Skip to main content

Malwarebytes

15 CVEs product

Monthly

CVE-2022-50971 HIGH POC This Week

Malwarebytes 4.5 contains an unquoted service path vulnerability in the MBAMService executable that allows local attackers to escalate privileges by injecting malicious code into the system root. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Malwarebytes
NVD Exploit-DB VulDB
CVSS 4.0
8.5
EPSS
0.1%
CVE-2023-29147 MEDIUM This Month

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Endpoint Detection And Response Malwarebytes
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-29145 HIGH This Week

The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Endpoint Detection And Response Malwarebytes
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-26088 HIGH This Week

In Malwarebytes before 4.5.23, a symbolic link may be used delete any arbitrary file on the system by exploiting the local quarantine system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Malwarebytes
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-28641 HIGH This Week

In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Endpoint Protection Malwarebytes
NVD
CVSS 3.1
7.1
EPSS
0.8%
CVE-2018-5279 HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2018-5278 LOW POC Monitor

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
CVSS 3.1
3.3
EPSS
0.4%
CVE-2018-5277 HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5276 HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5275 HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5274 HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5273 HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5272 HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5271 HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-5270 HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
EPSS 0% CVSS 8.5
HIGH POC This Week

Malwarebytes 4.5 contains an unquoted service path vulnerability in the MBAMService executable that allows local attackers to escalate privileges by injecting malicious code into the system root. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Malwarebytes
NVD Exploit-DB VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Endpoint Detection And Response Malwarebytes
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Endpoint Detection And Response Malwarebytes
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In Malwarebytes before 4.5.23, a symbolic link may be used delete any arbitrary file on the system by exploiting the local quarantine system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Malwarebytes
NVD
EPSS 1% CVSS 7.1
HIGH This Week

In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Endpoint Protection Malwarebytes
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
EPSS 0% CVSS 3.3
LOW POC Monitor

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Malwarebytes
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy