Vulnerabilities > Microsoft > Malware Protection Engine > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-14 | CVE-2023-23389 | Unspecified vulnerability in Microsoft Malware Protection Engine 1.1.20000.2 Microsoft Defender Elevation of Privilege Vulnerability | 6.3 |
| 2022-04-15 | CVE-2022-24548 | Unspecified vulnerability in Microsoft Malware Protection Engine Microsoft Defender Denial of Service Vulnerability | 5.5 |
| 2021-06-08 | CVE-2021-31978 | Unspecified vulnerability in Microsoft Malware Protection Engine Microsoft Defender Denial of Service Vulnerability | 5.5 |
| 2017-05-26 | CVE-2017-8542 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 4.3 |
| 2017-05-26 | CVE-2017-8539 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. | 4.3 |
| 2014-06-18 | CVE-2014-2779 | Improper Input Validation vulnerability in Microsoft Malware Protection Engine 1.1.10600.0 mpengine.dll in Microsoft Malware Protection Engine before 1.1.10701.0 allows remote attackers to cause a denial of service (system hang) via a crafted file. | 4.3 |
| 2008-05-13 | CVE-2008-1438 | Resource Management Errors vulnerability in Microsoft products Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (disk space exhaustion) via a file with "crafted data structures" that trigger the creation of large temporary files, a different vulnerability than CVE-2008-1437. | 5.0 |
| 2008-05-13 | CVE-2008-1437 | Resource Management Errors vulnerability in Microsoft products Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (engine hang and restart) via a crafted file, a different vulnerability than CVE-2008-1438. | 5.0 |