threat
engine
.sh
Back
·
··:··
Home
/
Product
/
microsoft windows defender
Product
microsoft windows defender
28 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-36422
< 4.18.23100.2009
Microsoft Windows Defender Elevation of Privilege Vulnerability
7.8
HIGH
CVE-2023-38175
< 1.1.23060.3001
Microsoft Windows Defender Elevation of Privilege Vulnerability
7.8
HIGH
CVE-2021-24092
all versions
Microsoft Defender Elevation of Privilege Vulnerability
7.8
HIGH
CVE-2021-1647
all versions
Microsoft Defender Remote Code Execution Vulnerability
7.8
HIGH
CVE-2020-1461
all versions
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To
7.1
HIGH
CVE-2020-1170
all versions
An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the
7.8
HIGH
CVE-2020-1163
all versions
An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the
7.8
HIGH
CVE-2020-1002
all versions
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To
7.1
HIGH
CVE-2020-0835
all versions
An elevation of privilege vulnerability exists when Windows Defender antimalware platform improperly handles hard links, aka 'Wind
7.8
HIGH
CVE-2019-1255
all versions
A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Servi
7.5
HIGH
CVE-2019-1161
all versions
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. To
7.1
HIGH
CVE-2018-0986
all versions
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially craft
8.8
HIGH
CVE-2017-8558
all versions
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Microsoft Wind
7.8
HIGH
CVE-2017-8542
all versions
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2
5.5
MEDIUM
CVE-2017-8541
all versions
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2
7.8
HIGH
CVE-2017-8540
all versions
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2
7.8
HIGH
CVE-2017-8539
all versions
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2
5.5
MEDIUM
CVE-2017-8538
all versions
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2
7.8
HIGH
CVE-2017-8537
all versions
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2
5.5
MEDIUM
CVE-2017-8536
all versions
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2
5.5
MEDIUM
CVE-2017-8535
all versions
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2
5.5
MEDIUM
CVE-2017-0290
all versions
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2
7.8
HIGH
CVE-2013-3154
all versions
The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pa
CVE-2013-0078
all versions
The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect pathname for MsMpEng.exe, which
CVE-2011-0037
all versions
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defend
CVE-2008-1438
all versions
Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Mic
CVE-2008-1437
all versions
Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Mic
CVE-2006-5270
all versions
Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, Defender, an
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin