本ページは microsoft malware_protection_engine に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-45584 | Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network. | [email protected] | 8.1 | 0.04% | 2026-05-20 | 2026-05-20 |
| CVE-2026-41091 KEV | Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally. | [email protected] | 7.8 | 9.47% | 2026-05-20 | 2026-05-20 |
| CVE-2023-33156 | Microsoft Defender Elevation of Privilege Vulnerability | [email protected] | 6.3 | 0.08% | 2023-07-11 | 2024-11-21 |
| CVE-2023-24860 | Microsoft Defender Denial of Service Vulnerability | [email protected] | 7.5 | 4.09% | 2023-04-11 | 2025-02-28 |
| CVE-2023-23389 | Microsoft Defender Elevation of Privilege Vulnerability | [email protected] | 6.3 | 0.40% | 2023-03-14 | 2024-11-21 |
| CVE-2022-37971 | Microsoft Windows Defender Elevation of Privilege Vulnerability | [email protected] | 7.1 | 0.39% | 2022-10-11 | 2025-01-02 |
| CVE-2022-24548 | Microsoft Defender Denial of Service Vulnerability | [email protected] | 5.5 | 4.00% | 2022-04-15 | 2024-11-21 |
| CVE-2021-42298 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 2.27% | 2021-11-10 | 2024-11-21 |
| CVE-2021-34471 | Microsoft Windows Defender Elevation of Privilege Vulnerability | [email protected] | 7.8 | 0.25% | 2021-08-12 | 2024-11-21 |
| CVE-2021-34464 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 5.07% | 2021-07-16 | 2024-11-21 |
| CVE-2021-34522 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 5.07% | 2021-07-14 | 2024-11-21 |
| CVE-2021-31985 | Microsoft Defender Remote Code Execution Vulnerability | [email protected] | 7.8 | 10.83% | 2021-06-08 | 2024-11-21 |
| CVE-2021-31978 | Microsoft Defender Denial of Service Vulnerability | [email protected] | 5.5 | 0.62% | 2021-06-08 | 2024-11-21 |
| CVE-2017-11940 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". This is different than CVE-2017-11937. | [email protected] | 7.8 | 32.41% | 2017-12-08 | 2026-05-13 |
| CVE-2017-11937 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". | [email protected] | 7.8 | 33.43% | 2017-12-07 | 2026-05-13 |
| CVE-2017-8542 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerabil | [email protected] | 5.5 | 19.18% | 2017-05-26 | 2026-05-13 |
| CVE-2017-8541 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulner | [email protected] | 7.8 | 64.20% | 2017-05-26 | 2026-05-13 |
| CVE-2017-8540 KEV | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulner | [email protected] | 7.8 | 79.43% | 2017-05-26 | 2026-04-22 |
| CVE-2017-8539 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to denial of service. aka "Microsoft Malware Protection Engine Denial of Service Vulnerability", a different vulnerabil | [email protected] | 5.5 | 19.18% | 2017-05-26 | 2026-05-13 |
| CVE-2017-8538 | The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to memory corruption. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability", a different vulner | [email protected] | 7.8 | 62.58% | 2017-05-26 | 2026-05-13 |