Filtered by vendor Malwarebytes
Subscriptions
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-36631 | 1 Malwarebytes | 1 Binisoft Windows Firewall Control | 2024-08-02 | 7.8 High |
| Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. NOTE: the vendor's perspective is "this is intended behavior as the application can be locked using a password." | ||||
| CVE-2023-29145 | 1 Malwarebytes | 2 Endpoint Detection And Response, Malwarebytes | 2024-08-02 | 7.8 High |
| The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file in a debugger. | ||||
| CVE-2023-29147 | 1 Malwarebytes | 2 Endpoint Detection And Response, Malwarebytes | 2024-08-02 | 5.5 Medium |
| In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier. | ||||
| CVE-2023-28892 | 1 Malwarebytes | 1 Adwcleaner | 2024-08-02 | 7.8 High |
| Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete operation on C:\AdwCleaner\Logs\AdwCleaner_Debug.log in which the target location is user-controllable, allowing a non-admin user to escalate privileges to SYSTEM via a symbolic link. | ||||
| CVE-2023-27469 | 1 Malwarebytes | 1 Anti-exploit | 2024-08-02 | 7.1 High |
| Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character. | ||||
| CVE-2023-26088 | 1 Malwarebytes | 1 Malwarebytes | 2024-08-02 | 7.8 High |
| In Malwarebytes before 4.5.23, a symbolic link may be used delete any arbitrary file on the system by exploiting the local quarantine system. It can also lead to privilege escalation in certain scenarios. | ||||