Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2025/12/10 9:46 a.m.31 views

CVE-2025-7073 Local Privilege Escalation via Arbitrary File Operation in Bitdefender Total Security

A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory C:\ProgramData\Atc\Feedback without proper symbolic...

8.8CVSS0.0001EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/10 12:0 a.m.6 views

PT-2025-50318

Name of the Vulnerable Software and Affected Versions Bitdefender Total Security version 27.0.46.231 Description A local privilege escalation issue exists in Bitdefender Total Security. A low-privileged attacker can gain elevated privileges due to improper symbolic link validation when...

8.8CVSS6.3AI score0.0001EPSS
Exploits0References6
OSV
OSVadded 2022/11/01 8:15 a.m.1 views

CVE-2022-3369

An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines versions prior to 7.92659. It...

5.5CVSS5.8AI score0.00055EPSS
Exploits0References1
NVD
NVDadded 2022/11/01 8:15 a.m.14 views

CVE-2022-3369

An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines versions prior to 7.92659. It...

8.6CVSS0.00055EPSS
Exploits0References1
CVE
CVEadded 2022/11/01 7:45 a.m.53 views

CVE-2022-3369

CVE-2022-3369 describes an Improper Access Control flaw in the bdservicehost.exe component used by Bitdefender engines on Windows. An attacker can delete privileged registry keys by directing a registry symbolic link to a privileged key, enabling local impact. Affected products include Bitdefende...

8.6CVSS5.8AI score0.00055EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/10/28 1:50 p.m.16 views

CVE-2021-3579 Incorrect Default Permissions vulnerability in bdservicehost.exe and Vulnerability.Scan.exe

Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint...

7.8CVSS7.7AI score0.00083EPSS
Exploits0References2
Rows per page
Query Builder