U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:microsoft:malware_protection_engine:1.1.14306.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 12 matching records.
Displaying matches 1 through 12.
Vuln ID Summary CVSS Severity
CVE-2023-33156

Microsoft Defender Elevation of Privilege Vulnerability

Published: July 11, 2023; 2:15:14 PM -0400
V3.1: 7.0 HIGH
V2.0:(not available)
CVE-2023-24860

Microsoft Defender Denial of Service Vulnerability

Published: April 11, 2023; 5:15:18 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-37971

Microsoft Windows Defender Elevation of Privilege Vulnerability

Published: October 11, 2022; 3:15:12 PM -0400
V3.1: 7.1 HIGH
V2.0:(not available)
CVE-2022-24548

Microsoft Defender Denial of Service Vulnerability

Published: April 15, 2022; 3:15:12 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2021-42298

Microsoft Defender Remote Code Execution Vulnerability

Published: November 09, 2021; 8:19:47 PM -0500
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2021-34471

Microsoft Windows Defender Elevation of Privilege Vulnerability

Published: August 12, 2021; 2:15:08 PM -0400
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-34522

Microsoft Defender Remote Code Execution Vulnerability

Published: July 14, 2021; 2:15:12 PM -0400
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2021-31985

Microsoft Defender Remote Code Execution Vulnerability

Published: June 08, 2021; 7:15:09 PM -0400
V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2021-31978

Microsoft Defender Denial of Service Vulnerability

Published: June 08, 2021; 7:15:09 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-11940

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". This is different than CVE-2017-11937.

Published: December 08, 2017; 9:29:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-11937

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability".

Published: December 07, 2017; 12:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2006-5270

Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, Defender, and Forefront Security, allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file.

Published: February 13, 2007; 3:28:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH