CVE-2018-18058

An issue was discovered in Bitdefender Engines before 7.76662. A vulnerability has been discovered in the iso.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a division-by-zero circumstance. Paired with other vulnerabilities, this can result in...

CVE-2018-18059

Bitdefender Engines prior to 7.76675 contain a vulnerability in the rar.xmd parser caused by insufficient validation of user-supplied data, leading to a read past the end of an allocated buffer. This weakness can contribute to a denial-of-service condition when exploited. Exploitation requires us...

CVE-2018-18059

An issue was discovered in Bitdefender Engines before 7.76675. A vulnerability has been discovered in the rar.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can...

CVE-2018-18060

CVE-2018-18060 affects Bitdefender Engines prior to 7.76808. The vulnerability resides in the dalvik.xmd parser, arising from insufficient validation of user-supplied data, which can cause an out-of-bounds read in the parser and, when paired with other issues, may lead to denial-of-service. Explo...

CVE-2018-18060

An issue was discovered in Bitdefender Engines before 7.76808. A vulnerability has been discovered in the dalvik.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this...

Bitdefender Engines rar.xmd Parser Out-of-Bounds Read Vulnerability

Bitdefender Engines is an antivirus engine from the Romanian company Bitdefender. An out-of-bounds read vulnerability exists in the rar.xmd parser in Bitdefender Engines versions prior to 7.76675, which can be exploited by an attacker to cause a buffer overflow or heap overflow...

Bitdefender Engines dalvik.xmd Parser Buffer Overflow Vulnerability

Bitdefender Engines is an antivirus engine from the Romanian company Bitdefender. An out-of-bounds read vulnerability exists in the dalvik.xmd parser in Bitdefender Engines versions prior to 7.76808, which can be exploited by an attacker to cause a buffer overflow or heap overflow...

Bitdefender Engines iso.xmd Parser Out-of-Bounds Read Vulnerability

Bitdefender Engines is an antivirus engine from the Romanian company Bitdefender. An out-of-bounds read vulnerability exists in the iso.xmd parser in Bitdefender Engines versions prior to 7.76662, which can be exploited by an attacker to cause a buffer overflow or heap overflow...

New GandCrab Decryptor Unlocks Files of Updated Ransomware

Yet another free decryptor is available for GandCrab ransomware victims. The tool, released Tuesday, is the third decryptor update in the past year that thwarts the prolific and fast-evolving GandCrab ransomware. Europol police announced availability of the update, which now unlocks data encrypte...

Bitdefender SafePay exec Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processi...

Bitdefender SafePay openFile Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processi...

Bitdefender SafePay launch Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processi...

PT-2019-18297 · Bitdefender · Bitdefender Safepay

Name of the Vulnerable Software and Affected Versions: Bitdefender SafePay version 23.0.10.34 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

Bitdefender BOX 2 bootstrap download_image command injection vulnerability

Summary An exploitable command injection vulnerability exists in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method /api/downloadimage unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands...

Bitdefender BOX 2 bootstrap update_setup command execution vulnerability

Summary An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method /api/updatesetup does not perform firmware signature checks atomically, leading to an exploitable race condition TOCTTOU that allows arbitrary execution o...

Design/Logic Flaw

Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors...

CVE-2017-8931

Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors...

CVE-2017-8931

The CVE-2017-8931 entry affects the Bitdefender GravityZone VMware appliance prior to version 6.2.1-35, where an attacker could gain root privileges via unspecified vectors. The NVD entry lists a CVSSv3 base score of 9.8 (CRITICAL) with network attack vector and privileges required: none. Connect...

CVE-2017-8931

Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors...

bitdefendermyanmar.com XSS vulnerability

Open Bug Bounty ID: OBB-692606 Description| Value ---|--- Affected Website:| bitdefendermyanmar.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...