106 matches found
CVE-2023-6057 Insecure Trust of DSA-Signed Certificates in Bitdefender Total Security HTTPS Scanning (VA-11166)
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. The product does not properly check the certificate chain, allowing an attacker to establish MITM SSL...
CVE-2023-6056 Insecure Trust of Self-Signed Certificates in Bitdefender Total Security HTTPS Scanning (VA-11164)
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to...
CVE-2023-6056 Insecure Trust of Self-Signed Certificates in Bitdefender Total Security HTTPS Scanning (VA-11164)
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to...
CVE-2023-6055 Improper Certificate Validation in Bitdefender Total Security HTTPS Scanning (VA-11158)
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage extension, the product...
CVE-2023-6055 Improper Certificate Validation in Bitdefender Total Security HTTPS Scanning (VA-11158)
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage extension, the product...
CVE-2023-6055
CVE-2023-6055 describes a certificate validation flaw in Bitdefender Total Security’s HTTPS scanning. The vulnerability occurs when the site certificate lacks the Extended Key Usage spec for Server Authentication; the product may consider such certificates valid and proceed with TLS interception,...
PT-2024-14868 · Bitdefender · Bitdefender Total Security
Name of the Vulnerable Software and Affected Versions: Bitdefender Total Security affected versions not specified Description: A vulnerability has been discovered in Bitdefender Total Security's HTTPS scanning functionality, resulting in the improper trust of certificates issued using the DSA...
Bitdefender Total Security 信任管理问题漏洞
Bitdefender Total Security is a proactive threat protection software for PCs from the Romanian company Bitdefender. The software features antivirus, firewall, anti-spyware, privacy control, and parental control. It also includes features such as System TuneUp. A trust management issue vulnerabili...
Bitdefender Total Security 信任管理问题漏洞
Bitdefender Total Security is a proactive threat protection software for PCs from the Romanian company Bitdefender. The software features antivirus, firewall, anti-spyware, privacy control, and parental control. It also includes features such as System TuneUp. A trust management issue vulnerabili...
PT-2024-13750 · Bitdefender · Bitdefender Total Security
Name of the Vulnerable Software and Affected Versions: Bitdefender Total Security versions prior to the latest version Description: A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't...
Bitdefender Total Security 信任管理问题漏洞
Bitdefender Total Security is a proactive threat protection software for PCs from the Romanian company Bitdefender. The software features antivirus, firewall, anti-spyware, privacy control, and parental control. It also includes features such as System TuneUp. A trust management issue vulnerabili...
Bitdefender Total Security 信任管理问题漏洞
Bitdefender Total Security is a proactive threat protection software for PCs from the Romanian company Bitdefender. The software features antivirus, firewall, anti-spyware, privacy control, and parental control. It also includes features such as System TuneUp. A trust management issue vulnerabili...
Bitdefender Total Security 信任管理问题漏洞
Bitdefender Total Security is a proactive threat protection software for PCs from the Romanian company Bitdefender. The software features antivirus, firewall, anti-spyware, privacy control, and parental control. It also includes features such as System TuneUp. A trust management issue vulnerabili...
PT-2024-13748 · Bitdefender · Bitdefender Total Security
Name of the Vulnerable Software and Affected Versions: Bitdefender Total Security affected versions not specified Description: A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate. This allow...
CVE-2023-6154
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. This...
Vulnerability fixed in BitDefender
BitDefender has fixed a vulnerability in Bitdefender Total Security, Bitdefender Internet Security and Bitdefender Antivirus Plus. A malicious person could exploit the vulnerability to grant themselves granted elevated privileges and potentially execute arbitrary code execute arbitrary code with...
Path traversal
Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to...
CVE-2022-0357 Improper Quoting Path Issue in Bitdefender Total Security
Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to...
Bitdefender Total Security 代码问题漏洞
Bitdefender Total Security is an active threat protection software for PCs from the Romanian company Bitdefender. The program has antivirus, firewall, anti-spyware, privacy control and parental control features. It also includes features such as System TuneUp. A code issue vulnerability exists in...
CVE-2022-3369
An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines versions prior to 7.92659. It...