聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2022-28339 | Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability that could allow an attacker with low user privileges to create a malicious DLL that could lead to escalated privileges. | 7.3 | 0.27% | 2025-02-22 | 2026-06-17 |
| CVE-2024-55955 | An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 6.7 | 0.09% | 2024-12-31 | 2026-06-17 |
| CVE-2024-55917 | An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 | 0.26% | 2024-12-31 | 2026-06-17 |
| CVE-2024-55632 | A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 | 0.32% | 2024-12-31 | 2026-06-17 |
| CVE-2024-55631 | An engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 | 0.32% | 2024-12-31 | 2026-06-17 |
| CVE-2024-53647 | Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an attacker to send an unlimited number of email verification requests without any restriction, potentially leading to abuse or denial of service. | 6.5 | 0.29% | 2024-12-31 | 2026-06-17 |
| CVE-2024-52050 | A LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 | 0.47% | 2024-12-31 | 2026-06-17 |
| CVE-2024-52049 | A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52048. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 | 0.32% | 2024-12-31 | 2026-06-17 |
| CVE-2024-52048 | A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52049. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 | 0.32% | 2024-12-31 | 2026-06-17 |
| CVE-2024-52047 | A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.5 | 1.05% | 2024-12-31 | 2026-06-17 |
| CVE-2024-51503 | A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to remotely inject commands to other machines in the same domain. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnera | 8.0 | 4.03% | 2024-11-19 | 2026-06-17 |
| CVE-2024-48904 | An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to execute arbitrary code on affected appliances. Please note: authentication is not required in order to exploit this vulnerability. | 9.8 | 2.46% | 2024-10-22 | 2026-06-17 |
| CVE-2024-48903 | An improper access control vulnerability in Trend Micro Deep Security Agent 20 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 | 0.74% | 2024-10-22 | 2026-06-17 |
| CVE-2024-46903 | A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 6.5 | 1.22% | 2024-10-22 | 2026-06-17 |
| CVE-2024-46902 | A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations. Please note: an attacker must first obtain the ability to execute high-privileged code (admin user rights) on the target system in order to exploit this vulnerability. | 8.4 | 1.86% | 2024-10-22 | 2026-06-17 |
| CVE-2024-45335 | Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection. | 8.4 | 0.17% | 2024-10-22 | 2026-06-17 |
| CVE-2024-45334 | Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions. | 7.8 | 0.09% | 2024-10-22 | 2026-06-17 |
| CVE-2024-41183 | Trend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevation of privileges. | 7.8 | 1.02% | 2024-10-22 | 2026-06-17 |
| CVE-2024-39753 | An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.5 | 2.02% | 2024-10-22 | 2026-06-17 |
| CVE-2024-37289 | An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 7.8 | 0.63% | 2024-06-10 | 2026-06-17 |