Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows
Subscriptions
Total
9542 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25249 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2024-11-21 | 7.8 High |
| An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-25248 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2024-11-21 | 5.5 Medium |
| An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow an attacker to disclose sensitive information about a named pipe. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||
| CVE-2021-25247 | 2 Microsoft, Trendmicro | 2 Windows, Housecall For Home Networks | 2024-11-21 | 7.8 High |
| A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution. An attacker must already have user privileges on the machine to exploit this vulnerability. | ||||
| CVE-2021-25243 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2024-11-21 | 5.3 Medium |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain patch level information. | ||||
| CVE-2021-25242 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2024-11-21 | 5.3 Medium |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain version and build information. | ||||
| CVE-2021-25241 | 2 Microsoft, Trendmicro | 3 Windows, Apex One, Worry-free Business Security | 2024-11-21 | 5.3 Medium |
| A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a sweep. | ||||
| CVE-2021-25240 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2024-11-21 | 5.3 Medium |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain x64 agent hofitx information. | ||||
| CVE-2021-25239 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2024-11-21 | 5.3 Medium |
| An improper access control vulnerability in Trend Micro Apex One (on-prem), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about x86 agent hotfixes. | ||||
| CVE-2021-25238 | 2 Microsoft, Trendmicro | 3 Windows, Officescan, Worry-free Business Security | 2024-11-21 | 5.3 Medium |
| An improper access control information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about an agent's managing port. | ||||
| CVE-2021-25237 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2024-11-21 | 5.3 Medium |
| An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an unauthenticated user to obtain information about the managing port used by agents. | ||||
| CVE-2021-25236 | 2 Microsoft, Trendmicro | 3 Windows, Officescan, Worry-free Business Security | 2024-11-21 | 5.3 Medium |
| A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a specific sweep. | ||||
| CVE-2021-25235 | 2 Microsoft, Trendmicro | 3 Windows, Apex One, Officescan | 2024-11-21 | 5.3 Medium |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about a content inspection configuration file. | ||||
| CVE-2021-25234 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2024-11-21 | 5.3 Medium |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific notification configuration file. | ||||
| CVE-2021-25233 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2024-11-21 | 5.3 Medium |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific configuration download file. | ||||
| CVE-2021-25232 | 2 Microsoft, Trendmicro | 3 Windows, Apex One, Officescan | 2024-11-21 | 5.3 Medium |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the SQL database. | ||||
| CVE-2021-25231 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Officescan and 1 more | 2024-11-21 | 5.3 Medium |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about a specific hotfix history file. | ||||
| CVE-2021-25230 | 2 Microsoft, Trendmicro | 3 Windows, Apex One, Officescan | 2024-11-21 | 5.3 Medium |
| An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and OfficeScan XG SP1 could allow an unauthenticated user to obtain information about the contents of a scan connection exception file. | ||||
| CVE-2021-23827 | 4 Apple, Keybase, Microsoft and 1 more | 4 Macos, Keybase, Windows and 1 more | 2024-11-21 | 5.5 Medium |
| Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the "Explode message/Explode now" functionality. Local filesystem access is needed by the attacker. | ||||
| CVE-2021-23219 | 3 Linux, Microsoft, Nvidia | 137 Linux Kernel, Windows, Dgx-1 P100 and 134 more | 2024-11-21 | 4.1 Medium |
| NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to access protected information by identifying, exploiting, and loading vulnerable microcode. Such an attack may lead to information disclosure. | ||||
| CVE-2021-23217 | 3 Linux, Microsoft, Nvidia | 65 Linux Kernel, Windows, Geforce Gt 605 and 62 more | 2024-11-21 | 7.5 High |
| NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components. | ||||