Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft windows defender - vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2020-0835
An elevation of privilege vulnerability exists when Windows Defender antimalware platform improperly handles hard links, aka 'Windows Defender Antimalware Platform Hard Link Elevation of Privilege Vulnerability'.
Microsoft Windows Defender -
1 Article
NA
CVE-2023-36422
Microsoft Windows Defender Elevation of Privilege Vulnerability
Microsoft Windows Defender
NA
CVE-2023-38175
Microsoft Windows Defender Elevation of Privilege Vulnerability
Microsoft Windows Defender
NA
CVE-2022-29799
A vulnerability was found in networkd-dispatcher. This flaw exists because no functions are sanitized by the OperationalState or the AdministrativeState of networkd-dispatcher. This attack leads to a directory traversal to escape from the “/etc/networkd-dispatcher” ba...
Microsoft Windows Defender For Endpoint
2 Github repositories
1 Article
NA
CVE-2022-29800
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-...
Microsoft Windows Defender For Endpoint -
2 Github repositories
1 Article
NA
CVE-2023-38163
Windows Defender Attack Surface Reduction Security Feature Bypass
Microsoft Windows Defender Security Intelligence Updates
9.3
CVSSv2
CVE-2006-5270
Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, Defender, and Forefront Security, allows user-assisted remote malicious users to execute arbitrary code via a crafted PDF file.
Microsoft Antigen
Microsoft Forefront Security
Microsoft Malware Protection Engine
Microsoft Windows Defender
Microsoft Windows Live Onecare
7.2
CVSSv2
CVE-2011-0037
Microsoft Malware Protection Engine prior to 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privile...
Microsoft Windows Defender
Microsoft Forefront Client Security
Microsoft Malware Protection Engine 1.1.3520.0
Microsoft Malware Protection Engine
Microsoft Windows Live Onecare
Microsoft Security Essentials
Microsoft Forefront Endpoint Protection 2010 -
Microsoft Malware Protection Engine 0.1.13.192
Microsoft Malicious Software Removal Tool
6.5
CVSSv2
CVE-2021-1674
Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows 10 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1909
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 2004
Microsoft Windows 10 20h2
Microsoft Windows Server 2016 20h2
1 Article
5
CVSSv2
CVE-2008-1438
Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent malicious users to cause a denial of service (disk space exhaustion) via a file with "crafted data stru...
Microsoft Malware Protection Engine 1.1.3520.0
Microsoft Windows Defender
Microsoft Diagnostics And Recovery Toolkit 6.0
Microsoft Forefront Client Security
Microsoft Forefront Security For Exchange Server
Microsoft Forefront Security For Sharepoint
Microsoft Malware Protection Engine 0.1.13.192
Microsoft Antigen For Exchange
Microsoft Antigen For Smtp Gateway
Microsoft Windows Live Onecare
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »