Microsoft: >> Defender For Endpoint Security Vulnerabilities
Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-02-10
Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Linux allows an authorized attacker to deny service locally.
CVSS Score
7.0
EPSS Score
0.0
Published
2025-10-14
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.044
Published
2025-05-15
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
CVSS Score
6.7
EPSS Score
0.01
Published
2025-05-13
Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network.
CVSS Score
6.5
EPSS Score
0.008
Published
2024-12-12
Microsoft Defender for Endpoint on Android Spoofing Vulnerability
CVSS Score
8.1
EPSS Score
0.029
Published
2024-12-12
Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally.
CVSS Score
5.5
EPSS Score
0.004
Published
2024-10-08
Microsoft Defender for Endpoint Protection Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2024-02-13
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.006
Published
2022-09-13
Microsoft Defender for Endpoint Tampering Vulnerability
CVSS Score
6.5
EPSS Score
0.004
Published
2022-07-12
Page 1