Skip to main content

Security Essentials

18 CVEs product

Monthly

CVE-2021-24092 HIGH PATCH This Week

Microsoft Defender Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Windows Defender Endpoint Protection Security Essentials +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-1647 HIGH KEV PATCH THREAT This Week

Microsoft Defender Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft RCE Windows Defender Security Essentials System Center Endpoint Protection
NVD
CVSS 3.1
7.8
EPSS
39.7%
CVE-2020-1461 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows Defender Forefront Endpoint Protection 2010 Security Essentials +1
NVD
CVSS 3.1
7.1
EPSS
0.7%
CVE-2020-1170 HIGH POC PATCH This Week

An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows Defender Forefront Endpoint Protection 2010 Security Essentials +1
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2020-1163 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows Defender Forefront Endpoint Protection 2010 Security Essentials +1
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1002 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows Defender Forefront Endpoint Protection 2010 Security Essentials +1
NVD
CVSS 3.1
7.1
EPSS
0.7%
CVE-2019-1255 HIGH PATCH This Week

A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows Defender Forefront Endpoint Protection 2010 Security Essentials +1
NVD
CVSS 3.1
7.5
EPSS
3.9%
CVE-2019-1161 HIGH PATCH This Week

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Windows Defender Forefront Endpoint Protection 2010 Security Essentials System Center Endpoint Protection
NVD
CVSS 3.1
7.1
EPSS
0.9%
CVE-2018-0986 HIGH POC PATCH THREAT This Week

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Microsoft RCE Buffer Overflow Exchange Server +5
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
61.5%
CVE-2017-8558 HIGH POC THREAT Act Now

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 57.8%.

Buffer Overflow RCE Microsoft Windows Defender Endpoint Protection +3
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
57.8%
Threat
4.8
CVE-2017-8537 MEDIUM POC PATCH This Month

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Microsoft Windows Defender Endpoint Protection +5
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
5.0%
CVE-2017-8536 MEDIUM POC PATCH This Month

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Microsoft Windows Defender Endpoint Protection +5
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
5.0%
CVE-2017-8535 MEDIUM POC PATCH This Month

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Microsoft Windows Defender Endpoint Protection +5
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
5.0%
CVE-2012-1459 MEDIUM This Month

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 79.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft V3 Internet Security Avast Antivirus +33
NVD
CVSS 2.0
4.3
EPSS
79.5%
CVE-2012-1457 MEDIUM This Month

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 50.8% and no vendor patch available.

Privilege Escalation Microsoft Esafe Avast Antivirus Vba32 +25
NVD
CVSS 2.0
4.3
EPSS
50.8%
CVE-2012-1453 MEDIUM This Month

The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 78.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft Avl Sdk Etrust Vet Antivirus +13
NVD
CVSS 2.0
4.3
EPSS
78.5%
CVE-2012-1443 MEDIUM This Month

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 50.2% and no vendor patch available.

Privilege Escalation Fortinet Microsoft V3 Internet Security Esafe +34
NVD
CVSS 2.0
4.3
EPSS
50.2%
CVE-2012-1420 MEDIUM This Month

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 16.4% and no vendor patch available.

Privilege Escalation Fortinet Microsoft Command Antivirus Quick Heal +10
NVD
CVSS 2.0
4.3
EPSS
16.4%
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Microsoft Defender Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Windows Defender +3
NVD
EPSS 40% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Microsoft Defender Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft RCE Windows Defender +2
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows Defender +3
NVD
EPSS 2% CVSS 7.8
HIGH POC PATCH This Week

An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows Defender +3
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows Defender +3
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows Defender +3
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows Defender +3
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Windows Defender Forefront Endpoint Protection 2010 +2
NVD
EPSS 61% CVSS 8.8
HIGH POC PATCH THREAT This Week

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Microsoft RCE +7
NVD Exploit-DB
EPSS 58% 4.8 CVSS 7.8
HIGH POC THREAT Act Now

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 57.8%.

Buffer Overflow RCE Microsoft +5
NVD Exploit-DB
EPSS 5% CVSS 5.5
MEDIUM POC PATCH This Month

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Microsoft +7
NVD Exploit-DB
EPSS 5% CVSS 5.5
MEDIUM POC PATCH This Month

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Microsoft +7
NVD Exploit-DB
EPSS 5% CVSS 5.5
MEDIUM POC PATCH This Month

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Microsoft +7
NVD Exploit-DB
EPSS 80% CVSS 4.3
MEDIUM This Month

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 79.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft +35
NVD
EPSS 51% CVSS 4.3
MEDIUM This Month

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 50.8% and no vendor patch available.

Privilege Escalation Microsoft Esafe +27
NVD
EPSS 78% CVSS 4.3
MEDIUM This Month

The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 78.5% and no vendor patch available.

Privilege Escalation Fortinet Microsoft +15
NVD
EPSS 50% CVSS 4.3
MEDIUM This Month

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 50.2% and no vendor patch available.

Privilege Escalation Fortinet Microsoft +36
NVD
EPSS 16% CVSS 4.3
MEDIUM This Month

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 16.4% and no vendor patch available.

Privilege Escalation Fortinet Microsoft +12
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy