Trendmicro: >> Apex Central >> 2019 Security Vulnerabilities
A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations.
Please note: authentication is not required in order to exploit this vulnerability..
CVSS Score
7.5
EPSS Score
0.003
Published
2026-01-08
A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations.
Please note: authentication is not required in order to exploit this vulnerability.
CVSS Score
7.5
EPSS Score
0.003
Published
2026-01-08
A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations.
CVSS Score
9.8
EPSS Score
0.002
Published
2026-01-08
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modTMSM component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-06-17
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modOSCE component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-06-17
An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49219 but is in a different method.
CVSS Score
9.8
EPSS Score
0.063
Published
2025-06-17
A Local File Inclusion vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to gain remote code execution on affected installations.
CVSS Score
7.5
EPSS Score
0.005
Published
2025-06-17
An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to upload arbitrary files on affected installations.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-06-17
A Local File Inclusion vulnerability in a Trend Micro Apex Central widget in versions below 8.0.6955 could allow an attacker to include arbitrary files to execute as PHP code and lead to remote code execution on affected installations.
CVSS Score
7.5
EPSS Score
0.005
Published
2025-06-17
An insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method.
CVSS Score
9.8
EPSS Score
0.058
Published
2025-06-17
Page 1