Lucene search
K
MicrosoftMalware Protection Engine*

10 matches found

CVE
CVE
added 2023/07/11 5:3 p.m.351 views

CVE-2023-33156

The connected Nessus entry details a local elevation of privilege vulnerability in Microsoft Defender’s Malware Protection Engine, affecting installations prior to version 1.1.23050.3. The CVE is CVE-2023-33156. If exploited, this could allow privilege elevation on affected Windows hosts. The rem...

7CVSS6.6AI score0.00268EPSS
CVE
CVE
added 2022/04/15 7:4 p.m.322 views

CVE-2022-24548

CVE-2022-24548 is a Microsoft Defender Denial of Service vulnerability. It affects the Malware Protection Engine in Windows Defender (remote/ local context) and is tied to versions equal to or prior to 1.1.19100.5. The underlying cause, as described in multiple sources, is a flaw in how the produ...

5.5CVSS5.7AI score0.02713EPSS
CVE
CVE
added 2021/11/10 12:47 a.m.320 views

CVE-2021-42298

CVE-2021-42298 : Microsoft Defender Remote Code Execution vulnerability affecting the Microsoft Defender/Malware Protection Engine. Exploitation can be initiated remotely without authentication, but requires user interaction for success. Some sources note a lack of public technical details or exp...

9.3CVSS7.9AI score0.05482EPSS
In wild
CVE
CVE
added 2023/04/11 7:13 p.m.285 views

CVE-2023-24860

CVE-2023-24860 describes a Denial-of-Service vulnerability in Microsoft Defender. The CVE affects the Microsoft Malware Protection Engine used by Windows Defender, with CVSS v3.1 metrics: Network attack vector, no user interaction, no privileges required, and an availability impact of High. The r...

7.5CVSS7.5AI score0.03049EPSS
CVE
CVE
added 2021/06/08 10:46 p.m.129 views

CVE-2021-31985

CVE-2021-31985 – Microsoft Defender Remote Code Execution Vulnerability. The connected documents confirm this is a vulnerability in the Microsoft Defender/Malware Protection Engine with remote code execution potential. Patches were released as part of Microsoft’s June 2021 updates (MSRC guidance ...

8.8CVSS7.7AI score0.07764EPSS
CVE
CVE
added 2022/10/11 12:0 a.m.127 views

CVE-2022-37971

CVE-2022-37971 is a Windows Defender elevation-of-privilege vulnerability in the Malware Protection Engine. It allows a local attacker with low privileges and no user interaction to potentially obtain SYSTEM-level privileges on the host. The CVSSv3.1 score is 7.1 (LP: local, IL: high, AI: high). ...

7.1CVSS7AI score0.00613EPSS
CVE
CVE
added 2021/07/14 5:54 p.m.126 views

CVE-2021-34522

CVE-2021-34522 is a Microsoft Defender vulnerability in the Microsoft Malware Protection Engine used by Windows Defender. Reports describe it as a Remote Code Execution issue with a local attack vector and high impact on confidentiality, integrity, and availability. Exploitation is conditioned on...

9.3CVSS7.9AI score0.02546EPSS
CVE
CVE
added 2021/08/12 6:11 p.m.121 views

CVE-2021-34471

CVE-2021-34471 is described across connected sources as a local privilege-escalation vulnerability in Microsoft Defender’s Malware Protection Engine (MPE)/Windows Defender. Some documents (e.g., NASL plugin) reference an affected MPE version prior to 1.1.18400.4 and cite insufficient access contr...

7.8CVSS7.5AI score0.0044EPSS
CVE
CVE
added 2021/06/08 10:46 p.m.113 views

CVE-2021-31978

CVE-2021-31978 is a Denial of Service vulnerability in the Microsoft Defender Malware Protection Engine (Windows Defender) used by Microsoft Defender/Exchange of System Center products. The issue affects the Malware Protection Engine and can impact availability; exploitation is local and, per the...

5.5CVSS5.6AI score0.01225EPSS
CVE
CVE
added 2007/02/13 8:0 p.m.61 views

CVE-2006-5270

The CVE-2006-5270 issue is a remote code execution vulnerability in the Microsoft Malware Protection Engine (mpengine.dll) caused by an integer overflow when parsing PDF files. Affected products include Windows Live OneCare, Microsoft Antigen (Exchange 9.x and SMTP Gateway 9.x), Windows Defender ...

9.3CVSS7.6AI score0.3008EPSS