Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
malwarebytes malwarebytes vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2014-4936
The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer prior to 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and previous versions allow man-in-the-middle malicious users to execute arbitrary code by spoofing the update server and uploading an e...
Malwarebytes Malwarebytes Anti-exploit
Malwarebytes Malwarebytes Anti-malware
1 EDB exploit
1 Github repository
6.6
CVSSv2
CVE-2020-28641
In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system.
Malwarebytes Endpoint Protection
Malwarebytes Malwarebytes 4.1.0.56
NA
CVE-2023-29147
In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier.
Malwarebytes Malwarebytes
Malwarebytes Endpoint Detection And Response
NA
CVE-2023-29145
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file in a debugger.
Malwarebytes Malwarebytes
Malwarebytes Endpoint Detection And Response
6.9
CVSSv2
CVE-2020-25533
An issue exists in Malwarebytes prior to 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker ...
Malwarebytes Malwarebytes
NA
CVE-2023-26088
In Malwarebytes prior to 4.5.23, a symbolic link may be used delete any arbitrary file on the system by exploiting the local quarantine system. It can also lead to privilege escalation in certain scenarios.
Malwarebytes Malwarebytes
6.1
CVSSv2
CVE-2018-5274
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E024. NOTE: the vendor reported that they "have not been ...
Malwarebytes Malwarebytes 3.3.1.2183
6.1
CVSSv2
CVE-2018-5270
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e010. NOTE: the vendor reported that they "have not been ...
Malwarebytes Malwarebytes 3.3.1.2183
6.1
CVSSv2
CVE-2018-5272
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e004. NOTE: the vendor reported that they "have not been ...
Malwarebytes Malwarebytes 3.3.1.2183
6.1
CVSSv2
CVE-2018-5273
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e014. NOTE: the vendor reported that they "have not been ...
Malwarebytes Malwarebytes 3.3.1.2183
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »