Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2023-32622 |
Description: Improper neutralization of special elements in WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to execute OS commands with the root privilege.
CVSS: LOW (0.0) EPSS Score: 0.25%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32621 |
Description: WL-WN531AX2 firmware versions prior to 2023526 allows an attacker with an administrative privilege to upload arbitrary files and execute OS commands with the root privilege.
CVSS: LOW (0.0) EPSS Score: 0.1%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32620 |
Description: Improper authentication vulnerability in WL-WN531AX2 firmware versions prior to 2023526 allows a network-adjacent attacker to obtain a password for the wireless network.
CVSS: LOW (0.0) EPSS Score: 0.06%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32557 |
Description: A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arbitrary file to the Management Server which could lead to remote code execution with system privileges.
CVSS: LOW (0.0) EPSS Score: 0.37%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32556 |
Description: A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32555 |
Description: A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations.
Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This is similar to, but not identical to CVE-2023-32554.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32554 |
Description: A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations.
Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This is similar to, but not identical to CVE-2023-32555.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32553 |
Description: An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents.
This is similar to, but not identical to CVE-2023-32552.
CVSS: LOW (0.0) EPSS Score: 0.24%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32552 |
Description: An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents.
This is similar to, but not identical to CVE-2023-32553
CVSS: LOW (0.0) EPSS Score: 0.24%
December 5th, 2024 (5 months ago)
|
|
CVE-2023-32530 |
Description: Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution.
Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities.
This is similar to, but not identical to CVE-2023-32529.
CVSS: LOW (0.0) EPSS Score: 1.04%
December 5th, 2024 (5 months ago)
|