Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
malwarebytes malwarebytes vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-25089
Malwarebytes Binisoft Windows Firewall Control prior to 6.9.9.2 allows remote malicious users to execute arbitrary code via gRPC named pipes.
Malwarebytes Binisoft Windows Firewall Control
5.5
CVSSv3
CVE-2023-29147
In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier.
Malwarebytes Malwarebytes
Malwarebytes Endpoint Detection And Response
7.1
CVSSv3
CVE-2023-27469
Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character.
Malwarebytes Anti-exploit
7.8
CVSSv3
CVE-2023-29145
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file in a debugger.
Malwarebytes Malwarebytes
Malwarebytes Endpoint Detection And Response
7.8
CVSSv3
CVE-2023-36631
Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. NOTE: the vendor's perspective is "this is intended behavior as t...
Malwarebytes Binisoft Windows Firewall Control 6.9.2.0
7.8
CVSSv3
CVE-2023-28892
Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete operation on C:\AdwCleaner\Logs\AdwCleaner_Debug.log in which the target location is user-controllable, allowing a non-admin user to escalate privileges to SYSTEM via a symbolic link.
Malwarebytes Adwcleaner
7.8
CVSSv3
CVE-2023-26088
In Malwarebytes prior to 4.5.23, a symbolic link may be used delete any arbitrary file on the system by exploiting the local quarantine system. It can also lead to privilege escalation in certain scenarios.
Malwarebytes Malwarebytes
7.8
CVSSv3
CVE-2022-25150
In Malwarebytes Binisoft Windows Firewall Control prior to 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.
Malwarebytes Binisoft Windows Firewall Control
7
CVSSv3
CVE-2020-25533
An issue exists in Malwarebytes prior to 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker ...
Malwarebytes Malwarebytes
7.1
CVSSv3
CVE-2020-28641
In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system.
Malwarebytes Endpoint Protection
Malwarebytes Malwarebytes 4.1.0.56
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »