Skip to main content
CVE-2020-4607 HIGH PATCH This Week

IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Hashicorp IBM Authentication Bypass Security Verify Privilege Vault Remote On Premises
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-25773 HIGH This Week

A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Trend Micro Apex One
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2020-24563 HIGH This Week

A vulnerability in Trend Micro Apex One may allow a local attacker to manipulate the process of the security agent unload option (if configured), which then could be manipulated to gain a privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Trend Micro Privilege Escalation Authentication Bypass Apex One
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-24562 HIGH This Week

A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Trend Micro Privilege Escalation Microsoft Officescan
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-15216 MEDIUM PATCH This Month

In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Jwt Attack Authentication Bypass Goxmldsig Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-25775 MEDIUM This Month

The Trend Micro Security 2020 (v16) consumer family of products is vulnerable to a security race condition arbitrary file deletion vulnerability that could allow an unprivileged user to manipulate. Rated medium severity (CVSS 6.3). No vendor patch available.

Race Condition Trend Micro Information Disclosure Antivirus 2020 Internet Security 2020 +2
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2020-25772 MEDIUM This Month

An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Trend Micro Information Disclosure Apex One
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-25771 MEDIUM This Month

An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Trend Micro Information Disclosure Apex One
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-25770 MEDIUM This Month

An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Trend Micro Information Disclosure Apex One
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-24565 MEDIUM This Month

An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Trend Micro Information Disclosure Apex One
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-24564 MEDIUM This Month

An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Trend Micro Information Disclosure Apex One
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2020-25774 MEDIUM This Month

A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to trigger an out-of-bounds red information disclosure which would disclose sensitive information to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Trend Micro Information Disclosure Apex One
NVD
CVSS 3.1
4.3
EPSS
2.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy