Vulnerabilities > Malwarebytes > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-30 | CVE-2023-27469 | Unspecified vulnerability in Malwarebytes Anti-Exploit Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character. | 7.1 |
| 2023-06-30 | CVE-2023-29145 | Unspecified vulnerability in Malwarebytes Endpoint Detection and Response and Malwarebytes The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. | 7.8 |
| 2023-06-26 | CVE-2023-36631 | Unspecified vulnerability in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. | 7.8 |
| 2023-03-29 | CVE-2023-28892 | Link Following vulnerability in Malwarebytes Adwcleaner Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete operation on C:\AdwCleaner\Logs\AdwCleaner_Debug.log in which the target location is user-controllable, allowing a non-admin user to escalate privileges to SYSTEM via a symbolic link. | 7.8 |
| 2023-03-23 | CVE-2023-26088 | Link Following vulnerability in Malwarebytes In Malwarebytes before 4.5.23, a symbolic link may be used delete any arbitrary file on the system by exploiting the local quarantine system. | 7.8 |
| 2022-02-14 | CVE-2022-25150 | Improper Privilege Management vulnerability in Malwarebytes Binisoft Windows Firewall Control In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges. | 7.8 |
| 2021-01-15 | CVE-2020-25533 | Race Condition vulnerability in Malwarebytes An issue was discovered in Malwarebytes before 4.0 on macOS. | 7.0 |
| 2020-12-22 | CVE-2020-28641 | Link Following vulnerability in Malwarebytes Endpoint Protection and Malwarebytes In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system. | 7.1 |
| 2020-04-06 | CVE-2020-11507 | Untrusted Search Path vulnerability in Malwarebytes Adwcleaner 8.0.3 An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0.3 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded. | 7.8 |
| 2019-12-23 | CVE-2019-19929 | Untrusted Search Path vulnerability in Malwarebytes Adwcleaner An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner before 8.0.1 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded by the product. | 7.8 |