227 matches found
Windows Defender <= 1.1.26050.11 Elevation of Privilege (RoguePlanet) (CVE-2026-50656)
The Malware Protection Engine version of Microsoft Windows Defender installed on the remote Windows host is prior to or equal to 1.1.26050.11. It is, therefore, affected by an elevation of privilege vulnerability: - Improper link resolution before file access 'link following' in Microsoft Defende...
Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges
Microsoft has released security updates for a Defender vulnerability known as RoguePlanet, nearly a month after details of the flaw became public. The vulnerability, tracked as CVE-2026-50656 CVSS score: 7.8, is a privilege escalation issue in the Microsoft Malware Protection Engine "mpengine.dll...
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed RoguePlanet. The vulnerability has now been assigned the CVE identifier CVE-2026-50656 CVSS score: 7.8, with the tech giant describing it as a privilege escalation flaw. "Microsoft is...
CVE-2026-50656
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet "...
CVE-2026-50656
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet "...
Microsoft Defender Elevation of Privilege Vulnerability
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet "...
KLA91102 PE vulnerability in Microsoft System Center
Privilege escalation vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-50656 Exploitation Public exploits exist for this vulnerability. CVE list CVE-2026-50656 high KB list Solution Install necessary...
Security Update for Windows Defender (May 2026) (CVE-2026-41091)
The Malware Protection Engine version of Microsoft Windows Defender installed on the remote Windows host is prior to 1.1.26040.8. It is, therefore, affected by a privilege escalation vulnerability: - Improper link resolution before file access 'link following' in Microsoft Defender allows an...
📄 Microsoft Malware Protection Engine Type Confusion
Microsoft Malware Protection Engine type confusion vulnerability proof of concept exploit for an older vulnerability from 2017. ================================================================================================================================== | Title : Microsoft Malware Protection...
EUVD-2017-17487
Malware in sbrugna...
EUVD-2011-0063
Malware in sbrugna...
EUVD-2017-17485
Malware in sbrugna...
EUVD-2023-28023
Malicious code in bioql PyPI...
CVE-2013-1346
mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted file...
CVE-2024-29183
OpenRASP is a RASP solution that directly integrates its protection engine into the application server by instrumentation. There exists a reflected XSS in the /login page due to a reflection of the redirect parameter. This allows an attacker to execute arbitrary javascript with the permissions of...
Microsoft Security Essentials DoS Vulnerability (Dec 2023)
This host is missing a critical security update according to Microsoft Security Updates released for Microsoft Security Essentials Protection Engine dated 13-12-2023 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...
Security Updates for Windows Defender (November 2023)
The Malware Protection Engine version of Microsoft Windows Defender installed on the remote Windows host is prior to 4.18.23100.2009. It is, therefore, affected by a privilege escalation vulnerability. An authenticated attacker can exploit this to gain elevated privileges. Note that Nessus has no...
CVE-2023-23958
Symantec Protection Engine, prior to 9.1.0, may be susceptible to a Hash Leak vulnerability...
CVE-2023-23958
Symantec Protection Engine, prior to 9.1.0, may be susceptible to a Hash Leak vulnerability...
Memory corruption
Symantec Protection Engine, prior to 9.1.0, may be susceptible to a Hash Leak vulnerability...