Trendmicro Security Vulnerabilities (CVEs)
Track 100 security vulnerabilities affecting Trendmicro products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows remote attackers to download log files containing sensitive information from Trend Micro Mobile Security (Enterprise). Attac...
Jun 26, 2023This vulnerability allows unauthenticated remote attackers to delete arbitrary files on systems running Trend Micro Mobile Security (Enterprise) 9.8 S...
Jun 26, 2023Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widgets with authentication bypass vulnerabilities that allow remote attackers to chain with...
Jun 26, 2023CVE-2023-32527 is a remote code execution vulnerability in Trend Micro Mobile Security (Enterprise) 9.8 SP5 where vulnerable PHP files allow attackers...
Jun 26, 2023This vulnerability allows authenticated users in Trend Micro Apex Central to perform SQL injection attacks that could lead to remote code execution. O...
Jun 26, 2023This CVE describes a Time-of-Check Time-of-Use (TOCTOU) vulnerability in Trend Micro Apex One and Apex One as a Service agents that allows local attac...
Jun 26, 2023This critical vulnerability allows unauthenticated attackers to upload arbitrary files to Trend Micro Apex One management servers via path traversal, ...
Jun 26, 2023CVE-2023-25069 is an improper access control vulnerability in TXOne StellarOne that allows authenticated low-privileged users to escalate their privil...
Mar 22, 2023This CVE describes a local privilege escalation vulnerability in Trend Micro Apex One's scanning function. An attacker with low-privileged access can ...
Mar 10, 2023This vulnerability in Trend Micro Apex One allows a local attacker with low-privileged access to escalate privileges by manipulating file links. Attac...
Mar 10, 2023This vulnerability in Trend Micro Apex One Server installer allows attackers to execute arbitrary code remotely by exploiting an uncontrolled search p...
Mar 10, 2023An unauthenticated remote file upload vulnerability in Trend Micro Apex One allows attackers to upload arbitrary files to the server's SampleSubmissio...
Feb 1, 2023Trend Micro Security 2021 and 2022 (Consumer) contains an out-of-bounds read vulnerability that could allow an attacker to read sensitive information ...
Jul 30, 2022Trend Micro Security 2021 and 2022 consumer versions contain an exposed dangerous method vulnerability that allows attackers to leak kernel memory add...
Jun 9, 2022This vulnerability in Trend Micro Password Manager installer versions 3.7.0.1223 and below allows attackers to execute arbitrary code by placing malic...
May 27, 2022This vulnerability allows a local attacker with existing low-privileged access to escalate privileges by loading a malicious DLL with incorrect permis...
May 27, 2022This vulnerability in Trend Micro Password Manager allows a local attacker with low privileges to delete arbitrary folder contents with SYSTEM-level p...
May 16, 2022This vulnerability in Trend Micro Antivirus for Mac allows attackers with low-level system privileges to create symbolic links that can lead to privil...
Apr 9, 2022CVE-2022-26871 is a critical arbitrary file upload vulnerability in Trend Micro Apex Central that allows unauthenticated remote attackers to upload ma...
Mar 29, 2022This vulnerability in Trend Micro Password Manager installer allows attackers to place malicious DLL files in specific directories, which the installe...
Mar 8, 2022CVE-2022-25331 is a denial-of-service vulnerability in Trend Micro ServerProtection Information Server where uncaught exceptions allow remote attacker...
Feb 24, 2022This vulnerability allows attackers to flood temporary log locations in Trend Micro security agents, consuming all disk space and causing denial-of-se...
Feb 24, 2022This vulnerability allows a local attacker with low-privileged code execution to escalate privileges by creating mount points and deleting arbitrary f...
Feb 24, 2022CVE-2022-25329 is a critical authentication bypass vulnerability in Trend Micro ServerProtect where the Information Server uses static credentials for...
Feb 24, 2022A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux allows authenticated attackers to r...
