Vulnerabilities > Malwarebytes

DATE CVE VULNERABILITY TITLE RISK
2021-01-15 CVE-2020-25533 Race Condition vulnerability in Malwarebytes
An issue was discovered in Malwarebytes before 4.0 on macOS.
6.9
2020-12-22 CVE-2020-28641 Link Following vulnerability in Malwarebytes Endpoint Protection and Malwarebytes
In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system.
local
low complexity
malwarebytes CWE-59
6.6
2020-04-06 CVE-2020-11507 Untrusted Search Path vulnerability in Malwarebytes Adwcleaner 8.0.3
An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0.3 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded.
6.9
2019-12-23 CVE-2019-19929 Untrusted Search Path vulnerability in Malwarebytes Adwcleaner
An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner before 8.0.1 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded by the product.
6.9
2019-06-03 CVE-2019-6739 Improper Input Validation vulnerability in Malwarebytes Antimalware 3.6.1.2711
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Malwarebytes Antimalware 3.6.1.2711.
6.8
2018-03-21 CVE-2016-10717 7PK - Security Features vulnerability in Malwarebytes Anti-Malware 2.2.1
A vulnerability in the encryption and permission implementation of Malwarebytes Anti-Malware consumer version 2.2.1 and prior (fixed in 3.0.4) allows an attacker to take control of the whitelisting feature (exclusions.dat under %SYSTEMDRIVE%\ProgramData) to permit execution of unauthorized applications including malware and malicious websites.
local
low complexity
malwarebytes CWE-254
4.6
2018-01-08 CVE-2018-5279 Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e02c.
local
low complexity
malwarebytes CWE-20
6.1
2018-01-08 CVE-2018-5278 Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e00c.
local
low complexity
malwarebytes CWE-20
6.1
2018-01-08 CVE-2018-5277 Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e000.
local
low complexity
malwarebytes CWE-20
6.1
2018-01-08 CVE-2018-5276 Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e018.
local
low complexity
malwarebytes CWE-20
6.1