Search Results (92 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-42522 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 7.5 High
Certain WithSecure products allow a remote crash of a scanning engine via processing of an import struct in a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42521 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 7.5 High
Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42520 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 7.5 High
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2022-25331 2 Microsoft, Trendmicro 4 Windows, Serverprotect, Serverprotect For Network Appliance Filer and 1 more 2024-11-21 7.5 High
Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.
CVE-2022-25330 2 Microsoft, Trendmicro 4 Windows, Serverprotect, Serverprotect For Network Appliance Filer and 1 more 2024-11-21 9.8 Critical
Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.
CVE-2022-25329 2 Microsoft, Trendmicro 4 Windows, Serverprotect, Serverprotect For Network Appliance Filer and 1 more 2024-11-21 9.8 Critical
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with access to the Information Server could exploit this to register to the server and perform authenticated actions.
CVE-2021-44750 2 F-secure, Microsoft 6 Client Security, Countercept, Elements and 3 more 2024-11-21 6.4 Medium
An arbitrary code execution vulnerability was found in the F-Secure Support Tool. A standard user can craft a special configuration file, which when run by administrator can execute any commands.
CVE-2021-3115 5 Fedoraproject, Golang, Microsoft and 2 more 7 Fedora, Go, Windows and 4 more 2024-11-21 7.5 High
Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).
CVE-2021-25252 7 Apple, Emc, Linux and 4 more 25 Macos, Celerra Network Attached Storage, Linux Kernel and 22 more 2024-11-21 5.5 Medium
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
CVE-2020-8607 2 Microsoft, Trendmicro 13 Windows, Antivirus Toolkit, Apex One and 10 more 2024-11-21 6.7 Medium
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
CVE-2019-14688 2 Microsoft, Trendmicro 9 Windows, Control Manager, Endpoint Sensor and 6 more 2024-11-21 7.0 High
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run.
CVE-2019-13163 4 Fujitsu, Microsoft, Oracle and 1 more 65 Celsius, Celsius Firmware, Gp7000f and 62 more 2024-11-21 5.9 Medium
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15.