Malwarebytes

Malwarebytes

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2023-29144

  • EPSS 0.02%
  • Veröffentlicht 12.12.2025 00:00:00
  • Zuletzt bearbeitet 19.12.2025 20:16:01

Malwarebytes 1.0.14 for Linux doesn't properly compute signatures in some scenarios. This allows a bypass of detection.

6.5

CVE-2023-43687

  • EPSS 0.06%
  • Veröffentlicht 14.08.2025 00:00:00
  • Zuletzt bearbeitet 15.08.2025 17:15:31

An issue was discovered in Malwarebytes before 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). There is a Race condition that leads to code execution because of a lack of locks between file verification and execution.

7.5

CVE-2023-43692

  • EPSS 0.06%
  • Veröffentlicht 14.08.2025 00:00:00
  • Zuletzt bearbeitet 15.08.2025 17:15:31

An issue was discovered in Malwarebytes before 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). Out-of-bound reads in strings detection utilities lead to system crashes.

6.5

CVE-2023-43683

  • EPSS 0.05%
  • Veröffentlicht 14.08.2025 00:00:00
  • Zuletzt bearbeitet 15.08.2025 17:15:30

An issue was discovered in Malwarebytes 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). A Stack buffer out-of-bounds access exists because of an integer underflow when handling newline characters.

5.2

CVE-2023-43694

  • EPSS 0.02%
  • Veröffentlicht 14.08.2025 00:00:00
  • Zuletzt bearbeitet 15.08.2025 13:12:51

An issue was discovered in Malwarebytes 4.6.14.326 and before and 5.1.5.116 and before (and Nebula 2020-10-21 and later). An Out of bounds read in several disassembling utilities causes stability issues and denial of service.

5.5

CVE-2023-29147

  • EPSS 0.01%
  • Veröffentlicht 30.06.2023 21:15:08
  • Zuletzt bearbeitet 26.11.2024 20:15:20

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identi...

7.8

CVE-2023-29145

  • EPSS 0.07%
  • Veröffentlicht 30.06.2023 20:15:09
  • Zuletzt bearbeitet 26.11.2024 21:15:05

The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file i...

7.8

CVE-2023-26088

  • EPSS 0.62%
  • Veröffentlicht 23.03.2023 01:15:12
  • Zuletzt bearbeitet 21.11.2024 07:50:45

In Malwarebytes before 4.5.23, a symbolic link may be used delete any arbitrary file on the system by exploiting the local quarantine system. It can also lead to privilege escalation in certain scenarios.

7

CVE-2020-25533

Exploit
  • EPSS 0.04%
  • Veröffentlicht 15.01.2021 22:15:13
  • Zuletzt bearbeitet 21.11.2024 05:18:05

An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID inst...

7.1

CVE-2020-28641

  • EPSS 0.14%
  • Veröffentlicht 22.12.2020 23:15:12
  • Zuletzt bearbeitet 21.11.2024 05:23:05

In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system.