6 matches found
CVE-2022-3369
CVE-2022-3369 describes an Improper Access Control flaw in the bdservicehost.exe component used by Bitdefender engines on Windows. An attacker can delete privileged registry keys by directing a registry symbolic link to a privileged key, enabling local impact. Affected products include Bitdefende...
CVE-2020-8100
CVE-2020-8100 affects Bitdefender Engines (cevakrnl.rv0 module) with an improper input validation vulnerability that can trigger a denial of service when processing a specially crafted sample. Specifically, affected are Bitdefender Engines versions prior to 7.84063. The connected CNVD entry corro...
CVE-2020-8109
The CVE-2020-8109 entry concerns Bitdefender Engines; affected component is the ace.xmd parser. The root cause is insufficient validation of user-supplied data, leading to a write past the end of an allocated buffer. Impact is described as denial-of-service. Affected versions are Bitdefender Engi...
CVE-2020-15731
CVE-2020-15731 affects Bitdefender Engines; the issue arises from improper input validation in the file renaming/recovery code, enabling a crafted file name to cause arbitrary file writes to a hardcoded location. Described as a local privilege escalation (per CVE listing) affecting versions prior...
CVE-2020-8110
CVE-2020-8110 affects Bitdefender Engines version 7.84897 and earlier, with impact described as a denial-of-service stemming from a vulnerability in the ceva_emu.cvd module. The root cause is lack of proper validation of user-supplied data, which can cause a pointer to be fetched from uninitializ...
CVE-2023-3633
The CVE-2023-3633 entry concerns Bitdefender Engines running on Windows and is caused by an out-of-bounds write in the CEVA/Bitdefender engine code, which leads to an engine crash. Affected versions are Bitdefender Engines 7.94791 and lower. The issue is triggered within the engine component (CEV...