Filtered by vendor Malwarebytes
Subscribe
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-6260 | 1 Malwarebytes | 1 Antimalware | 2025-08-15 | N/A | 7.8 HIGH |
| Malwarebytes Antimalware Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Antimalware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Malwarebytes service. By creating a symbolic link, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22321. | |||||
| CVE-2023-29145 | 1 Malwarebytes | 2 Endpoint Detection And Response, Malwarebytes | 2024-11-26 | N/A | 7.8 HIGH |
| The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file in a debugger. | |||||
| CVE-2023-29147 | 1 Malwarebytes | 2 Endpoint Detection And Response, Malwarebytes | 2024-11-26 | N/A | 5.5 MEDIUM |
| In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier. | |||||
| CVE-2023-27469 | 1 Malwarebytes | 1 Anti-exploit | 2024-11-26 | N/A | 7.1 HIGH |
| Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character. | |||||
| CVE-2024-25089 | 1 Malwarebytes | 1 Binisoft Windows Firewall Control | 2024-08-26 | N/A | 9.8 CRITICAL |
| Malwarebytes Binisoft Windows Firewall Control before 6.9.9.2 allows remote attackers to execute arbitrary code via gRPC named pipes. | |||||
| CVE-2018-5274 | 1 Malwarebytes | 1 Malwarebytes | 2024-08-05 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E024. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). | |||||
| CVE-2018-5271 | 1 Malwarebytes | 1 Malwarebytes | 2024-08-05 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e008. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). | |||||
| CVE-2018-5275 | 1 Malwarebytes | 1 Malwarebytes | 2024-08-05 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E020. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). | |||||
| CVE-2018-5276 | 1 Malwarebytes | 1 Malwarebytes | 2024-08-05 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e018. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). | |||||
| CVE-2018-5272 | 1 Malwarebytes | 1 Malwarebytes | 2024-08-05 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e004. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). | |||||
| CVE-2018-5270 | 1 Malwarebytes | 1 Malwarebytes | 2024-08-05 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e010. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). | |||||
| CVE-2018-5279 | 1 Malwarebytes | 1 Malwarebytes | 2024-08-05 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e02c. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). | |||||
| CVE-2018-5273 | 1 Malwarebytes | 1 Malwarebytes | 2024-08-05 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e014. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). | |||||
| CVE-2018-5278 | 1 Malwarebytes | 1 Malwarebytes | 2024-08-05 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e00c. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). | |||||
| CVE-2018-5277 | 1 Malwarebytes | 1 Malwarebytes | 2024-08-05 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e000. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). | |||||
| CVE-2023-36631 | 1 Malwarebytes | 1 Binisoft Windows Firewall Control | 2024-08-02 | N/A | 7.8 HIGH |
| Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. NOTE: the vendor's perspective is "this is intended behavior as the application can be locked using a password." | |||||
| CVE-2023-28892 | 1 Malwarebytes | 1 Adwcleaner | 2024-03-05 | N/A | 7.8 HIGH |
| Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete operation on C:\AdwCleaner\Logs\AdwCleaner_Debug.log in which the target location is user-controllable, allowing a non-admin user to escalate privileges to SYSTEM via a symbolic link. | |||||
| CVE-2023-26088 | 1 Malwarebytes | 1 Malwarebytes | 2023-03-28 | N/A | 7.8 HIGH |
| In Malwarebytes before 4.5.23, a symbolic link may be used delete any arbitrary file on the system by exploiting the local quarantine system. It can also lead to privilege escalation in certain scenarios. | |||||
| CVE-2022-25150 | 1 Malwarebytes | 1 Binisoft Windows Firewall Control | 2022-02-23 | 4.6 MEDIUM | 7.8 HIGH |
| In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges. | |||||
| CVE-2020-25533 | 1 Malwarebytes | 1 Malwarebytes | 2021-01-26 | 6.9 MEDIUM | 7.0 HIGH |
| An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can construct a situation where the same PID is used for running two different programs at different times, by leveraging a race condition during crafted use of posix_spawn. | |||||