Export limit exceeded: 363303 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363303 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363303 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-25240 2 Microsoft, Trendmicro 4 Windows, Apex One, Officescan and 1 more 2024-11-21 5.3 Medium
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain x64 agent hofitx information.
CVE-2021-25239 2 Microsoft, Trendmicro 4 Windows, Apex One, Officescan and 1 more 2024-11-21 5.3 Medium
An improper access control vulnerability in Trend Micro Apex One (on-prem), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about x86 agent hotfixes.
CVE-2021-25238 2 Microsoft, Trendmicro 3 Windows, Officescan, Worry-free Business Security 2024-11-21 5.3 Medium
An improper access control information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about an agent's managing port.
CVE-2021-25237 2 Microsoft, Trendmicro 2 Windows, Apex One 2024-11-21 5.3 Medium
An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an unauthenticated user to obtain information about the managing port used by agents.
CVE-2021-25236 2 Microsoft, Trendmicro 3 Windows, Officescan, Worry-free Business Security 2024-11-21 5.3 Medium
A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a specific sweep.
CVE-2021-25235 2 Microsoft, Trendmicro 3 Windows, Apex One, Officescan 2024-11-21 5.3 Medium
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about a content inspection configuration file.
CVE-2021-25234 2 Microsoft, Trendmicro 4 Windows, Apex One, Officescan and 1 more 2024-11-21 5.3 Medium
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific notification configuration file.
CVE-2021-25233 2 Microsoft, Trendmicro 4 Windows, Apex One, Officescan and 1 more 2024-11-21 5.3 Medium
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific configuration download file.
CVE-2021-25232 2 Microsoft, Trendmicro 3 Windows, Apex One, Officescan 2024-11-21 5.3 Medium
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database.
CVE-2021-25231 2 Microsoft, Trendmicro 4 Windows, Apex One, Officescan and 1 more 2024-11-21 5.3 Medium
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific hotfix history file.
CVE-2021-25230 2 Microsoft, Trendmicro 3 Windows, Apex One, Officescan 2024-11-21 5.3 Medium
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the contents of a scan connection exception file.
CVE-2021-25229 1 Trendmicro 2 Apex One, Officescan 2024-11-21 5.3 Medium
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the database server.
CVE-2021-25228 1 Trendmicro 3 Apex One, Officescan, Worry-free Business Security 2024-11-21 5.3 Medium
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about hotfix history.
CVE-2021-25227 1 Trendmicro 1 Antivirus 2024-11-21 3.3 Low
Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability - i.e. the attacker must already have access to the target system (either legitimately or via another exploit).
CVE-2021-25226 1 Trendmicro 1 Serverprotect 2024-11-21 5.5 Medium
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scan engine component. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2021-25225 1 Trendmicro 1 Serverprotect 2024-11-21 5.5 Medium
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scheduled scan component. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2021-25224 1 Trendmicro 1 Serverprotect 2024-11-21 5.5 Medium
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a manual scan component. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2021-25220 6 Fedoraproject, Isc, Juniper and 3 more 50 Fedora, Bind, Junos and 47 more 2024-11-21 6.8 Medium
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.
CVE-2021-25219 7 Debian, Fedoraproject, Isc and 4 more 24 Debian Linux, Fedora, Bind and 21 more 2024-11-21 5.3 Medium
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing.
CVE-2021-25218 2 Fedoraproject, Isc 2 Fedora, Bind 2024-11-21 7.5 High
In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND 9 releases 9.16.19, 9.17.16, and release 9.16.19-S1 of the BIND Supported Preview Edition.