Serverprotect

This hub aggregates every CVE we track for Serverprotect, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Serverprotect.

• CVE-2022-25331Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.7.5Feb 24, 2022
• CVE-2022-25330Integer overflow conditions that exist in Trend Micro ServerProtect 6.0/5.8 Information Server could allow a remote attacker to crash the process or achieve remote code execution.9.8Feb 24, 2022
• CVE-2022-25329Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform authentication when a specific command is typed in the console. An unauthenticated remote attacker with acce...9.8Feb 24, 2022
• CVE-2021-36745A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8, ServerProtect for Network Appliance Filers 5.8, and ServerProtect for Microsoft Windows / Novell Net...9.8Sep 29, 2021
• CVE-2021-25252Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by...5.5Mar 3, 2021
• CVE-2021-25226A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The spe...5.5Jan 27, 2021
• CVE-2021-25225A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The spe...5.5Jan 27, 2021
• CVE-2021-25224A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local attacker to craft specific files that can cause a denial-of-service on the affected product. The spe...5.5Jan 27, 2021
• CVE-2020-28575A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations. An attacker must f...6.7Dec 1, 2020
• CVE-2020-24561A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obtain admin/root privil...9.1Sep 15, 2020
• CVE-2020-8607An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrat...6.7Aug 5, 2020
• CVE-2019-14688Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during ...7.0Feb 20, 2020
• CVE-2017-9037Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web script or HTML via the (1) S44, (2) S5, ...6.1May 25, 2017
• CVE-2017-9036Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by leveraging an unrestricted quarantine directory.7.8May 25, 2017
• CVE-2017-9035Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to eavesdrop and tamper with updates by leveraging unencrypted communications with update servers.7.4May 25, 2017