Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2019-18191 | A privilege escalation vulnerability in the Trend Micro Deep Security as a Service Quick Setup cloud formation template could allow an authenticated entity with certain unrestricted AWS execution privileges to escalate to full privileges within the target AWS account. | 8.8 | 2.19% | 2019-12-16 | 2026-06-16 |
| CVE-2019-19688 | A privilege escalation vulnerability in Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited allowing an attacker to place a malicious DLL file into the application directory and elevate privileges. | 7.8 | 0.56% | 2019-12-18 | 2026-06-16 |
| CVE-2019-19689 | Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL Hijack related to a vulnerability on the packer that the program uses. | 7.8 | 0.56% | 2019-12-18 | 2026-06-16 |
| CVE-2019-19690 | Trend Micro Mobile Security for Android (Consumer) versions 10.3.1 and below on Android 8.0+ has an issue in which an attacker could bypass the product's App Password Protection feature. | 9.8 | 1.46% | 2019-12-18 | 2026-06-16 |
| CVE-2019-19691 | A vulnerability in Trend Micro Apex One and OfficeScan XG could allow an attacker to expose a masked credential key by manipulating page elements using development tools. Note that the attacker must already have admin/root privileges on the product console to exploit this vulnerability. | 4.9 | 1.16% | 2019-12-20 | 2026-06-16 |
| CVE-2019-19692 | Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS) vulnerability on the product console. Note that the Japanese version of the product is NOT affected. | 6.1 | 0.74% | 2019-12-20 | 2026-06-16 |
| CVE-2019-19693 | The Trend Micro Security 2020 consumer family of products contains a vulnerability that could allow a local attacker to disclose sensitive information or to create a denial-of-service condition on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.1 | 0.60% | 2019-12-20 | 2026-06-16 |
| CVE-2019-19695 | A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it. | 7.5 | 3.16% | 2019-12-24 | 2026-06-16 |
| CVE-2019-15625 | A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information. | 5.5 | 0.98% | 2020-01-17 | 2026-06-16 |
| CVE-2019-19696 | A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishing sites. | 5.5 | 0.47% | 2020-01-17 | 2026-06-16 |
| CVE-2019-19697 | An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administrator privileges on the target machine in order to exploit the vulnerability. | 6.7 | 0.82% | 2020-01-17 | 2026-06-16 |
| CVE-2019-20357 | A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system. | 7.8 | 0.73% | 2020-01-17 | 2026-06-16 |
| CVE-2019-20358 | Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. Another attack vector similar to CVE-2019-9491 was idenitfied and resolved in version 1.62.0.1228 of the tool. | 7.8 | 4.62% | 2020-01-30 | 2026-06-16 |
| CVE-2019-14688 | Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial product installation by an authorized user. The attacker must convince the target to download malicious DLL locally which must be present when the installer is run. | 7.0 | 1.83% | 2020-02-20 | 2026-06-16 |
| CVE-2019-19694 | The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable to a denial of service (DoS) attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware protection functions or the entire product completely.. | 4.7 | 0.36% | 2020-02-20 | 2026-06-16 |
| CVE-2020-8601 | Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory. | 7.8 | 0.40% | 2020-02-20 | 2026-06-16 |
| CVE-2020-8469 | Trend Micro Password Manager for Windows version 5.0 is affected by a DLL hijacking vulnerability would could potentially allow an attacker privleged escalation. | 7.8 | 0.46% | 2020-03-12 | 2026-06-16 |
| CVE-2020-8467 KEV | A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication. | 8.8 | 10.79% | 2020-03-17 | 2026-06-16 |
| CVE-2020-8468 KEV | Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication. | 8.8 | 5.75% | 2020-03-17 | 2026-06-16 |
| CVE-2020-8470 | Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow an attacker to delete any file on the server with SYSTEM level privileges. Authentication is not required to exploit this vulnerability. | 7.5 | 4.47% | 2020-03-17 | 2026-06-16 |