Skip to main content

Deep Discovery Inspector

7 CVEs product

Monthly

CVE-2024-46903 MEDIUM This Month

A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Trend Micro Deep Discovery Inspector
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2024-46902 CRITICAL Act Now

A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Trend Micro Deep Discovery Inspector
NVD
CVSS 3.1
9.1
EPSS
1.9%
CVE-2021-25252 MEDIUM PATCH This Month

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Trend Micro Apex Central Apex One Cloud Edge +16
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2018-15365 MEDIUM POC This Month

A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro XSS CSRF Deep Discovery Inspector
NVD GitHub
CVSS 3.0
5.4
EPSS
0.8%
CVE-2016-5840 HIGH POC This Week

hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Trend Micro Deep Discovery Inspector
NVD Exploit-DB
CVSS 3.0
7.2
EPSS
7.1%
CVE-2015-2873 MEDIUM PATCH This Month

Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software before 3.5.1477, 3.6.x before 3.6.1217, 3.7.x before 3.7.1248, 3.8.x before 3.8.1263, and other versions. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Trend Micro Information Disclosure Deep Discovery Inspector
NVD
CVSS 2.0
5.5
EPSS
2.5%
CVE-2015-2872 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software before 3.5.1477, 3.6.x before 3.6.1217, 3.7.x. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS PHP Trend Micro Deep Discovery Inspector
NVD
CVSS 2.0
4.3
EPSS
2.6%
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Trend Micro Deep Discovery Inspector
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Trend Micro Deep Discovery Inspector
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Trend Micro Apex Central +18
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro XSS CSRF +1
NVD GitHub
EPSS 7% CVSS 7.2
HIGH POC This Week

hotfix_upload.cgi in Trend Micro Deep Discovery Inspector (DDI) 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) allows remote administrators to execute arbitrary code via shell metacharacters in the filename. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Trend Micro Deep Discovery Inspector
NVD Exploit-DB
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software before 3.5.1477, 3.6.x before 3.6.1217, 3.7.x before 3.7.1248, 3.8.x before 3.8.1263, and other versions. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Trend Micro Information Disclosure Deep Discovery Inspector
NVD
EPSS 3% CVSS 4.3
MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software before 3.5.1477, 3.6.x before 3.6.1217, 3.7.x. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS PHP Trend Micro +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy