Filtered by vendor Trendmicro
Subscriptions
Filtered by product Control Manager
Subscriptions
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-6220 | 1 Trendmicro | 1 Control Manager | 2024-08-06 | 7.5 High |
| Information Disclosure vulnerability in the Dashboard and Error Pages in Trend Micro Control Manager SP3 6.0. | ||||
| CVE-2017-11385 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x6b1b due to lack of proper user input validation in cmdHandlerStatusMonitor.dll. Formerly ZDI-CAN-4545. | ||||
| CVE-2017-11386 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x4707 due to lack of proper user input validation in cmdHandlerNewReportScheduler.dll. Formerly ZDI-CAN-4549. | ||||
| CVE-2017-11390 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| XML external entity (XXE) processing vulnerability in Trend Micro Control Manager 6.0, if exploited, could lead to information disclosure. Formerly ZDI-CAN-4706. | ||||
| CVE-2017-11383 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x1b07 due to lack of proper user input validation in cmdHandlerTVCSCommander.dll. Formerly ZDI-CAN-4560. | ||||
| CVE-2017-11384 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when executing opcode 0x3b21 due to lack of proper user input validation in mdHandlerLicenseManager.dll. Formerly ZDI-CAN-4561. | ||||
| CVE-2017-11388 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| SQL Injection in Trend Micro Control Manager 6.0 causes Remote Code Execution when RestfulServiceUtility.NET.dll doesn't properly validate user provided strings before constructing SQL queries. Formerly ZDI-CAN-4639 and ZDI-CAN-4638. | ||||
| CVE-2017-11389 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| Directory traversal vulnerability in Trend Micro Control Manager 6.0 allows remote code execution by attackers able to drop arbitrary files in a web-facing directory. Formerly ZDI-CAN-4684. | ||||
| CVE-2017-11387 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| Authentication Bypass in Trend Micro Control Manager 6.0 causes Information Disclosure when authentication validation is not done for functionality that can change debug logging level. Formerly ZDI-CAN-4512. | ||||
| CVE-2018-10512 | 2 Microsoft, Trendmicro | 2 Windows, Control Manager | 2024-08-05 | N/A |
| A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, which may lead to a denial of server (DoS). | ||||
| CVE-2018-10510 | 2 Microsoft, Trendmicro | 2 Windows, Control Manager | 2024-08-05 | N/A |
| A Directory Traversal Remote Code Execution vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to execute arbitrary code on vulnerable installations. | ||||
| CVE-2018-10511 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | 10.0 Critical |
| A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnerable installations. | ||||
| CVE-2018-3602 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| An AdHocQuery_Processor SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | ||||
| CVE-2018-3601 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| A password hash usage authentication bypass vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to bypass authentication on vulnerable installations. | ||||
| CVE-2018-3603 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| A CGGIServlet SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | ||||
| CVE-2018-3605 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| TopXXX, ViolationXXX, and IncidentXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | ||||
| CVE-2018-3607 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| XXXTreeNode method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | ||||
| CVE-2018-3606 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | ||||
| CVE-2018-3600 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| A external entity processing information disclosure (XXE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to disclose sensitive information on vulnerable installations. | ||||
| CVE-2018-3604 | 1 Trendmicro | 1 Control Manager | 2024-08-05 | N/A |
| GetXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | ||||