These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2023-43688 is a HIGH severity vulnerability in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). There is a Heap buffer overflow in various buffer encryption utilities. The CVSS score for this vulnerability is 7.5.
CVE-2023-43686 is a medium-severity vulnerability (CVSS score of 6.2) affecting Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). The issue occurs when a large number of Firefox preference files cause the parser to ignore other browser configuration files, leading to a denial of service.
CVE-2023-29146 is a vulnerability in Malwarebytes EDR 1.0.11 on Linux. The utility functions used for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value (32-bit). Attackers could create a colliding hash value for two different strings by attaching 4GB of data to a stri [truncated]