CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25089
https://notcve.org/view.php?id=CVE-2024-25089
Malwarebytes Binisoft Windows Firewall Control before 6.9.9.2 allows remote attackers to execute arbitrary code via gRPC named pipes. Malwarebytes Binisoft Windows Firewall Control anterior a 6.9.9.2 permite a atacantes remotos ejecutar código arbitrario a través de canalizaciones con nombre gRPC. • https://hackerone.com/reports/2300061 https://www.binisoft.org/changelog.txt • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-29147
https://notcve.org/view.php?id=CVE-2023-29147
In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier. • https://malwarebytes.com https://www.malwarebytes.com/secure/cves/cve-2023-29147 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27469
https://notcve.org/view.php?id=CVE-2023-27469
Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character. • https://malwarebytes.com https://www.malwarebytes.com/secure/cves/cve-2023-27469 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-29145
https://notcve.org/view.php?id=CVE-2023-29145
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file in a debugger. • https://malwarebytes.com https://www.malwarebytes.com/secure/cves/cve-2023-29145 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36631
https://notcve.org/view.php?id=CVE-2023-36631
Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. NOTE: the vendor's perspective is "this is intended behavior as the application can be locked using a password." • https://hackerone.com/reports/2000375 https://www.bencteux.fr/posts/malwarebytes_wfc •