Known Vulnerabilities for products from Trend Micro
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Trend Micro".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2018-18333 | A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an att... | 7.8 - HIGH | 2019-02-05 | 2021-09-09 |
| CVE-2018-6218 | A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code o... | 7 - HIGH | 2018-02-16 | 2021-09-13 |
| CVE-2017-6798 | Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitr... | 7.8 - HIGH | 2017-03-10 | 2022-05-01 |
| CVE-2016-6270 | The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infra... | 8.8 - HIGH | 2017-01-30 | 2021-09-13 |
| CVE-2016-6269 | Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2... | 9.1 - CRITICAL | 2017-01-30 | 2021-09-09 |
| CVE-2016-6268 | Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webs... | 7.8 - HIGH | 2017-01-30 | 2021-09-09 |
| CVE-2016-6267 | SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allo... | 8.8 - HIGH | 2017-01-30 | 2021-09-09 |
| CVE-2016-6266 | ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before buil... | 8.8 - HIGH | 2017-01-30 | 2021-09-09 |
| CVE-2016-5840 | hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote adminis... | 7.2 - HIGH | 2016-06-30 | 2016-11-28 |
| CVE-2016-4351 | SQL injection vulnerability in the authentication functionality in Trend Micro Email Encryption Gateway (TMEEG) 5.5 before bu... | 9.8 - CRITICAL | 2016-05-05 | 2021-09-09 |
| CVE-2016-3987 | The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter... | 9.8 - CRITICAL | 2016-04-12 | 2021-09-09 |
| CVE-2016-3664 | Trend Micro Mobile Security for iOS before 3.2.1188 does not verify the X.509 certificate of the mobile application login ser... | 7.4 - HIGH | 2016-05-23 | 2016-05-25 |
| CVE-2016-1224 | CRLF injection vulnerability in Trend Micro Worry-Free Business Security Service 5.x and Worry-Free Business Security 9.0 all... | 6.1 - MEDIUM | 2016-06-19 | 2021-09-09 |
| CVE-2016-1223 | Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free B... | 5.3 - MEDIUM | 2016-06-19 | 2021-08-12 |
| CVE-2015-3326 | Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates ... | 5 - MEDIUM | 2015-05-14 | 2017-01-03 |
| CVE-2015-2873 | Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software before 3.5.1477, 3.6.x before 3.... | 5.5 - MEDIUM | 2015-08-23 | 2021-09-09 |
| CVE-2015-2872 | Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat ap... | 4.3 - MEDIUM | 2015-08-23 | 2021-09-09 |
| CVE-2012-2998 | SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before... | 7.5 - HIGH | 2012-09-28 | 2013-02-14 |
| CVE-2011-5001 | Stack-based buffer overflow in the CGenericScheduler::AddTask function in cmdHandlerRedAlertController.dll in CmdProcessor.ex... | 10 - HIGH | 2011-12-25 | 2018-10-09 |
| CVE-2008-5545 | Trend Micro VSAPI 8.700.0.1004 in Trend Micro AntiVirus, when Internet Explorer 6 or 7 is used, allows remote attackers to by... | 9.3 - HIGH | 2008-12-12 | 2018-10-11 |
Known software with vulnerabilities from Trend Micro
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Trend Micro | Hijackthis | 1.99.1 |
| Application | Trend Micro | Interscan Web Security Suite | 2.5 |
| Application | Trend Micro | Interscan Web Security Virtual Appliance | 3.1 |
| Application | Trend Micro | Mobile Security | 3.1 |
| Application | Trend Micro | Trend Micro Common Cgi | 2.0.0.1227 |
| Application | Trend Micro | Trend Micro Portalprotect | 1.7 |