Jan 20, 2022This vulnerability in Trend Micro Apex One allows a local attacker with initial low-privileged access to manipulate a specially crafted file and issue...
Jan 10, 2022This vulnerability in Trend Micro Worry-Free Business Security allows a local attacker with low-privileged access to escalate privileges on affected s...
Dec 3, 2021This is a local privilege escalation vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 that allows an attacker with low-privileged ac...
Dec 3, 2021A null pointer dereference vulnerability in Trend Micro Apex One and Worry-Free Business Security allows attackers to crash the CGI program on affecte...
Oct 21, 2021A stack-based buffer overflow vulnerability in Trend Micro Apex One and Worry-Free Business Security allows a local attacker with low-privileged code ...
Oct 21, 2021This vulnerability allows a local attacker with low-privileged code execution to escalate privileges on Trend Micro Apex One installations. It affects...
Oct 21, 2021This vulnerability allows a local attacker with low-privileged code execution on affected Trend Micro security products to escalate privileges to high...
Oct 21, 2021This vulnerability allows a local attacker with low-privileged code execution on affected Trend Micro security products to escalate privileges to high...
Oct 21, 2021This vulnerability allows a local attacker with low-privileged code execution on affected Trend Micro security products to escalate privileges via the...
Oct 21, 2021This vulnerability allows remote attackers to bypass authentication mechanisms in Trend Micro ServerProtect products, potentially gaining unauthorized...
Sep 29, 2021This vulnerability allows local privilege escalation in Trend Micro security products. An attacker with low-privileged code execution can modify scrip...
Aug 4, 2021This vulnerability allows authenticated attackers to upload arbitrary files to Trend Micro security products due to improper input validation. Attacke...
Jul 29, 2021This vulnerability allows a local attacker with low-privileged access to escalate privileges and delete files with system-level permissions on Trend M...
Jul 20, 2021This vulnerability allows a local attacker with low-privileged code execution to trigger a buffer overflow via integer truncation, leading to privileg...
Jul 8, 2021CVE-2021-32460 is a local privilege escalation vulnerability in Trend Micro Maximum Security 2021 installer that allows attackers with existing local ...
Jun 3, 2021This CVE describes a stack-based buffer overflow vulnerability in Trend Micro Home Network Security, allowing an attacker with low-privileged code exe...
May 27, 2021This vulnerability in Trend Micro HouseCall for Home Networks installer allows local privilege escalation. An attacker with low-privileged access can ...
May 12, 2021CVE-2021-31520 is a session token authentication bypass vulnerability in Trend Micro IM Security that allows remote attackers to guess administrators'...
May 10, 2021Trend Micro Home Network Security 6.5.599 and earlier contains a file-parsing vulnerability that could allow an attacker to cause a denial-of-service ...
May 5, 2021This vulnerability allows a local attacker with low-privileged access to escalate privileges on Trend Micro Apex One and OfficeScan XG SP1 installatio...
Apr 13, 2021Trend Micro Password Manager 5 (Consumer) has a DLL hijacking vulnerability during installation that allows attackers to place malicious DLLs in insta...
Apr 13, 2021This CVE describes an out-of-bounds write vulnerability in Trend Micro security products that allows a local attacker with low-privileged code executi...
Feb 4, 2021This vulnerability in Trend Micro InterScan Web Security Virtual Appliance allows an attacker to combine CSRF bypass and authentication bypass vulnera...
Dec 17, 2020CVE-2020-28578 is a critical remote code execution vulnerability in Trend Micro InterScan Web Security Virtual Appliance that allows unauthenticated a...
Nov 18, 2020This command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 allows authenticated attackers with admin/root console access to execu...
Sep 15, 2020Why Monitor Trendmicro Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 100+ known vulnerabilities affecting Trendmicro products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Trendmicro packages in under 60 seconds. No agents required - completely agentless scanning that works across Trendmicro deployments.
Free vulnerability database: Access detailed information about every Trendmicro CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Trendmicro CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
