8 matches found
CVE-2021-4198
CVE-2021-4198 is a NULL pointer dereference in Bitdefender’s messaging_ipc.dll affecting multiple Bitdefender products. Affected versions include Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, and VPN Standalone, with vulnerable build dates prior to 26.0.3.29 (and End...
CVE-2021-4199
CVE-2021-4199 is a local privilege-escalation flaw in Bitdefender products where BDReinit.exe’s crash-handling component suffers incorrect permission assignment for a critical resource, enabling a local attacker to escalate to SYSTEM. Affected are Bitdefender Total Security, Internet Security, An...
CVE-2020-8107
The CVE-2020-8107 entry concerns a vulnerability in Bitdefender Antivirus Plus (ProductAgentUI.exe) where a specially crafted DLL can tamper with product settings. Affected products are Bitdefender Antivirus Plus, Internet Security, and Total Security with versions prior to 24.0.26.136. The root ...
CVE-2007-5775
CVE-2007-5775 affects BitDefender Online Scanner ActiveX controls (OScan.ocx / OScan8.ocx). The vulnerability is a buffer overflow in the ActiveX control’s InitX/InitX-like handling and related Unicode processing, caused by improper validation and a double Unicode decoding, enabling a remote atta...
CVE-2022-0357
CVE-2022-0357 is an Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Internet Security, and Antivirus Plus. The issue allows local privilege escalation to SYSTEM. Affected products/versions are Bitdefender Total Security, Internet Se...
CVE-2020-15732
CVE-2020-15732 is an improper certificate validation vulnerability in the Online Threat Prevention module used by several Bitdefender products (Total Security, Internet Security, Antivirus Plus). The issue potentially allows bypassing HTTP Strict Transport Security (HSTS) checks. Affected version...
CVE-2019-14242
CVE-2019-14242 affects Bitdefender products for Windows (Bitdefender Endpoint Security Tool < 6.6.8.115; Bitdefender Antivirus Plus/Internet Security/Total Security
CVE-2025-7073
CVE-2025-7073 affects Bitdefender Total Security 27.0.46.231. The local privilege escalation stems from bdservicehost.exe deleting files in a user-writable directory (C:\ProgramData\Atc\Feedback) without proper symbolic-link validation. The issue is described as being chained with a file copy ope...