations utilizing this product should promptly assess their systems to mitigate the security risk and prevent exploitation.",Trend Micro,Trend Micro Apex Central,6.1,MEDIUM,0.0038799999747425318,false,,false,false,false,,,false,false,,2023-06-26T22:15:00.000Z,0
CVE-2023-32532,https://securityvulnerability.io/vulnerability/CVE-2023-32532,Cross-Site Scripting Vulnerability in Trend Micro Apex Central,"Certain dashboard widgets within the on-premise version of Trend Micro Apex Central are susceptible to cross-site scripting (XSS) attacks. An attacker exploiting this vulnerability can execute arbitrary scripts in the context of the user's session, potentially leading to unauthorized actions, data leakage, or remote code execution on compromised servers. Immediate remediation is advised to protect against these security risks.",Trend Micro,Trend Micro Apex Central,6.1,MEDIUM,0.0038799999747425318,false,,false,false,false,,,false,false,,2023-06-26T22:15:00.000Z,0
CVE-2023-32533,https://securityvulnerability.io/vulnerability/CVE-2023-32533,Cross-Site Scripting Flaw in Trend Micro Apex Central Dashboard Widgets,"The dashboard widgets in Trend Micro Apex Central (on-premise) are susceptible to cross-site scripting (XSS) vulnerabilities. An attacker exploiting this flaw could execute arbitrary code on the affected server, potentially leading to significant security risks and data breaches. This vulnerability is part of a series of related issues but presents a unique method for compromising the server's integrity.",Trend Micro,Trend Micro Apex Central,6.1,MEDIUM,0.0038799999747425318,false,,false,false,false,,,false,false,,2023-06-26T22:15:00.000Z,0
CVE-2023-32534,https://securityvulnerability.io/vulnerability/CVE-2023-32534,Cross-Site Scripting Vulnerability in Trend Micro Apex Central,Certain dashboard widgets within Trend Micro Apex Central (on-premise) are susceptible to cross-site scripting (XSS) vulnerabilities. These weaknesses could potentially allow attackers to execute remote code on compromised servers. Vigilance is necessary as such vulnerabilities can lead to significant security breaches if exploited.,Trend Micro,Trend Micro Apex Central,6.1,MEDIUM,0.0038799999747425318,false,,false,false,false,,,false,false,,2023-06-26T22:15:00.000Z,0
CVE-2023-32535,https://securityvulnerability.io/vulnerability/CVE-2023-32535,Cross-Site Scripting Vulnerability in Trend Micro Apex Central Dashboard,"Certain dashboard widgets on Trend Micro Apex Central are susceptible to cross-site scripting (XSS) attacks. This vulnerability could potentially allow attackers to execute remote code on the affected servers, posing significant security risks. Successful exploitation of this weakness may enable unauthorized access and manipulation of sensitive information, making it crucial for users to promptly address the issue.",Trend Micro,Trend Micro Apex Central,6.1,MEDIUM,0.0038799999747425318,false,,false,false,false,,,false,false,,2023-06-26T22:15:00.000Z,0
CVE-2023-32536,https://securityvulnerability.io/vulnerability/CVE-2023-32536,Reflected Cross-Site Scripting Vulnerability in Trend Micro Apex Central,"Trend Micro Apex Central (on-premise) is susceptible to reflected cross-site scripting (XSS) attacks due to inadequacies in user input validation and sanitization. This vulnerability requires an attacker to first authenticate to the system, making it paramount for users to implement robust access controls and regularly update their software to mitigate potential exploitation.",Trend Micro,Trend Micro Apex Central,5.4,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2023-06-26T22:15:00.000Z,0
CVE-2023-32537,https://securityvulnerability.io/vulnerability/CVE-2023-32537,Authenticated Reflected Cross-Site Scripting Vulnerability in Trend Micro Apex Central,"The vulnerability in Trend Micro Apex Central (on-premise) could allow an attacker to execute authenticated reflected cross-site scripting (XSS) attacks. This arises from insufficient validation and sanitization of user inputs. An attacker must first gain authenticated access to exploit this vulnerability, posing risks to user security and system integrity. Organizations relying on Apex Central are encouraged to apply any necessary security patches and implement workflow modifications to mitigate potential risks.",Trend Micro,Trend Micro Apex Central,5.4,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2023-06-26T22:15:00.000Z,0
CVE-2023-32604,https://securityvulnerability.io/vulnerability/CVE-2023-32604,Reflected Cross-Site Scripting Vulnerability in Trend Micro Apex Central,"Trend Micro Apex Central (on-premise) exhibits vulnerabilities due to improper validation and sanitization of user input, which may lead to reflected cross-site scripting (XSS) attacks. Successful exploitation requires that an attacker gains authentication to the affected system. This weakness allows attackers to execute malicious scripts in users' browsers, potentially compromising sensitive information and affecting overall security. Users of affected versions should implement necessary security measures and update to the latest version to mitigate risks.",Trend Micro,Trend Micro Apex Central,5.4,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2023-06-26T22:15:00.000Z,0
CVE-2022-26871,https://securityvulnerability.io/vulnerability/CVE-2022-26871,Arbitrary File Upload Vulnerability in Trend Micro Apex Central,"An arbitrary file upload flaw in Trend Micro Apex Central can enable unauthenticated remote attackers to upload files of their choice. This vulnerability may subsequently lead to potential remote code execution, allowing malicious actors to manipulate the system and gain unauthorized access. Proper security measures and patching are essential to mitigate the risks associated with this vulnerability.",Trend Micro,Trend Micro Apex Central,9.8,CRITICAL,0.6937000155448914,true,2022-03-31T00:00:00.000Z,false,false,true,2022-03-31T00:00:00.000Z,,false,false,,2022-03-29T20:45:20.000Z,0
CVE-2019-19692,https://securityvulnerability.io/vulnerability/CVE-2019-19692,Cross-Site Scripting Vulnerability in Trend Micro Apex One,Trend Micro Apex One (2019) is vulnerable to a cross-site scripting (XSS) attack through its product console. This issue allows attackers to inject malicious scripts into web pages viewed by users. It is important to note that the Japanese version of this product is not susceptible to this vulnerability. Users are encouraged to apply recommended updates and monitor for any suspicious activity to safeguard their systems.,Trend Micro,Trend Micro Apex Central,6.1,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2019-12-20T04:05:22.000Z,0