CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27469
https://notcve.org/view.php?id=CVE-2023-27469
30 Jun 2023 — Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character. • https://malwarebytes.com • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2014-100039 – Malwarebytes Anti-Exploit 1.03.1.1220/1.04.1.1012 - Out-of-Bounds Read Denial of Service
https://notcve.org/view.php?id=CVE-2014-100039
13 Jan 2015 — mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service (crash) via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. NOTE: some of these details are obtained from third party information. mbae.sys en Malwarebytes Anti-Exploit anterior a 1.05.1.2014 permite a usuarios locales causar una denegación de servicio (caída) a través de un tamaño manipulado en una llamada IOCTL no especificada, lo que provoca una lectura fuera de rang... • https://www.exploit-db.com/exploits/35842 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 4CVE-2014-4936 – Malwarebytes Anti-Malware < 2.0.3 / Anti-Exploit < 1.03.1.1220 - Update Code Execution
https://notcve.org/view.php?id=CVE-2014-4936
16 Dec 2014 — The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute arbitrary code by spoofing the update server and uploading an executable. La funcionalidad de actualización en el consumidor Malwarebytes Anti-Malware (MBAM) anterior a 2.0.3 y el consumidor Malwarebytes Anti-Exploit (MBAE) 1.04.1.1012 y anteriores permiten a atacantes man-in-the-middle ejecutar código arbitrari... • https://packetstorm.news/files/id/130244 • CWE-345: Insufficient Verification of Data Authenticity •