Lucene search
K

8 matches found

CVE
CVE
added 2023/08/08 5:8 p.m.452 views

CVE-2023-38175

Technical details about CVE-2023-38175 are not public in the provided documents; no specifics on affected products/versions/root cause/fixes are included here. Monitor for updates.

7.8CVSS7.7AI score0.00555EPSS
CVE
CVE
added 2023/11/14 5:57 p.m.153 views

CVE-2023-36422

CVE-2023-36422 is a Windows Defender elevation-of-privilege vulnerability. Multiple sources associate it with privilege escalation via insufficient access control in Windows Defender, enabling a local attacker with low privileges and no user interaction to gain total compromise. Public details po...

7.8CVSS7.7AI score0.00805EPSS
CVE
CVE
added 2008/05/13 10:0 p.m.71 views

CVE-2008-1437

CVE-2008-1437 affects the Microsoft Malware Protection Engine (mpengine.dll) versions 1.1.3520.0 and 0.1.13.192 used in multiple Microsoft products. The vulnerability stems from the engine’s parsing of specially crafted files, involving improper validation during processing, which can cause the e...

5CVSS6AI score0.12938EPSS
CVE
CVE
added 2013/07/10 1:0 a.m.65 views

CVE-2013-3154

CVE-2013-3154 affects Windows Defender on Windows 7 and Windows Server 2008 R2. The issue is caused by an incorrect pathname used by the signature-update functionality, enabling local users to gain privileges via a Trojan horse in the %SYSTEMDRIVE% top-level directory. A successful exploit allows...

6.9CVSS6.4AI score0.01765EPSS
CVE
CVE
added 2007/02/13 8:0 p.m.62 views

CVE-2006-5270

The CVE-2006-5270 issue is a remote code execution vulnerability in the Microsoft Malware Protection Engine (mpengine.dll) caused by an integer overflow when parsing PDF files. Affected products include Windows Live OneCare, Microsoft Antigen (Exchange 9.x and SMTP Gateway 9.x), Windows Defender ...

9.3CVSS7.6AI score0.3008EPSS
CVE
CVE
added 2008/05/13 10:0 p.m.56 views

CVE-2008-1438

CVE-2008-1438 concerns the Microsoft Malware Protection Engine (mpengine.dll) (versions 1.1.3520.0 and 0.1.13.192) used in multiple Microsoft products. A denial-of-service exists when parsing certain files with “crafted data structures,” causing disk-space exhaustion and automatic engine restart....

5CVSS6AI score0.12938EPSS
CVE
CVE
added 2013/04/09 10:0 p.m.56 views

CVE-2013-0078

CVE-2013-0078 affects the Microsoft Antimalware Client on Windows 8 and Windows RT, where MsMpEng.exe is referenced with an incorrect pathname. This improper pathname handling can allow a local user to gain privileges via a crafted application, constituting a local privilege-escalation vulnerabil...

7.2CVSS6.5AI score0.01806EPSS
CVE
CVE
added 2011/02/25 5:0 p.m.55 views

CVE-2011-0037

CVE-2011-0037 affects Microsoft Malware Protection Engine (MMPE) prior to 1.1.6603.0, used in MSRT, Windows Defender, Security Essentials, Forefront products, and related tools. The vulnerability allows local privilege escalation through a crafted value of an unspecified user registry key. The do...

7.2CVSS6.6AI score0.01781EPSS