Lucene search
K
BitdefenderInternet Security

11 matches found

CVE
CVE
added 2022/03/07 11:30 a.m.115 views

CVE-2021-4198

CVE-2021-4198 is a NULL pointer dereference in Bitdefender’s messaging_ipc.dll affecting multiple Bitdefender products. Affected versions include Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, and VPN Standalone, with vulnerable build dates prior to 26.0.3.29 (and End...

6.1CVSS6.1AI score0.00557EPSS
CVE
CVE
added 2022/03/07 11:35 a.m.91 views

CVE-2021-4199

CVE-2021-4199 is a local privilege-escalation flaw in Bitdefender products where BDReinit.exe’s crash-handling component suffers incorrect permission assignment for a critical resource, enabling a local attacker to escalate to SYSTEM. Affected are Bitdefender Total Security, Internet Security, An...

7.8CVSS7.7AI score0.00758EPSS
CVE
CVE
added 2022/02/18 8:20 a.m.66 views

CVE-2020-8107

The CVE-2020-8107 entry concerns a vulnerability in Bitdefender Antivirus Plus (ProductAgentUI.exe) where a specially crafted DLL can tamper with product settings. Affected products are Bitdefender Antivirus Plus, Internet Security, and Total Security with versions prior to 24.0.26.136. The root ...

8.2CVSS7.6AI score0.00319EPSS
CVE
CVE
added 2024/04/01 10:6 a.m.65 views

CVE-2023-6154

CVE-2023-6154 affects Bitdefender Total Security, Internet Security, Antivirus Plus, and Antivirus Free (all reported as 27.0.25.114). Root cause: a configuration setting issue in seccenter.exe that allows an attacker to change the product’s expected behavior and potentially load a third‑party li...

7.8CVSS7.6AI score0.002EPSS
CVE
CVE
added 2007/11/01 4:4 p.m.63 views

CVE-2007-5775

CVE-2007-5775 affects BitDefender Online Scanner ActiveX controls (OScan.ocx / OScan8.ocx). The vulnerability is a buffer overflow in the ActiveX control’s InitX/InitX-like handling and related Unicode processing, caused by improper validation and a double Unicode decoding, enabling a remote atta...

9.8CVSS7.5AI score0.26909EPSS
CVE
CVE
added 2009/03/09 5:0 p.m.58 views

CVE-2009-0850

BitDefender Internet Security 2009 is vulnerable to a cross-site scripting (XSS) flaw in the way it handles filenames inside virus-infected archive files (RAR/ZIP). This user-assisted exploit can inject arbitrary web script or HTML via the archive filename, as described for CVE-2009-0850. The vul...

4.3CVSS5.7AI score0.29955EPSS
CVE
CVE
added 2017/03/21 4:0 p.m.55 views

CVE-2017-6186

Bitdefender products Bitdefender Total Security 12.0 and earlier, Bitdefender Internet Security 12.0 and earlier, and Bitdefender Antivirus Plus 12.0 and earlier are listed as vulnerable to a local code-injection attack (CVE-2017-6186) via a DoubleAgent technique. The root cause described across ...

7.2CVSS6.5AI score0.00752EPSS
CVE
CVE
added 2023/05/24 7:53 a.m.55 views

CVE-2022-0357

CVE-2022-0357 is an Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Internet Security, and Antivirus Plus. The issue allows local privilege escalation to SYSTEM. Affected products/versions are Bitdefender Total Security, Internet Se...

7.8CVSS6.9AI score0.00188EPSS
CVE
CVE
added 2021/06/22 2:50 p.m.49 views

CVE-2020-15732

CVE-2020-15732 is an improper certificate validation vulnerability in the Online Threat Prevention module used by several Bitdefender products (Total Security, Internet Security, Antivirus Plus). The issue potentially allows bypassing HTTP Strict Transport Security (HSTS) checks. Affected version...

7.5CVSS7.4AI score0.00537EPSS
CVE
CVE
added 2019/07/30 5:47 p.m.47 views

CVE-2019-14242

CVE-2019-14242 affects Bitdefender products for Windows (Bitdefender Endpoint Security Tool < 6.6.8.115; Bitdefender Antivirus Plus/Internet Security/Total Security

7.2CVSS6.6AI score0.00554EPSS
CVE
CVE
added 2025/12/10 9:46 a.m.18 views

CVE-2025-7073

CVE-2025-7073 affects Bitdefender Total Security 27.0.46.231. The local privilege escalation stems from bdservicehost.exe deleting files in a user-writable directory (C:\ProgramData\Atc\Feedback) without proper symbolic-link validation. The issue is described as being chained with a file copy ope...

8.8CVSS6.4AI score0.0014EPSS